Security Affairs newsletter Round 141 – News of the week

A new round of the weekly SecurityAffairs newsletter arrived!

The best news of the week with Security Affairs.

Once again thank you!

·      National Institute of Standards and Technology releases a second Draft of the NIST Cybersecurity Framework
·      Security Affairs newsletter Round 140 – News of the week
·      Severe flaws in most popular programming languages could expose to hack any secure application built on top of them
·      10 Biggest Cyber Espionage Cases
·      Dark Web – The median price range for Android ransomware kits hits $200
·      Microsoft accidentally exposed Dynamics 365 TLS certificates exposing sandbox environments to MiTM attacks
·      MoneyTaker group: Group-IB uncovered a cyber gang attacking banks in the USA and Russia
·      Vietnamese hacker stole security details and building plans from an Australian airport
·      A collection of 1.4 Billion Plain-Text leaked credentials is available online
·      Google Project Zero white hacker reveals Apple jailbreak exploit
·      Smart Shield Detector allows thieves to discover if the ATM is protected by anti-skimming technology
·      The OceanLotus MacOS Backdoor Transforms into HiddenLotus with a Slick UNICODE Trick
·      A banking Trojan targeting the Polish banks was found in Google Play
·      Adobe Patch Tuesday only addressed a moderate severity regression issue affecting Flash Player
·      December Microsoft Patch Tuesday addresses 19 Critical browser issues
·      ISIS & Al Qaeda: What’s Coming Down the Line for the U.S. in 2018
·      ROBOT Attack: RSA TLS crypto attack worked against Facebook, PayPal, and tens of 100 top domains
·      Experts disclosed an unpatched zero-day vulnerability in the firmware of AT&T DirecTV WVB kit
·      FortiClient improper access control exposes users VPN credentials
·      New Triton malware detected in attacks against a Critical Infrastructure operator
·      Trump signed a bill prohibiting the use of Kaspersky Lab product and services
·      US DoJ charges 3 Men with developing and running the Mirai Botnet
·      Avast releases open sources Machine-Code Decompiler (RetDec) to fight malware
·      Germany – Court rules against foreign intelligence agency (BND) surveillance
·      Lazarus APT Group targets a London cryptocurrency company
·      The cybersecurity firm Fox-IT disclosed a security breach that affected its infrastructure
·      US Military wants cyber warriors along with soldiers on the Battlefield
·      19 Million California Voter records held for ransom attack on a MongoDB instance
·      Pre-Installed Keeper Password Manager on Windows 10 exposes systems to passwords stealing
·      Triton malware was developed by Iran and used to target Saudi Arabia

 


Pierluigi Paganini

(Security Affairs – Newsletter)



The post Security Affairs newsletter Round 141 – News of the week appeared first on Security Affairs.



Leave a Reply