A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.
If you want to also receive for free the newsletter with the international press subscribe here.
| Kaspersky released a new decryptor for Conti-based ransomware |
| US govt agencies released a joint alert on the Lockbit 3.0 ransomware |
| Feds arrested Pompompurin, the alleged owner of BreachForums |
| Hitachi Energy breached by Clop gang through GoAnywhere Zero-Day exploitation |
| HinataBot, a new Go-Based DDoS botnet in the threat landscape |
| Top 5 Insider Threats to Look Out For in 2023 |
| China-linked APT likely linked to Fortinet zero-day attacks |
| Baseband RCE flaws in Samsung’s Exynos chipsets expose devices to remote hack |
| Microsoft sheds light on a year of Russian hybrid warfare in Ukraine Polish intelligence dismantled a network of Russian spies |
| Multiple threat actors exploited Progress Telerik bug to breach U.S. federal agency |
| CISA adds Adobe ColdFusion bug to Known Exploited Vulnerabilities Catalog |
| Russia-linked APT29 abuses EU information exchange systems in recent attacks |
| YoroTrooper APT group targets CIS countries and embassies |
| CrowdStrike discovered the first-ever Dero cryptocurrency mining campaign |
| Security Firm Rubrik breached by Clop gang through GoAnywhere Zero-Day exploitation |
| Key aerospace player Safran Group leaks sensitive data |
| LockBit Ransomware gang claims to have stolen SpaceX confidential data from Maximum Industries |
| Microsoft Patch Tuesday fix Outlook zero-day actively exploited Adobe fixed ColdFusion flaw listed as under active exploit |
| DEV-1101 AiTM phishing kit is fueling large-scale phishing campaigns |
| Advanced actor targets Fortinet FortiOS in attacks on govt entities |
| Dissecting the malicious arsenal of the Makop ransomware gang |
| Golang-Based Botnet GoBruteforcer targets web servers |
| CISA adds Plex Media Server bug, exploited in LastPass attack, to Known Exploited Vulnerabilities Catalog |
| Dark Pink APT targets Govt entities in South Asia |
| The risk of pasting confidential company data into ChatGPT |
| Acronis states that only one customer’s account has been compromised. Much ado about nothing Cisco fixed CVE-2023-20049 DoS flaw affecting enterprise routers |
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)
The post Security Affairs newsletter Round 411 by Pierluigi Paganini appeared first on Security Affairs.
