Security Affairs newsletter Round 102 – News of the week

A new round of the weekly SecurityAffairs newsletter arrived!

The best news of the week with Security Affairs.

First of all, let me inform you that at the #infosec16 SecurityAffairs was awarded as The Best European Personal Security Blog

·        Shamoon 2 malware, ASERT has shed light on the C2 and the infection process
·        US Oil and Gas Industry unprepared to mitigate risks in operational technology (OT) environments
·        Roberts Hawaii tour company hacked, credit card and personal info exposed
·        Security Affairs newsletter Round 101 – News of the week
·        Russian cyber experts were charged with treason due to the allegations made seven years ago
·        CVE-2017-0037 – Google Project Zero discloses another unpatched Microsoft Edge and IE Vulnerability
·        The Necurs botnet is evolving, now includes a DDoS module
·        Stolen EHR data is flooding criminal underground communities in the Deep Web
·        Prisons and Courts Bill allows mobile networks to deploy IMSI catchers outside of prisons
·        A flaw in ESET Endpoint Antivirus allows to hack Apple Macs, patch it now
·        Boeing notified 36,000 employees following an accidental data leak
·        The Singaporean Defence Ministry was hit by a cyber attack, no secrets were exfiltrated
·        The Gamaredon Group is back with new weapons in its arsenal
·        Amazon S3 outage. Increased error rates. Amazon AWS is down
·        Dridex v4, the dreaded malware has been improved with AtomBombing technique
·        XSS flaws in Zscaler Cloud management software allow logged attackers to hack coworkers
·        SQLi flaw in the NextGEN Gallery plugin exposes at risk of hack more than 1 Million WordPress Installs
·        The Google E2EMail is now fully community-driven open source project
·        Phishing Trends Report – 2016 ended as the worst year for phishing in history
·        Alleged Master Keys for the Dharma Ransomware Leaked on BleepingComputer
·        German foreign intelligence service Spied on Foreign Journalists since 1999
·        Tor webmail provider Sigaint is unavailable at least since February 11
·        ReBreakCaptcha – How to breaking Googles ReCaptcha v2 using Googles APIs
·        High severity bug discovered in CISCO NETFLOW GENERATION APPLIANCE
·        Trolling, Doxing & Cyberstalking: Cybercrime & The Law
·        Researchers spotted a hidden backdoor in Chinese IoT devices from the firm DblTek
·        Talos team spotted a PowerShell malware that uses DNS queries to contact the C2
·        Cloudflare tries to downplay the impact of the Cloudbleed incident
·        Exclusive: A criminal group using SSH TCP direct forward attack is also targeting Italian infrastructure
·        The US Vice President Mike Pences personal AOL account was hacked

Email address: Hurry up, subscribe to the newsletter, next Sunday you will receive all the news directly in your inbox.I desire to inform you that Security Affairs is now open to sponsored content.
I’ll offer the opportunity to:
•    Insert banners of various sizes in all the posts on Security Affairs.
•    Publish sponsored posts written by the customers that can include any kind of commercial reference.
•    Arrange a monthly/quarterly/annual campaign (for big customers) to advertise customers’ activities and discoveries.
For more info contact me at
Thanks for supporting Security Affairs.


Once again thank you!

Pierluigi Paganini

(Security Affairs – Newsletter)

The post Security Affairs newsletter Round 102 – News of the week appeared first on Security Affairs.

Source: Security Affairs @ March 5, 2017 at 07:09AM