Security Affairs newsletter Round 428 by Pierluigi Paganini – International edition
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email…
Category: Securityaffairs
Russia-linked APT Gamaredon starts stealing data from victims between 30 and 50 minutes after the initial compromiseSecurity Affairs
Ukraine’s Computer Emergency Response Team (CERT-UA) states that Russia-linked APT Gamaredon starts stealing data 30 minutes after the initial compromise. Ukraine’s Computer Emergency Response Team…
Source code of the BlackLotus UEFI Bootkit was leaked on GitHubSecurity Affairs
The source code for the BlackLotus UEFI bootkit has been published on GitHub and experts warn of the risks of proliferation of custom versions. Researchers…
US CISA warns of Rockwell Automation ControlLogix flawsSecurity Affairs
The U.S. CISA warns of two flaws impacting Rockwell Automation ControlLogix that can lead to remote code execution and DoS attacks. The U.S. Cybersecurity and…
Indexing Over 15 Million WordPress Websites with PWNPressSecurity Affairs
Sicuranex’s PWNPress platforms indexed over 15 million WordPress websites, it collects data related to vulnerabilities and misconfigurations Leveraging the extensive Common Crawl dataset and pushing…
New AVrecon botnet remained under the radar for 2 years while targeting SOHO RoutersSecurity Affairs
A new malware dubbed AVrecon targets small office/home office (SOHO) routers, it infected over 70,000 devices from 20 countries. Lumen Black Lotus Labs uncovered a…
Apple re-released Rapid Security Response to fix recently disclosed zero-daySecurity Affairs
Apple re-released its Rapid Security Response updates for iOS and macOS after fixing browsing issues on certain websites caused by the first RSR. Apple has…
Zimbra urges customers to manually fix actively exploited zero-daySecurity Affairs
Zimbra has released updates to address a zero-day vulnerability actively exploited in attacks aimed at Zimbra Collaboration Suite (ZCS) email servers. Zimbra urges customers to…
Chinese hackers compromised emails of US Government agenciesSecurity Affairs
Chinese hackers have compromised the emails of an unnamed US Federal Civilian Executive Branch (FCEB) agency. In Mid-June a malicious email activity was reported by…
SonicWall urges orgs to fix critical flaws in GMS/Analytics productsSecurity Affairs
SonicWall fixed multiple critical vulnerabilities impacting its GMS firewall management and Analytics management and reporting engine. SonicWall addressed multiple critical vulnerabilities in its Global Management…
Citrix fixed a critical flaw in Secure Access Client for UbuntuSecurity Affairs
Citrix fixed a critical flaw affecting the Secure Access client for Ubuntu that could be exploited to achieve remote code execution. Citrix addressed a critical…
Cl0p hacker operating from Russia-Ukraine war front lineSecurity Affairs
CyberNews researchers discovered that at least one of the Cl0p ransomware gang masterminds is still residing in Ukraine. Original post at: https://cybernews.com/security/cl0p-hacker-hides-in-ukraine/ As the Cl0p…