A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

If you want to also receive for free the newsletter with the international press subscribe here.

Copycat Criminals mimicking Lockbit gang in northern EuropeSandworm APT targets Ukraine with new SwiftSlicer wiperISC fixed high-severity flaws in DNS software suite BINDPatch management is crucial to protect Exchange servers, Microsoft warnsHacker accused of having stolen personal data of all Austrians and moreCVE-2023-23560 flaw exposes 100 Lexmark printer models to hackBlackCat Ransomware gang stole secret military data from an industrial explosives manufacturerUK NCSC warns of spear-phishing attacks from Russia-linked and Iran-linked groupsAn unfaithful employee leaked Yandex source code repositoriesHive Ransomware Tor leak site apparently seized by law enforcementExperts warn of a surge of attacks exploiting a Realtek Jungle SDK RCE (CVE-2021-35394)Zacks Investment Research data breach impacted hundreds of thousands of customersGoogle Chrome 109 update addresses six security vulnerabilitiesNorth Korea-linked TA444 group turns to credential harvesting activityFrench rugby club Stade Français leaks source codeDragonSpark threat actor avoids detection using Golang source code InterpretationVMware warns of critical code execution bugs in vRealize Log InsightPakistan hit by nationwide power outage, is it the result of a cyber attack?GoTo revealed that threat actors stole customers’ backups and encryption key for some of themFBI confirms that North Korea-linked Lazarus APT is behind Harmony Horizon Bridge $100 million cyber heistMeta Platforms expands features for EE2E on Messenger AppCISA added Zoho ManageEngine RCE (CVE-2022-47966) to its Known Exploited Vulnerabilities CatalogResearcher found US ‘No Fly List’ on an unsecured serverApple backported patches for CVE-2022-42856 zero-day on older iPhones, iPadsTwo flaws in Samsung Galaxy Store can allow to install Apps and execute JS codeCompanies impacted by Mailchimp data breach warn their customersMassive Ad fraud scheme VASTFLUX targeted over 11 million devicesVideo game firm Riot Games hacked, now it faces problems to release contentExpert found critical flaws in OpenText Enterprise Content Management SystemRoaming Mantis uses new DNS changer in its Wroba mobile malwareFollow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

The post Security Affairs newsletter Round 404 by Pierluigi Paganini appeared first on Security Affairs.