Security Affairs newsletter Round 398 by Pierluigi Paganini

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

If you want to also receive for free the newsletter with the international press subscribe here.

Samba addressed multiple high-severity vulnerabilitiesFormer Twitter employee sentenced to 3.5 years in jail for spying on behalf of Saudi ArabiaSocial Blade discloses security breachData of 5.7M Gemini users available for sale on hacking forumsDecember 16, 2022  By Pierluigi Paganini   Posted In  Breaking News  Cyber Crime  Data Breach  Hacking CISA adds Veeam Backup and Replication bugs to Known Exploited Vulnerabilities CatalogMCCrash botnet targets private Minecraft servers, Microsoft warnsMicrosoft revised CVE-2022-37958 severity due to its broader scopeChinese MirrorFace APT group targets Japanese political entitiesDatabase of the FBI’s InfraGard US Critical Infrastructure Intelligence portal available for saleFBI seized 48 domains linked to DDoS-for-Hire service platformsCrooks use HTML smuggling to spread QBot malware via SVG filesGoTrim botnet actively brute forces WordPress and OpenCart sitesDecember 2022 Patch Tuesday fixed 2 zero-day flawsApple fixed the tenth actively exploited zero-day this year3.5m IP cameras exposed, with US in the leadVMware fixed critical VM Escape bug demonstrated at Geekpwn hacking contestCitrix and NSA urge admins to fix actively exploited zero-day in Citrix ADC and GatewayLockbit ransomware gang hacked California Department of FinanceExperts detailed a previously undetected VMware ESXi backdoorTwitter says recently leaked user data are from 2021 breachFortinet urges customers to fix actively exploited FortiOS SSL-VPN bugIndian foreign ministry’s Global Pravasi Rishta portal leaks expat passport detailsCryptomining campaign targets Linux systems with Go-based CHAOS MalwareEvilnum group targets legal entities with a new Janicab variantTrueBot infections were observed in Clop ransomware attacksPwn2Own Toronto 2022 Day 4: $989K awarded for 63 unique zero-daysMuddyWater APT group is back with updated TTPsFollow me on Twitter: @securityaffairs and Facebook and Mastodon

try {
window._mNHandle.queue.push(function (){
window._mNDetails.loadTag(“816788371”, “300×250”, “816788371”);
});
}
catch (error) {}

try {
window._mNHandle.queue.push(function (){
window._mNDetails.loadTag(“816788371”, “300×250”, “816788371”);
});
}
catch (error) {}
Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

The post Security Affairs newsletter Round 398 by Pierluigi Paganini appeared first on Security Affairs.