Security Affairs newsletter Round 434 by Pierluigi Paganini – International edition

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cloud and hosting provider Leaseweb took down critical systems after a cyber attack
French employment agency Pôle emploi data breach impacted 10M people
Crypto investor data exposed by a SIM swapping attack against a Kroll employee
China-linked Flax Typhoon APT targets Taiwan
Whiffy Recon malware triangulates the position of infected systems via Wi-Fi
FBI: Patches for Barracuda ESG Zero-Day CVE-2023-2868 are ineffective
Researchers released PoC exploit for Ivanti Sentry flaw CVE-2023-38035
Lazarus APT exploits Zoho ManageEngine flaw to target an Internet backbone infrastructure provider
Lapsus$ member has been convicted of having hacked multiple high-profile companies
More than 3,000 Openfire servers exposed to attacks using a new exploit
DoJ charged Tornado Cash founders with laundering more than $1 billion
FBI identifies wallets holding cryptocurrency funds stolen by North Korea
Carderbee APT targets Hong Kong orgs via supply chain attacks
TP-Link Tapo L530E smart bulb flaws allow hackers to steal user passwords
Defense contractor Belcan leaks admin password with a list of flaws
Akira ransomware gang spotted targeting Cisco VPN products to hack organizations
Snatch gang claims the hack of the Department of Defence South Africa
CISA adds critical Adobe ColdFusion flaw to its Known Exploited Vulnerabilities catalog
A cyber attack hit the Australian software provider Energy One
Ivanti fixed a new critical Sentry API authentication bypass flaw
BlackCat ransomware group claims the hack of Seiko network
New HiatusRAT campaign targets Taiwan and U.S. military procurement system
Spoofing an Apple device and tricking users into sharing sensitive data
Israel and US to Invest $3.85 Million in projects for critical infrastructure protection through the BIRD Cyber Program
N. Korean Kimsuky APT targets S. Korea-US military exercises
Four Juniper Junos OS flaws can be chained to remotely hack devices
Cybersecurity: CASB vs SASE

Cybercrime

Japanese watchmaker Seiko breached by BlackCat ransomware gang

Akira ransomware targets Cisco VPNs to breach organizations

Tornado Cash Founders Charged With Money Laundering And Sanctions Violations

Final negotiations on UN cybercrime treaty underway in New York      

Lapsus$ hacker targeted Uber, Revolut, Grand Theft Auto maker, London jury finds 

Kroll Employee SIM-Swapped for Crypto Investor Data    

A Pôle emploi service provider victim of a cyber-malicious act  

Malware

No Rest For The Wicked: HiatusRAT Takes Little Time Off In A Return To Action

Cuba ransomware uses Veeam exploit against critical U.S. organizations

Lazarus Group exploits ManageEngine vulnerability to deploy QuiteRAT  

Telekopye: Hunting Mammoths using Telegram bot   

Hacking

New WinRAR Vulnerability Could Allow Hackers to Take Control of Your PC

WinRAR zero-day exploited since April to hack trading accounts  

Exploitation of Openfire CVE-2023-32315

Ivanti Sentry Authentication Bypass CVE-2023-38035 Deep Dive

Suspected PRC Cyber Actors Continue to Globally Exploit Barracuda ESG Zero-Day Vulnerability (CVE-2023-2868)   

Cellebrite asks cops to keep its phone hacking tech ‘hush hush’  

How Attackers are Circumventing MFA (and How to Stop Them)  

Critical Vulnerabilities Patched in Jupiter X Core Plugin  

Intelligence and Information Warfare

North Korean hackers target U.S.-South Korea military drills, police say  

FBI Identifies Cryptocurrency Funds Stolen by DPRK

Flax Typhoon using legitimate software to quietly access Taiwanese organizations By Microsoft Threat Intelligence  

Uncle Sam: Rest of the world would love to steal our space blueprints – don’t let ’em

Carderbee: APT Group use Legit Software in Supply Chain Attack Targeting Orgs in Hong Kong  

Lazarus Group’s infrastructure reuse leads to discovery of new malware  

Cybersecurity

BIRD Foundation invests $3.85 million in critical infrastructure cyber projects via new program 

Ivanti Ships Urgent Patch for API Authentication Bypass Vulnerability

Defense contractor Belcan leaks admin password with a list of flaws  

Leaseweb is restoring ‘critical’ systems after security breach  

Microsoft is now a cybersecurity titan. That could be a problem  

Tor turns to proof-of-work puzzles to defend onion network from DDoS attacks

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

The post Security Affairs newsletter Round 434 by Pierluigi Paganini – International edition appeared first on Security Affairs.