Security Affairs newsletter Round 289

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

Creative Office 365 phishing inverts images to avoid detection botsLuxottica data breach exposes info of LensCrafters and EyeMed patientsPwn2Own Tokyo Day 3: Team Flashback crowned Master of PwnCompal, the Taiwanese giant laptop manufacturer hit by ransomwareE-commerce platform X-Cart hit by a ransomware attackFBI warns of attacks on unsecured SonarQube used by US govt agencies and businessesTianfu Cup 2020 – 5 minutes to hack Windows 10, Ubuntu iOS, VMWare EXSi, and othersxHunt hackers hit Microsoft Exchange with two news backdoorsAdobe fixes flaws in Connect and Reader MobileFlaws in WordPress Ultimate Member plugin expose 25K sites to hackMalicious NPM project steals browser info and Discord accountsPrestige reservation platform exposes millions of hotel guestsRansomware operators use fake Microsoft Teams updates to deploy Cobalt StrikeTetrade hackers target 112 financial apps with Ghimob banking TrojanEU bodies agree on new EU export rules for dual-use technologyFormer Microsoft worker sentenced to nine years in prison for stealing $10+ millionGoogle and Mozilla fixed issues exploited at 2020 Tianfu Cup hacking contestMicrosoft Patch Tuesday fixes CVE-2020-17087 currently under active exploitationMuhstik botnet adds Oracle WebLogic and Drupal exploitsRagnar Locker ransomware gang advertises Campari hack on FacebookThe alleged decompiled source code of Cobalt Strike toolkit leaked online46M accounts were impacted in the data breach of childrens online playground Animal JamCostaricto APT: Cyber mercenaries use previously undocumented malwareGoogle addresses two new Chrome zero-day flawsNew modular ModPipe POS Malware targets restaurants and hospitality sectorsSwedish court suspended the ban on Huawei equipmentHacker stole $2 million worth of Dai cryptocurrency from AkropolisNew TroubleGrabber malware targets Discord usersSecurity flaws in Schneider Electric PLCs allow full take overThree APT groups have targeted at least seven COVID-19 vaccine makersVertafore data breach exposed data of 27.7 million Texas driversBiotech research firm Miltenyi Biotec hit by Mount Locker ransomwareCISA Chief Chris Krebs expects to be fired by the White HouseSchneider Electric published a security advisory on Drovorub Linux MalwarePierluigi Paganini

(SecurityAffairs – hacking, newsletter)

The post Security Affairs newsletter Round 289 appeared first on Security Affairs.