Security Affairs newsletter Round 410 by Pierluigi Paganini

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

If you want to also receive for free the newsletter with the international press subscribe here.

 PlugX malware delivered by exploiting flaws in Chinese programsPrometei botnet evolves and infected +10,000 systems since November 2022CISA adds VMware’s Cloud Foundation bug to Known Exploited Vulnerabilities CatalogLaw enforcement seized the website selling the NetWire RAT and arrested a Croatian manLatest version of Xenomorph Android malware targets 400 banksAT&T is notifying millions of customers of data breach after a third-party vendor hackBMW exposes data of clients in Italy, experts warnAkamai mitigated a record-breaking DDoS attack that peaked 900GbpsSonicWall SMA appliance infected by a custom malware allegedly developed by Chinese hackersRecently discovered IceFire Ransomware now also targets Linux systems8220 Gang used new ScrubCrypt crypter in recent cryptojacking attacksCloudBees flaws in Jenkins server can lead to code executionA critical flaw affects Fortinet FortiOS and FortiProxy, patch it now!Veeam warns to install patches to fix a bug in its Backup & Replication productNorth Korea-linked Lazarus APT used a 0-day in a recent attackCISA adds three new bugs to Known Exploited Vulnerabilities CatalogChina-linked APT Sharp Panda targets government entities in Southeast AsiaVMware NSX Manager bugs actively exploited in the wild sinceSYS01 stealer targets critical government infrastructureAcer discloses a new data breach, 160 GB of sensitive data available for saleExpert released PoC exploit code for critical Microsoft Word RCE flawLastPass hack caused by an unpatched Plex software on an employee’s PCRansom House ransomware attack hit Hospital Clinic de BarcelonaEuropean police dismantled the DoppelPaymer ransomware gangUS government orders States to conduct cyber security audits of public water systemsHatch Bank data breach caused by the exploitation of the GoAnywhere MFT zero-dayColour-Blind, a fully featured info stealer and RAT in PyPICredential Stuffing attack on Chick-fil-A impacted +71K usersPlay Ransomware gang has begun to leak data stolen from City of OaklandFollow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)
The post Security Affairs newsletter Round 410 by Pierluigi Paganini appeared first on Security Affairs.