A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
Hackers stole over $44 million from Asian crypto platform BingX |
OP KAERB: Europol dismantled phishing scheme targeting mobile users |
Ukraine bans Telegram for government agencies, military, and critical infrastructure |
Tor Project responded to claims that law enforcement can de-anonymize Tor users |
UNC1860 provides Iran-linked APTs with access to Middle Eastern networks |
US DoJ charged two men with stealing and laundering $230 Million worth of cryptocurrency |
The Vanilla Tempest cybercrime gang used INC ransomware for the first time in attacks on the healthcare sector |
U.S. CISA adds new Ivanti Cloud Services Appliance Vulnerability to its Known Exploited Vulnerabilities catalog |
Ivanti warns of a new actively exploited Cloud Services Appliance (CSA) flaw |
International law enforcement operation dismantled criminal communication platform Ghost |
U.S. CISA adds Microsoft Windows, Apache HugeGraph-Server, Oracle JDeveloper, Oracle WebLogic Server, and Microsoft SQL Server bugs to its Known Exploited Vulnerabilities catalog |
SIEM for Small and Medium-Sized Enterprises: What you need to know |
Antivirus firm Dr.Web disconnected all servers following a cyberattack |
Experts warn of China-linked APT’s Raptor Train IoT Botnet |
Credential Flusher, understanding the threat and how to protect your login data |
U.S. Treasury issued fresh sanctions against entities linked to the Intellexa Consortium |
Broadcom fixed Critical VMware vCenter Server flaw CVE-2024-38812 |
Remote attack on pagers used by Hezbollah caused 9 deaths and thousands of injuries |
Chinese man charged for spear-phishing against NASA and US Government |
Data Breach |
Qilin ransomware attack on Synnovis impacted over 900,000 patients |
D-Link addressed three critical RCE in wireless router models |
Apple dismisses lawsuit against surveillance firm NSO Group due to risk of threat intelligence exposure |
Hacker tricked ChatGPT into providing detailed instructions to make a homemade bomb |
Port of Seattle confirmed that Rhysida ransomware gang was behind the August attack |
International Press – Newsletter
Cybercrime
Samourai and Tornado Cash both pinning hopes on upcoming ruling
Cyberattack on Kansas water treatment facility investigated by feds
Modified LockBit and Conti ransomware shows up in DragonForce gang’s attacks
Inside the Dragon: DragonForce Ransomware Group
Two Russian Nationals Charged in Connection with Operating Billion Dollar Money Laundering Services
Telegram’s New Rules Push Criminal Groups to Flee the Platform
Security Brief: Actor Uses Compromised Accounts, Customized Social Engineering to Target Transport and Logistics Firms with Malware
Administrator account blamed for rail terror message hack
OFAC and FinCEN target major Russian money laundering services including Cryptex and PM2BTC
Seizure of 7 million euros of crypto currency and 2 crypto currency exchanges offline
Crypto scammers hack OpenAI’s press account on X
Storm-0501: Ransomware attacks expanding to hybrid cloud environments
Kuwait Health Ministry restoring systems after cyberattack takes down hospitals, healthcare app
Wallet Scam: A Case Study in Crypto Drainer Tactics
Malware
How the Necro Trojan infiltrated Google Play, again
Kryptina RaaS | From Unsellable Cast-Off to Enterprise Ransomware
Infostealer malware bypasses Chrome’s new cookie-theft defenses
AI-Generated Malware Found in the Wild
“Marko Polo” Navigates Uncharted Waters With Infostealer Empire
Octo2: European Banks Already Under Attack by New Malware Variant
Hacking
Hacking Kia: Remotely Controlling Cars With Just a License Plate
4 exploits, 1 bug: exploiting cve-2024-20017 4 different ways
LLM’s New Achilles Heel: When Prompts Become Exploits
A collection of Semgrep rules to facilitate vulnerability research
CVEs Targeting Remote Access Technologies
Hezbollah likely to launch retaliatory cyberattack on Israel, expert says
Rethinking Red Teaming for AI: The new wave of Cybersecurity in the age of AI
Israeli Group Claims Lebanon Water Hack as CISA Reiterates Warning on Simple ICS Attacks
Attacking UNIX Systems via CUPS, Part I
Highly Anticipated Linux Flaw Allows Remote Code Execution, but Less Serious Than Expected
Tosint: Open-source Telegram OSINT tool
Intelligence and Information Warfare
GreyNoise Reveals New Internet Noise Storm: Secret Messages and the China Connection
-=TWELVE=- is back
Earth Baxia Uses Spear-Phishing and GeoServer Exploit to Target APAC
Gleaming Pisces Poisoned Python Packages Campaign Delivers PondRAT Linux and MacOS Backdoors
‘Get away from Hezbollah’: Has Israel hacked Lebanon’s telecoms networks?
Iran linked hacker group Handala Hack Team claim pager explosions linked to Israeli battery company
Norway starts probe into reported links to exploding pagers in Lebanon
Thousands of Capitol Hill staffers’ info spilled across dark web, security firm says
Cyberespionage the Gamaredon way: Analysis of toolset used to spy on Ukraine in 2022 and 2023
China-Linked Hackers Breach U.S. Internet Providers in New ‘Salt Typhoon’ Cyberattack
China’s satellites are dodging US eyes in space
Unraveling Sparkling Pisces’s Tool Set: KLogEXE and FPSpy
Sophistication of AI-backed operation targeting senator points to future of deepfake schemes
Three IRGC Cyber Actors Indicted for ‘Hack-and-Leak’ Operation Designed to Influence the 2024 U.S. Presidential Election
Cybersecurity
Nearly 40% of FAA air traffic control systems need urgent updates, GAO reports
Telegram Changes Policy, Says It Will Provide User Data to Authorities
‘Cybersecurity issue’ takes MoneyGram offline for three days – and counting
Kaspersky deletes itself, installs UltraAV antivirus without warning
HP Wolf Security Threat Insights Report: September 2024
Google & Arm – Raising The Bar on GPU Security
Increased Cybersecurity Essential For NGOs: Help Available
Firefox tracks you with “privacy preserving” feature
Cyber house of cards – Politicians’ and staffers’ personal details exposed online
NATO is testing out this decentralized messenger for communications between member nations
Kaspersky defends force-replacing its security software without users’ explicit consent
Threat Actors Continue to Exploit OT/ICS through Unsophisticated Means
Uniting for Internet Freedom: Tor Project & Tails Join Forces
Microsoft’s more secure Windows Recall feature can also be uninstalled by users
Irish Data Protection Commission fines Meta Ireland €91 million
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Subscribe to the newsletter for free here:
https://www.linkedin.com/build-relation/newsletter-follow?entityUrn=7093942975545667584
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)