February 25, 2021

TerabitWeb Blog

Fascinating Technology and Security Information

Security Affairs newsletter Round 258

2 min read

Original Post from Security Affairs
Author: Pierluigi Paganini

A new round of the weekly newsletter arrived! The best news of the week with Security Affairs

Coronavirus-themed attacks March 22 – March 28, 2020
FIN7 hackers target enterprises with weaponized USB drives via USPS
Source code of Dharma ransomware now surfacing on public hacking forums
Crooks leverage Zooms popularity in Coronavirus outbreak to serve malware
Voter information for 4,934,863 Georgians leaked online
Your colleague was infected with Coronavirus, this is the latest phishing lure
Zeus Sphinx spam campaign attempt to exploit Coronavirus outbreak
42 million records of Iranian users of unofficial Telegram fork leaked online
A critical flaw in Rank Math WordPress plugin allows hackers to give users Admins privileges
FBI warns of nation-state actors using the Kwampirs malware
Holy water targets religious figures and charities in Asia
Marriott discloses data breach impacting up to 5.2 Million guests
Microsoft Edge will warn users if their credentials have been compromised
Experts published PoC exploits for CVE-2020-0796 privilege escalation flaw on Windows
LimeRAT malware delivered using 8-year-old VelvetSweatshop trick
New Raccoon Stealer uses Google Cloud Services to evade detection
Vollgar botnet has managed to infect around 3k MSSQL DB servers daily
Zoom client for Windows could allow hackers to steal usersWindows password
Crooks use tainted Zoom apps to target users at home due to Coronavirus outbreak
Hackers exploited IE and Firefox flaws in attacks on entities in China, Japan
Microsoft issues targeted notification to hospitals vulnerable to Ransomware attacks
New COVID19 wiper overwrites MBR making computers unusable
100,000 WordPress sites using the Contact Form 7 Datepicker plugin are exposed to hack
Hacking iPhone or MacBook devices by tricking into visiting a site
Magecart group 7 use new e-skimmer to steal payment data
Open Cloud Database Exposes 200 Million Americans
Twitter discloses privacy issue that caused caching of files sent via DMs in Firefox
Firefox 74.0.1 addresses two zero-days exploited in the wild
Microsofts case study: Emotet took down an entire network in just 8 days New Coronavirus-themed campaign spread Lokibot worldwide

Pierluigi Paganini

(SecurityAffairs – newsletter)

The post Security Affairs newsletter Round 258 appeared first on Security Affairs.

Go to Source
Author: Pierluigi Paganini

Copyright © All rights reserved. | Newsphere by AF themes.