A new round of the weekly SecurityAffairs newsletter arrived!

The best news of the week with Security Affairs.

Let me inform you that my new book, “Digging in the Deep Web” is online

Kindle Edition

Paper Copy

Digging The Deep Web

Once again thank you!

·      Airbnb China will share hosts information with the government
·      Any social media accounts to declare? Visa applicants would have to declare them
·      Apple macOS issues reveal passwords for APFS encrypted volumes in plaintext
·      Philippine central bank has thrown an alert after SWIFT hackers hit Malaysia central bank
·      After Cambridge Analytica scandal Facebook announces Election security Improvements
·      HiddenMiner Android Cryptocurrency miner can brick your device
·      MITRE is evaluating a service dubbed ATT&CK for APT detection
·      VPNs & Privacy Browsers leak users’ IPs via WebRTC
·      70% of VPN Chrome Extensions Leak Your DNS
·      Fin7 hackers stole 5 Million payment card data from Saks Fifth Avenue and Lord & Taylor Stores
·      Google to banish cryptocurrency mining extensions from official Chrome Web Store
·      Grindr shared people HIV status with other companies
·      Project Kalamata – Apple will replace Intel processors in Macs with its custom designed chips
·      KevDroid Android RAT can steal private data and record phone calls
·      Many natural gas pipeline operators in the U.S. Gas affected by cyberattack
·      Microsoft issued out-of-band patch to fix CVE-2018-0986 Malware Protection Engine flaw
·      Panera Bread left millions of customer records exposed online for months
·      Thousands of compromised Magento websites delivering Malware
·      Facebook: Cambridge Analytica scandal affected 87 Million users
·      North Korea-Linked Lazarus APT suspected for online Casino assault
·      OSX_OCEANLOTUS.D, a new macOS backdoor linked to APT 32 group
·      Zuckerberg admitted public data of its 2.2 billion users has been scraped by Third-party entities
·      A Remote Code Execution Vulnerability found in the Spring Framework. Upgrade it now!
·      Cisco Smart Install Protocol misuse could expose critical infrastructure to attacks
·      VirusTotal presents its new Android Droidy sandbox
·      [24]7.ai Payment Card Breach affected major firms, including Best Buy, After Delta Air Lines and Sears Holdings
·      130,000 Finnish user data exposed in third largest data breach ever happened in the country
·      After Cambridge Analytica Facebook COO Sandberg admits other possible misuses
·      New variant of the Mirai Botnet targets the financial industry

Pierluigi Paganini

(Security Affairs – Newsletter)


The post Security Affairs newsletter Round 157 – News of the week appeared first on Security Affairs.