Security Affairs newsletter Round 146 – News of the week

A new round of the weekly SecurityAffairs newsletter arrived!

The best news of the week with Security Affairs.

Once again thank you!

·      Fappening – A fourth man has been charged with hacking into over 250 Apple iCloud accounts belonging to celebrities
·      Lenovo spotted and fixed a backdoor in RackSwitch and BladeCenter networking switches
·      Mirai Okiru botnet targets for first time ever in the history ARC-based IoT devices
·      Security Affairs newsletter Round 145 – News of the week
·      Blackwallet hacked, hackers stole $400,000 from users accounts through DNS hijacking
·      New KillDisk variant targets Windows machines in financial organizations in Latin America
·      Spectre/Meltdown patches had a significant impact on SolarWindss AWS infrastructure
·      Canadian man charged over leak of billions hacked accounts through LeakedSource
·      Customers reporting OnePlus payment website was hacked and reported credit card fraud
·      Four malicious Chrome extensions affected over half a million users and global businesses
·      Powerful Skygofree spyware was reported in November by Lukas Stefanko and first analyzed by CSE CybSec
·      How to hack Facebook accounts exploiting CSRF in Oculus app
·      Internet Systems Consortium rolled out a patch for a BIND security flaw caused DNS Servers Crash
·      Oracle January 2018 Critical Patch Update also addresses Spectre and Meltdown
·      RubyMiner Monero Cryptominer affected 30% of networks worldwide in just 24h
·      KillaMuvz, the creator of the Cryptex tool family pleads guilty to running malware services
·      Meltdown and Spectre patches have a variable impact and can cause unwanted reboots, Intel warns
·      North Korea Group 123 involved in at least 6 different hacking campaigns in 2017
·      Threat actors are delivering the Zyklon Malware exploiting three Office vulnerabilities
·      chaiOS Bug can crash iMessage App on any iPhone and macOS with a simple link
·      Dark Caracal APT – Lebanese intelligence is spying on targets for years
·      Experts uncovered a new campaign abusing FTP servers to deliver Dridex Banking Trojan
·      Health South East RHF data breach exposed health records for half of Norways Population
·      Triton Malware exploited a Zero-Day flaw in Schneider Triconex SIS controllers
·      Crackas leader (15) gained access to data of intel operations in Afghanistan and Iran by posing as the CIA chief
·      Italian companies and Ministry of the Interior under attack, experts spotted a huge botnet
Red Hat reverts Spectre (CVE-2017-5715) security updates due to boot issues reported by customers
The US Global surveillance bill has been signed by President Trump


Pierluigi Paganini

(Security Affairs – Newsletter)

The post Security Affairs newsletter Round 146 – News of the week appeared first on Security Affairs.

Leave a Reply