A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

If you want to also receive for free the newsletter with the international press subscribe here.

U.S. Gov believes North Korea-linked Lazarus APT is behind Ronin Validator cyber heistThe unceasing action of Anonymous against RussiaThreat actors target the Ukrainian gov with IcedID malwareThreat actors use Zimbra exploits to target organizations in UkraineConti Ransomware Gang claims responsibility for the Nordex hackZingoStealer crimeware released for free in the cybercrime ecosystemAuth bypass flaw in Cisco Wireless LAN Controller Software allows device takeoverGoogle fixed third zero-day in Chrome since the start of 2022Ways to Develop a Cybersecurity Training Program for EmployeesAnalysis of the SunnyDay ransomwareUS gov agencies e private firms warn nation-state actors are targeting ICS & SCADA devicesCISA adds Windows CLFS Driver Privilege Escalation flaw to its Known Exploited Vulnerabilities CatalogCritical VMware Workspace ONE Access CVE-2022-22954 flaw actively exploitedMicrosoft has taken legal and technical action to dismantle the Zloader botnetCVE-2021-31805 RCE bug in Apache Struts was finally patchedChina-linked Hafnium APT leverages Tarrask malware to gain persistenceJekyllBot:5 flaws allow hacking TUG autonomous mobile robots in hospitalsEU officials were targeted with Israeli surveillance softwareMicrosoft Partch Tuesday for April 2022 fixed 10 critical vulnerabilitiesOperation TOURNIQUET: Authorities shut down dark web marketplace RaidForumsRussia-linked Sandworm APT targets energy facilities in Ukraine with wipersNGINX project maintainers fix flaws in LDAP Reference ImplementationCISA adds WatchGuard flaw to its Known Exploited Vulnerabilities CatalogAnonymous hacked Russia’s Ministry of Culture and leaked 446 GBFFDroider, a new information-stealing malware disguised as Telegram appSuperCare Health discloses a data breach that Impacted +300K peopleMicrosoft’s Autopatch feature improves the patch management processDependency Review GitHub Action prevents adding known flaws in the codeSecuring Easy Appointments and earning CVE-2022-0482Apr 03 – Apr 09 Ukraine – Russia the silent cyber conflictNB65 group targets Russia with a modified version of Conti’s ransomwareFacebook blocked Russia and Belarus threat actors’ activity against UkrainePlease vote for Security Affairs as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERSVote for me in the sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog” and others of your choice.To nominate, please visit: https://docs.google.com/forms/d/e/1FAIpQLSfxxrxICiMZ9QM9iiPuMQIC-IoM-NpQMOsFZnJXrBQRYJGCOw/viewform  

Follow me on Twitter: @securityaffairs and Facebook

try {
window._mNHandle.queue.push(function (){
window._mNDetails.loadTag(“816788371”, “300×250”, “816788371”);
});
}
catch (error) {}

try {
window._mNHandle.queue.push(function (){
window._mNDetails.loadTag(“816788371”, “300×250”, “816788371”);
});
}
catch (error) {}
Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

The post Security Affairs newsletter Round 361 by Pierluigi Paganini appeared first on Security Affairs.