Security Affairs newsletter Round 405 by Pierluigi Paganini

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

If you want to also receive for free the newsletter with the international press subscribe here.

CISA adds Oracle, SugarCRM bugs to its Known Exploited Vulnerabilities CatalogGoAnywhere MFT zero-day flaw actively exploitedCERT-FR warns of a new wave of ransomware attacks targeting VMware ESXi serversTallahassee Memorial HealthCare, Florida, has taken IT systems offline after cyberattackExploitation attempts for Oracle E-Business Suite flaw observed after PoC releaseVMware Workstation update fixes an arbitrary file deletion bugAtlassian fixed critical authentication vulnerability in Jira SoftwareRussia-linked Gamaredon APT targets Ukrainian authorities with new malwareCisco fixed command injection bug in IOx Application Hosting EnvironmentAPI management (APIM): What It Is and Where It’s GoingA High-severity bug in F5 BIG-IP can lead to code execution and DoSExperts warn of two flaws in popular open-source software ImageMagickOver 30k Internet-Exposed QNAP NAS hosts impacted by CVE-2022-27596 flawPro-Russia Killnet group hit Dutch and European hospitalsNew Prilex PoS Malware evolves to target NFC-enabled credit cardsNew LockBit Green ransomware variant borrows code from Conti ransomwareNevada Ransomware Has Released Upgraded LockerTrickGate, a packer used by malware to evade detection since 2016IT Army of Ukraine gained access to a 1.5GB archive from GazpromExperts released VMware vRealize Log RCE exploit for CVE-2022-31706GitHub to revoke stolen code signing certificates for GitHub Desktop and AtomPro-Palestine hackers threaten Israeli chemical companiesPro-Russia group Killnet targets US healthcare with DDoS attacksQNAP addresses a critical flaw impacting its NAS devicesJD Sports discloses a data breach impacting 10 million customersResearcher received a $27,000 bounty for 2FA bypass bug in Facebook and InstagramSandworm APT group hit Ukrainian news agency with five data wipersUNC2565 threat actors continue to improve the GOOTLOADER malwareAlleged member of ShinyHunters group extradited to the US, could face 116 years in jailPro-Russia group Killnet targets Germany due to its support to UkraineWatch out! Experts plans to release VMware vRealize Log RCE exploit next week

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)
The post Security Affairs newsletter Round 405 by Pierluigi Paganini appeared first on Security Affairs.