Security Affairs newsletter Round 426 by Pierluigi Paganini – International edition

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

WordPress sites using the Ultimate Member plugin are under attack
LockBit gang demands a $70 million ransom to the semiconductor manufacturing giant TSMC
Avast released a free decryptor for the Windows version of the Akira ransomware
Iran-linked Charming Kitten APT enhanced its POWERSTAR Backdoor
miniOrange’s WordPress Social Login and Register plugin was affected by a critical auth bypass bug
North Korea-linked Andariel APT used a new malware named EarlyRat last year
The phone monitoring app LetMeSpy disclosed a data breach
Previously undetected ThirdEye malware appears in the threat landscape
Former Group-IB manager has been arrested in Kazahstan
Experts published PoC exploits for Arcserve UDP authentication bypass issue
Using Electromagnetic Fault Injection Attacks to take over drones
Experts warn of a spike in May and June of 8Base ransomware attacks
Critical SQL Injection flaws in Gentoo Soko can lead to Remote Code Execution
EncroChat dismantling led to 6,558 arrests and the seizure of $979M in criminal funds
Mockingjay process injection technique allows EDR bypass
Experts found hundreds of devices within federal networks having internet-exposed management interfaces
Schneider Electric and Siemens Energy are two more victims of a MOVEit attack
JOKERSPY used to target a cryptocurrency exchange in Japan
Citizen of Croatia charged with running the Monopoly Market drug marketplace
Energy company Suncor suffered a cyber attack and its company Petro-Canada gas reported problems at its gas stations in Canada
Internet Systems Consortium (ISC) fixed three DoS flaw in BIND
China-linked APT group VANGUARD PANDA uses a new tradecraft in recent attacks
Trojanized Super Mario Bros game spreads malware
Twitter hacker sentenced to five years in prison for cybercrime offenses

Cybercrime

Citizen of Croatia and Serbia Charged with Running Monopoly Drug Market on the Darknet

Inside Threat Actors: Dark Web Forums vs. Illicit Telegram Communities

Dismantling of an encrypted network sends shockwaves through organised crime groups across Europe  

TSMC Says Supplier Hacked After Ransomware Group Claims Attack on Chip Giant  

Malware

Trojanized Super Mario Game Installer Spreads SupremeBot Malware

Initial research exposing JOKERSPY  

Who is 8BASE? A deep dive into the “newish” ransom gang

Ransomware review: June 2023      

New Fast-Developing ThirdEye Infostealer Pries Open System Information  

Linux version of Akira ransomware targets VMware ESXi servers

Decrypted: Akira Ransomware  

Hacking

Process Mockingjay: Echoing RWX In Userland To Achieve Code Execution     

Anonymous Sudan’s Attack of European Investment Bank: Money, Politics and PR

Flipper Zero hacking tool is a big hit  

Why ORMs and Prepared Statements Can’t (Always) Win   

Drone Security and Fault Injection Attacks | Gabriel Gonzalez  

CVE-2023-26258 – Remote Code Execution in ArcServe UDP Backup 

miniOrange Addresses Authentication Bypass Vulnerability in WordPress Social Login and Register WordPress Plugin

Hacking Campaign Actively Exploiting Ultimate Member Plugin  

Intelligence and Information Warfare

Business as Usual: Falcon Complete MDR Thwarts Novel VANGUARD PANDA (Volt Typhoon) Tradecraft 

Swiss intelligence report warns of Russian and Chinese espionage

Andariel’s silly mistakes and a new malware family  

Charming Kitten Updates POWERSTAR with an InterPlanetary Twist  

Cybersecurity

Identifying CISA BOD 23-02 Internet-Exposed Networked Management Interfaces with Censys   

Cyber Threat Report: UK Legal Sector  

BLUE BOOK  

LetMeSpy, a phone tracking app spying on thousands, says it was hacked   

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

The post Security Affairs newsletter Round 426 by Pierluigi Paganini – International edition appeared first on Security Affairs.