Security Affairs newsletter Round 226

A new round of the weekly SecurityAffairs newsletter arrived!

The best news of the week with Security Affairs

Hi folk, let me inform you that I suspended the newsletter service, anyway I’ll continue to provide you a list of published posts every week through the blog.

Once again thank you!

DealPly adware abuses reputation services to remain under the radar

Houston County Schools in Alabama delayed the school years opening due to a malware attack

Poshmark, the social commerce marketplace, discloses a data breach

Fraudster stole $870,000 from 2 US universities with spear-phishing mails

GermanWiper, a data-wiping malware that is targeting Germany

Hacking Radio Blasting Systems for Fun & Explosions

Machete cyber-espionage group targets Latin America military

StockX hacked, customers data offered for sale on the dark web

The US Gov is testing high-altitude balloons for surveillance

CafePress Data Breach exposes technical details of 23 Million users

Crooks turn victims into money mules via confidence/romance scams

Expert publicly disclosed a zero-day vulnerability in KDE

QualPwn Bugs in Qualcomm chips could allow hacking Android Over the Air

Russia-linked STRONTIUM APT targets IoT devices to hack corporate networks

The Evolution of Aggah: From Roma225 to the RG Campaign

New Lord Exploit Kit appears in the threat landscape

OilRig APT group: the evolution of attack techniques over time

SWAPGS Attack – A new Spectre-V1 attack affects modern chips

The number of exploits in the Echobot botnet reached 59

American Insurance firm State Farm victim of credential stuffing attacks

Cisco addressed critical flaws in Cisco Small Business 220 Series Smart Switches

New strain of Clipsa malware launches brute-force attacks on WordPress sites

WhatsApp flaws allow the attackers to manipulate conversations

3Fun Dating App leaked members location and personal details

A Zero-Day in Steam client for Windows affects over 100 Million users

Apple announces major changes to its bug bounty program, including higher rewards

Emsisoft released a free decryptor for JSWorm 4.0

Android Apps containing Clicker Trojan installed on over 100M devices

City of Naples, Florida, lost $700K after a cyberattack

Varenyky Spambot Trojan targets French users in alleged sextortion campaign

Pierluigi Paganini

(SecurityAffairs – newsletter)

---

• 
  
  


• 
  
  


• 
  
  


• 
  
  


• 
  
  


• 
  
  


•