Security Affairs newsletter Round 424 by Pierluigi Paganini – International edition

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Law enforcement shutdown a long-standing DDoS-for-hire service
A Russian national charged for committing LockBit Ransomware attacks
Oil and gas giant Shell is another victim of Clop ransomware attacks
Progress fixed a third flaw in MOVEit Transfer software
Unveiling the Balada injector: a malware epidemic in WordPress
China-linked APT UNC3886 used VMware ESXi Zero-Day
LLM meets Malware: Starting the Era of Autonomous Threat
Microsoft Patch Tuesday for June 2023 fixes 6 critical flaws
St. Margaret’s Health is the first hospital to cite a cyberattack as a reason for its closure
A database containing data of +8.9 million Zacks users was leaked online
Fortinet urges to patch the critical RCE flaw CVE-2023-27997 in Fortigate firewalls
UK communications regulator Ofcom hacked with a MOVEit file transfer zero-day
Experts released PoC exploit for MOVEit Transfer CVE-2023-34362 flaw
Intellihartx data breach exposed the personal and health info of 490,000 individuals
FUD Malware obfuscation engine BatCloak continues to evolve
Fortinet urges to patch a critical RCE flaw in Fortigate firewalls
Xplain data breach also impacted the national Swiss railway FSS
Microsoft warns of multi-stage AiTM phishing and BEC attacks
Pro-Ukraine Cyber Anarchy Squad claims the hack of the Russian telecom provider Infotel JSC
Updated Android spyware GravityRAT steals WhatsApp Backups
Barracuda ESG zero-day exploited by China-linked APT
Russia-linked APT Gamaredon update TTPs in recent attacks against Ukraine
Cybersecurity agencies published a joint LockBit ransomware advisory
Microsoft links Cadet Blizzard APT to Russia’s military intelligence GRU
Critical flaw found in WooCommerce Stripe Gateway Plugin used by +900K sites

Cybercrime

Oil and gas giant Shell confirms it was impacted by Clop ransomware attacks  

Russian National Arrested and Charged with Conspiring to Commit LockBit Ransomware Attacks Against U.S. and Foreign Businesses  

DETAINED FOR DDOS ATTACKS AS PART OF THE NEXT EDITION OF THE INTERNATIONAL “POWER OFF” OPERATION   

Malware

Android GravityRAT goes after WhatsApp backups

LLM meets Malware: Starting the Era of Autonomous Threat

Reverse Engineering Terminator aka Zemana AntiMalware/AntiLogger Driver         

Understanding Ransomware Threat Actors: LockBit  

Hacking

Two XSS Vulnerabilities in Azure with Embedded postMessage IFrames   

Intelligence and Information Warfare

Hackers hacked the websites of a Moscow provider and a number of Russian companies: they wish the Armed Forces of Ukraine success    

VMware ESXi Zero-Day Used by Chinese Espionage Actor to Perform Privileged Guest Operations on Compromised Hypervisors   

Spy agencies acquire commercial data with little coordination and few controls  

Cadet Blizzard emerges as a novel and distinct Russian threat actor  

Shuckworm: Inside Russia’s Relentless Cyber Campaign Against Ukraine

Barracuda ESG Zero-Day Vulnerability (CVE-2023-2868) Exploited Globally by Aggressive and Skilled Actor, Suspected Links to China        

Cybersecurity

An Illinois hospital is the first health care facility to link its closing to a ransomware attack  

The June 2023 Security Update Review    

Unauthenticated IDOR to PII Disclosure in WooCommerce Stripe Gateway Plugin  

MEPs ready to negotiate first-ever rules for safe and transparent AI  

CISA Instructs Federal Agencies to Secure Internet-Exposed Devices

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

The post Security Affairs newsletter Round 424 by Pierluigi Paganini – International edition appeared first on Security Affairs.