Security Affairs newsletter Round 173 – News of the week

A new round of the weekly SecurityAffairs newsletter arrived!

The best news of the week with Security Affairs.

Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal

20% discount

Kindle Edition

Paper Copy

Digging The Deep Web

Once again thank you!

 

·      Ecuador to withdraw asylum for Julian Assange in coming weeks or days
·      TA505 gang abusing PDF files embedding SettingContent-ms to distribute FlawedAmmyy RAT
·      CSE Malware ZLab – Chinese APT27 s long-term espionage campaign in Syria is still ongoing
·      Experts believe US Cyber Command it the only entity that can carry out ‘hack backs
·      Experts warn of new campaigns leveraging Mirai and Gafgyt variants
·      The source code of the Exobot Android banking trojan has been leaked online
·      Android Debugging Tools Also Useful for Compromising Devices, Mining Cryptocurrency
·      CVE-2018-5383 Bluetooth flaw allows attackers to monitor and manipulate traffic
·      DHS – Russian APT groups are inside US critical infrastructure
·      Sony addresses remotely exploitable flaws in Sony IPELA E Network Cameras
·      SpectreRSB – new Spectre CPU side-channel attack using the Return Stack Buffer
·      Apache Software Foundation fixes important flaws in Apache Tomcat
·      Hide ‘N Seek botnet also includes exploits for home automation systems
·      Korean Davolink routers are easy exploitable due to poor cyber hygene
·      The Death botnet grows targeting AVTech devices with a 2-years old exploit
·      Experts discovered a Kernel Level Privilege Escalation in Oracle Solaris
·      Kronos Banking Trojan resurrection, new campaigns spotted in the wild
·      ProtonMail launches Address Verification and full PGP support
·      Ransomware attack disrupted some systems of the shipping giant COSCO in the US
·      US-CERT warns of ongoing cyber attacks aimed at ERP applications
·      Dutch brothers sentenced to community service for involvement in CoinVault ransomware distribution
·      Leafminer cyber espionage group targets Middle East
·      NetSpectre is a remote Spectre attack that allows stealing data over the network
·      Parasite HTTP RAT implements a broad range of protections and evasion mechanims
·      Parasite HTTP RAT implements a broad range of protections and evasion mechanisms
·      Google bans cryptocurrency mining apps from the official Play Store
·      Microsoft revealed details of a supply chain attack at unnamed Maker of PDF Editor
·      Russian APT28 espionage group targets democratic Senator Claire McCaskill
·      Twitter removed more than 143,000 apps from the messaging service

 



Pierluigi Paganini

(Security Affairs – Newsletter)


The post Security Affairs newsletter Round 173 – News of the week appeared first on Security Affairs.

Leave a Reply