A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
| Xplain hack impacted the Swiss cantonal police and Fedpol |
| Zyxel published guidance for protecting devices from ongoing attacks |
| Kimsuky APT poses as journalists and broadcast writers in its attacks |
| New Linux Ransomware BlackSuit is similar to Royal ransomware |
| CISA adds Progress MOVEit Transfer zero-day to its Known Exploited Vulnerabilities catalog |
| New botnet Horabot targets Latin America |
| Point32Health ransomware attack exposed info of 2.5M people |
| MOVEit Transfer software zero-day actively exploited in the wild |
| Russia’s FSB blames the US intelligence for Operation Triangulation |
| Operation Triangulation: previously undetected malware targets iOS devices California-based workforce platform Prosperix leaks drivers licenses and medical records |
| Apps with over 420 Million downloads from Google Play unveil the discovery of SpinOk spyware |
| BlackCat claims the hack of the Casepoint legal technology platform used by US agencies |
| Widespread exploitation by botnet operators of Zyxel firewall flaw |
| Experts warn of backdoor-like behavior within Gigabyte systems |
| Threat actors are exploiting Barracuda Email Security Gateway bug since October 2022 |
| Swiss real estate agency Neho fails to put a password on its systems |
| Microsoft found a new bug that allows bypassing SIP root restrictions in macOS |
| PyPI enforces 2FA authentication to prevent maintainers’ account takeover |
| A database containing 478,000 RaidForums members leaked online Beware of the new phishing technique “file archiver in the browser” that exploits zip domains |
| BrutePrint Attack allows to unlock smartphones with brute-forcing fingerprint |
| Lockbit ransomware attack on MCNA Dental impacts 8.9M individuals |
| New Go-written GobRAT RAT targets Linux Routers in Japan |
| Researchers analyzed the PREDATOR spyware and its loader Alien |
| Attackers use encrypted RPMSG messages in Microsoft 365 targeted phishing attacks |
| Industrial automation giant ABB disclosed data breach after ransomware attack |
| New Bandit Stealer targets web browsers and cryptocurrency wallets |
| CISA adds recently patched Barracuda zero-day to its Known Exploited Vulnerabilities catalog |
International Press
Cybercrime
New hacking forum leaks data of 478,000 RaidForums members
Ask Fitis, the Bear: Real Crooks Sign Their Malware
Discord Admins Hacked by Malicious Bookmarks
Hacking
Microsoft Encrypted Restricted Permission Messages Deliver Phishing
BrutePrint: Expose Smartphone Fingerprint Authentication to Brute-force Attack
Barracuda Email Security Gateway Appliance (ESG) Vulnerability
SUPPLY CHAIN RISK FROM GIGABYTE APP CENTER BACKDOOR
Widespread Exploitation of Zyxel Network Devices
MOVEit Transfer Critical Vulnerability Rapid Response
An extraordinary cyberattack hits Switzerland, affecting the army and many police
Malware
New Info Stealer Bandit Stealer Targets Browsers, Wallets
Mercenary mayhem: A technical analysis of Intellexa’s PREDATOR spyware
GobRAT malware written in Go language targeting Linux routers
Potentially millions of Android TVs and phones come with malware preinstalled
Android apps containing SpinOk module with spyware features installed over 421,000,000 times
New Horabot campaign targets the Americas
Investigating BlackSuit Ransomware’s Similarities to Royal
Intelligence and Information Warfare
Operation Triangulation: iOS devices targeted with previously unknown malware
The FSB of Russia revealed the intelligence action of the American intelligence services using apple mobile devices
Chinese Threat Actor Used Modified Cobalt Strike Variant to Attack Taiwanese Critical Infrastructure
North Korea Using Social Engineering to Enable Hacking of Think Tanks, Academia, and Media
Cybersecurity
Securing PyPI accounts via Two-Factor Authentication
US Air Force denies AI drone attacked operator in test
Zyxel’s guidance for the recent attacks on the ZyWALL devices
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)
The post Security Affairs newsletter Round 422 by Pierluigi Paganini – International edition appeared first on Security Affairs.
