A new round of the weekly SecurityAffairs newsletter arrived!

The best news of the week with Security Affairs.

Let me inform you that my new book, “Digging in the Deep Web” is online

Kindle Edition

Paper Copy

Digging The Deep Web

Once again thank you!

·      Experts spotted spam campaigns delivering XTRAT and DUNIHI backdoors bundled with the Adwind RAT
·      SunTrust unfaithful employee may have stolen data on 1.5 Million customers
·      Unscrupulous crooks behind the RansSIRIA Ransomware try to exploit attentions on Syrian refugee crisis
·      CVE-2018-0229 flaw in SAML implementation threatens Firepower, AnyConnect and ASA products
·      Google Project Zero hacker discloses a Zero-Day in Windows Lockdown Policy
·      Health Stream left exposed online a database containing contact data for roughly 10,000 medics
·      Orangeworm cyber espionage group target Healthcare organizations worldwide
·      Take These Steps to Secure Your WordPress Website Before Its Too Late
·      BeatCoin – Researchers demonstrate how to steal Cold Wallet Keys from Air-Gapped PCs
·      CSE Malware ZLab – Malware Analysis Report: The Bandios malware suite
·      Kasperskys analysis of servers compromised by Energetic Bear shows the APT operates on behalf of others
·      Do Not Disturb app will protect your device from evil maid attacks
·      Expert devised a exploit for a Code Execution vulnerability in NVIDIA Tegra Chipsets
·      Police shut down the biggest DDoS-for-hire service (webstresser.org) and arrested its administrators
·      Portugal is the 21st country to join the NATO Cyber-Defence Centre
·      CVE-2018-7602 – Drupal addressed a new vulnerability associated with Drupalgeddon2 flaw
·      F-Secure experts devised a Master Key that unlocks millions of hotel rooms
·      Hacking the Amazon Alexa virtual assistant to spy on unaware users
·      Western Digital MY CLOUD EX2 storage devices leak files
·      Dutch Police shut down the Anon-IB revenge porn forum
·      Microsoft releases new software and microcode updates to address Spectre flaw (Variant 2).
·      Necurs Spam Botnet operators adopt a new technique to avoid detection
·      Rubella Macro Builder Crimeware Kit gains popularity on cybercrime underground
·      European and US police hit the Islamic State propaganda machine
·      Expert shows how to trigger blue-screen-of-death on Windows by triggering NTFS flaw
·      How to use weaponized PDF documents to steal Windows credentials


Pierluigi Paganini

(Security Affairs – Newsletter)

The post Security Affairs newsletter Round 160 – News of the week appeared first on Security Affairs.