Security Affairs newsletter Round 188 – News of the week

Pierluigi Paganini November 11, 2018

A new round of the weekly SecurityAffairs newsletter arrived!

The best news of the week with Security Affairs.

Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal

20% discount

Kindle Edition

Paper Copy

Digging The Deep Web

Once again thank you!

Apple T2 security chip in new MacBooks disconnects Microphone when lid is closed
Kraken ransomware 2.0 is available through the RaaS model
PortSmash flaw in Hyper-Threading CPU could allow sensitive data theft
Flaw in Icecast streaming media server allows to take off online Radio Stations
Google dorks were the root cause of a catastrophic compromise of CIAs communications
High severity XML external entity flaw affects Sauter building automation product
USB drives are primary vector for destructive threats to industrial facilities
Flaws in several self-encrypting SSDs allows attackers to decrypt data they contain
Group-IB and CryptoIns introduce the worlds first insurance against cyber threats for cryptocurrency exchanges
IBM Watson will be used by NIST to assign CVSS scores to vulnerabilities
New attack by Anonymous Italy: personal data from ministries and police have been released online
Shellbot Botnet Targets IoT devices and Linux servers
A flaw in WooCommerce WordPress Plugin could be exploited to take over e-stores
Apache Struts users have to update FileUpload library to fix years-old flaws
HSBC Bank USA notified customers of a security breach
Researcher discloses VirtualBox Zero-Day without reporting it to Oracle
Researcher discloses VirtualBox Zero-Day without reporting to it to Oracle
U.S. Air Force announced Hack the Air Force 3.0, the third Bug Bounty Program
689,272 plaintext records of Amex India customers exposed online
Compliance to Cybersecurity Requirements and False Claims Act
Experts detailed how China Telecom used BGP hijacking to redirect traffic worldwide
U.S. Cyber Command CNMF Shares unclassified malware samples via VirusTotal
XSS flaw in Evernote allows attackers to execute commands and steal files
BCMPUPnP_Hunter Botnet infected 400k routers to turn them in email spammers
Data from ‘almost all Pakistani banks stolen, Pakistani debit card details surface on the dark web
Guy Fawkes Day – LulzSec Italy hit numerous organizations in Italy
Snowden speaks about the role of surveillance firm NSO Group in Khashoggi murder
VMware releases security patches for a critical virtual machine escape flaw
Nginx server security flaws expose more than a million of servers to DoS attacks
Symantec shared details of North Korean Lazaruss FastCash Trojan used to hack banks
VPN vs. proxy: which is better to stay anonymous online?

 

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – Newsletter)

[adrotate banner=”5″]

[adrotate banner=”13″]



you might also like

leave a comment