A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
| A cyberattack on gambling giant IGT disrupted portions of its IT systems |
| China-linked APT Gelsemium uses a new Linux backdoor dubbed WolfsBane |
| Microsoft seized 240 sites used by the ONNX phishing service |
| U.S. CISA adds Apple, Oracle Agile PLM bugs to its Known Exploited Vulnerabilities catalog |
| More than 2,000 Palo Alto Networks firewalls hacked exploiting recently patched zero-days |
| Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office |
| US DoJ charges five alleged members of the Scattered Spider cybercrime gang |
| Threat actor sells data of over 750,000 patients from a French hospital |
| Decade-old local privilege escalation bugs impacts Ubuntu needrestart package |
| Ford data breach involved a third-party supplier |
| Hacker obtained documents tied to lawsuit over Matt Gaetz’s sexual misconduct allegations |
| Apple addressed two actively exploited zero-day vulnerabilities |
| Unsecured JupyterLab and Jupyter Notebooks servers abused for illegal streaming of Sports events |
| Russian Phobos ransomware operator faces cybercrime charges |
| China-linked actor’s malware DeepData exploits FortiClient VPN zero-day |
| U.S. CISA adds Progress Kemp LoadMaster, Palo Alto Networks PAN-OS and Expedition bugs to its Known Exploited Vulnerabilities catalog |
| Great Plains Regional Medical Center ransomware attack impacted 133,000 individuals |
| Recently disclosed VMware vCenter Server bugs are actively exploited in attacks |
| Foreign adversary hacked email communications of the Library of Congress says |
| T-Mobile is one of the victims of the massive Chinese breach of telecom firms |
| Increased GDPR Enforcement Highlights the Need for Data Security |
| Critical Really Simple Security plugin flaw impacts 4M+ WordPress sites |
| A botnet exploits e GeoVision zero-day to compromise EoL devices |
International Press – Newsletter
Cybercrime
Ransomware Attack on Oklahoma Medical Center Impacts 133,000
Inside Intelligence Center: Financially Motivated Chinese Threat Actor SilkSpecter Targeting Black Friday Shoppers
Phobos Ransomware Administrator Extradited from South Korea to Face Cybercrime Charges
Ransomware gang Akira leaks unprecedented number of victims’ data in one day
Ford investigates alleged breach following customer data leak
5 Defendants Charged Federally with Running Scheme that Targeted Victim Companies via Phishing Text Messages
Targeting the Cybercrime Supply Chain
Cyberattack Disrupts Systems of Gambling Giant IGT
Justice Department Seizes Cybercrime Website and Charges Its Administrators
Malware
Fake AI video generators infect Windows, macOS with infostealers
How Italy became an unexpected spyware hub
Babble Babble Babble Babble Babble Babble BabbleLoader
One Sock Fits All: The use and abuse of the NSOCKS botnet
StopRansomware: BianLian Data Extortion Group
Hacking
4,000,000 WordPress Sites Using Really Simple Security Free and Pro Versions Affected by Critical Authentication Bypass Vulnerability
Threat Actors Hijack Misconfigured Servers for Live Sports Streaming
Apple Releases Urgent Updates to Patch Actively Exploited Zero-Day Vulnerabilities
Hacker Is Said to Have Gained Access to File With Damaging Testimony About Gaetz
Qualys TRU Uncovers Five Local Privilege Escalation Vulnerabilities in needrestart
Threat Brief: Operation Lunar Peek, Activity Related to CVE-2024-0012 and CVE-2024-9474 (Updated Nov. 20)
The Dark Side of Trust: Authority Citation-Driven Jailbreak Attacks on Large Language Models
Intelligence and Information Warfare
T-Mobile Hacked in Massive Chinese Breach of Telecom Networks
Library of Congress emails hacked by ‘adversary’
BrazenBamboo Weaponizes FortiClient Vulnerability to Steal VPN Credentials via DEEPDATA
Unveiling WolfsBane: Gelsemium’s Linux counterpart to Gelsevirine
DPRK IT Workers | A Network of Active Front Companies and Their Links to China
The Nearest Neighbor Attack: How A Russian APT Weaponized Nearby Wi-Fi Networks for Covert Access
Cybersecurity
CISA Director Jen Easterly to depart on Inauguration Day
The Silent AI Leader Nobody is Talking About
The AI Illusion: Navigating the Reality of Machine Learning in Cybersecurity
Roles and Responsibilities Framework for Artificial Intelligence in Critical Infrastructure
CWE Top 25 Most Dangerous Software Weaknesses
Navigating cybersecurity investments in the time of NIS 2
Vulnerabilities in VPNs Paper presented at the Privacy Enhancing Technologies Symposium 2024
China’s Surveillance State Is Selling Citizen Data as a Side Hustle
Anyone Can Buy Data Tracking US Soldiers and Spies to Nuclear Vaults and Brothels in Germany
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)
