Security Affairs newsletter Round 492 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

WordPress LiteSpeed Cache plugin flaw could allow site takeover
Apple iOS 18.0.1 and iPadOS 18.0.1 fix media session and passwords bugsGoogle removed Kaspersky’s security apps from the Play Store
New Perfctl Malware targets Linux servers in cryptomining campaign
Microsoft and DOJ seized the attack infrastructure used by Russia-linked Callisto Group
Dutch police breached by a state actor
Thousands of Adobe Commerce e-stores hacked by exploiting the CosmicSting bug
Cloudflare mitigated new record-breaking DDoS attack of 3.8 Tbps
Telegram revealed it shared U.S. user data with law enforcement
U.S. CISA adds Ivanti Endpoint Manager (EPM) flaw to its Known Exploited Vulnerabilities catalog
14 New DrayTek routers’ flaws impacts over 700,000 devices in 168 countries
Rhadamanthys information stealer introduces AI-driven capabilities
Critical Zimbra Postjournal flaw CVE-2024-45519 actively exploited in the wild. Patch it now!
Police arrested four new individuals linked to the LockBit ransomware operation
UMC Health System diverted patients following a ransomware attack
U.S. CISA adds D-Link DIR-820 Router, DrayTek Multiple Vigor Router, Motion Spell GPAC, SAP Commerce Cloud bugs to its Known Exploited Vulnerabilities catalog
News agency AFP hit by cyberattack, client services impacted
North Korea-linked APT Kimsuky targeted German defense firm Diehl Defence
Patelco Credit Union data breach impacted over 1 million people
Community Clinic of Maui discloses a data breach following May Lockbit ransomware attack
A British national has been charged for his execution of a hack-to-trade scheme
Critical NVIDIA Container Toolkit flaw could allow access to the underlying host
Israel army hacked the communication network of the Beirut Airport control tower

International Press – Newsletter

Cybercrime  

U.K. National Charged with Multimillion-Dollar Hack-to-Trade Fraud Scheme  

Crooked Cops, Stolen Laptops & the Ghost of UGNazi 

Investigating Infrastructure and Tactics of Phishing-as-a-Service Platform Sniper Dz 

Police arrest four suspects linked to LockBit ransomware gang

How the FBI and Mandiant caught a ‘serial hacker’ who tried to fake his own death

FIN7 hosting honeypot domains with malicious AI DeepNude Generators – New Silent Push research     

Arrests in international operation targeting cybercriminals in West Africa 

A Single Cloud Compromise Can Feed an Army of AI Sex Bots  

Pig Butchering Alert: Fraudulent Trading App targeted iOS and Android users

Fraudsters imprisoned for scamming Apple out of 6,000 iPhones

Malware

Rhadamanthys Stealer Adds Innovative AI Feature in Version 0.7.0

Threat Actors leverage Docker Swarm and Kubernetes to mine cryptocurrency at scale  

Crypto-Stealing Code Lurking in Python Package Dependencies     

Fake browser updates spread updated WarmCookie malware

Hacking

Demystifying Physical Memory Primitive Exploitation on Windows  

Trojan cars: Why the US fears Chinese cyberattacks on electric vehicles

Wiz Research Finds Critical NVIDIA AI Vulnerability Affecting Containers Using NVIDIA GPUs, Including Over 35% of Cloud Environments      

Zimbra – Remote Command Execution (CVE-2024-45519)  

Critical Zimbra Vulnerability Exploited One Day After PoC Release

Zero-Day Breach at Rackspace Sparks Vendor Blame Game 

Thousands of Adobe Commerce stores hacked in competing CosmicSting campaigns

Unauthenticated Stored XSS Vulnerability in LiteSpeed Cache Plugin Affecting 6+ Million Sites   

Intelligence and Information Warfare 

Israel reportedly hacks Beirut airport control tower, warns Iranian plane not to land  

Army to close active information operations command as it moves those ops to smaller specialized units  

FSB Center for Special Technologies (TsST): Crafting Russia’s Cyber Weapons for Information Warfare  

North Korean hackers targeted arms company Diehl  

The Silent Battlefield Above: Unraveling Russia’s Cyber Operations Against Military Satellites and Space Assets  

Chinese Military Exploring Wasy to Win in Intelligent Warfare Amidst Change & Constancy

North Korean Hackers Using New VeilShell Backdoor in Stealthy Cyber Attacks

Dutch government blames a ‘state actor’ for hacking a police network

Justice Department Disrupts Russian Intelligence Spear-Phishing Efforts  

Deep Dive into North Korea’s Ongoing Campaign Against Southeast Asia

Separating the bee from the panda: CeranaKeeper making a beeline for Thailand  

Cybersecurity

Endpoint Prevention and Response (EPR) Test findings

Critical Flaws in Tank Gauge Systems Expose Gas Stations to Remote Attacks

Media giant AFP hit by cyberattack impacting news delivery services

SecurityCracking the Cloud: The Persistent Threat of Credential-Based Attacks  

Dray:Break

Fake memories, persistent threats: When AI remembers what isn’t true  

Telegram Confirms it Gave U.S. User Data to the Cops 

First Ai-iD Kit toolkit built to empower and educate everyone about deepfakes

How Cloudflare auto-mitigated world record 3.8 Tbps DDoS attack  

Protecting Democratic Institutions from Cyber Threats

Finding a needle in a haystack: Machine learning at the forefront of threat hunting research      

German-French recommendations for the use of AI programming assistants  

Pixel’s Proactive Approach to Security: Addressing Vulnerabilities in Cellular Modems

Subscribe to the newsletter for free here:

https://www.linkedin.com/build-relation/newsletter-follow?entityUrn=7093942975545667584

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs –hacking, newsletter)