A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
| Symbolic Link trick lets attackers bypass FortiGate patches, Fortinet warns |
| Attackers are exploiting recently disclosed OttoKit WordPress plugin flaw |
| Laboratory Services Cooperative data breach impacts 1.6 Million People |
| Palo Alto warns of brute-force login attempts on PAN-OS GlobalProtect gateways indicating possible upcoming attacks |
| Gamaredon targeted the military mission of a Western country based in Ukraine |
| U.S. CISA adds Linux Kernel flaws to its Known Exploited Vulnerabilities catalog |
| AkiraBot: AI-Powered spam bot evades CAPTCHA to target 80,000+ websites |
| An APT group exploited ESET flaw to execute malware |
| Oracle confirms the hack of two obsolete servers hacked. No Oracle Cloud systems or customer data were affected |
| National Social Security Fund of Morocco Suffers Data Breach |
| Critical Fortinet FortiSwitch flaw allows remote attackers to change admin passwords |
| The US Treasury’s OCC disclosed an undetected major email breach for over a year |
| U.S. CISA adds Gladinet CentreStack and ZTA Microsoft Windows Common Log File System (CLFS) Driver flaws to its Known Exploited Vulnerabilities catalog |
| WhatsApp fixed a spoofing flaw that could enable Remote Code Execution |
| Everest ransomware group’s Tor leak site offline after a defacement |
| Google fixed two actively exploited Android zero-days |
| U.S. CISA adds Ivanti Connect Secure, Policy Secure and ZTA Gateways flaw to its Known Exploited Vulnerabilities catalog |
| A member of the Scattered Spider cybercrime group pleads guilty |
| The controversial case of the threat actor EncryptHub |
| PoisonSeed Campaign uses stolen email credentials to spread crypto seed scams and and empty wallets |
| EDR-as-a-Service makes the headlines in the cybercrime landscape |
| Oracle privately notifies Cloud data breach to customers |
| Expert used ChatGPT-4o to create a replica of his passport in just 5 minutes bypassing KYC |
International Press – Newsletter
Cybercrime
Unmasking EncryptHub: Help from ChatGPT & OPSEC blunders
PoisonSeed Campaign Targets CRM and Bulk Email Providers in Supply Chain Spam Operation
Palm Coast man linked to ‘Scattered Spider’ cybercrime gang pleads guilty to charges related to cryptocurrency theft
Everest ransomware group’s darknet site offline following defacement
Food giant WK Kellogg discloses data breach linked to Clop ransomware
Cybercriminals Attacked National Social Security Fund of Morocco – Millions of Digital Identities at Risk of Data Breach
Operation Endgame follow-up leads to five detentions and interrogations as well as server takedowns
South African telecom provider serving 7.7 million confirms data leak following cyberattack
Malware
Lazarus Expands Malicious npm Campaign: 11 New Packages Add Malware Loaders and Bitbucket Payloads
BadBazaar: iOS and Android Surveillanceware by China’s APT15 Used to Target Tibetans and Uyghurs
Attackers distributing a miner and the ClipBanker Trojan via SourceForge
AkiraBot | AI-Powered Bot Bypasses CAPTCHAs, Spams Websites At Scale
Lookout Mobile Threat Landscape Report – 2024 in Review
Newly Registered Domains Distributing SpyNote Malware
Hacking
NSA, CISA, FBI, and International Partners Release Cybersecurity Advisory on “Fast Flux,” a National Security Threat
Surge in Palo Alto Networks Scanner Activity Indicates Possible Upcoming Threats
Critical SureTriggers Plugin Vulnerability Exploited within 4 hours
Exploitation of CLFS zero-day leads to ransomware activity
Fortinet – Analysis of Threat Actor Activity
Intelligence and Information Warfare
BeaverTail and Tropidoor Malware Distributed via Recruitment Emails
Hackers Spied on 100 US Bank Regulators’ Emails for Over a Year
How ToddyCat tried to hide behind AV software
Court document reveals locations of WhatsApp victims targeted by NSO spyware
Shuckworm Targets Foreign Military Mission Based in Ukraine
Targeted espionage activity UAC-0226 against innovation centers, government and law enforcement agencies using the GIFTEDCROOK stealer
China Admitted to Volt Typhoon Cyberattacks on US Critical Infrastructure: Report
Cybersecurity
Alan Turing Institute: UK can’t handle a fight against AI-enabled crims
EU answer to Trump may involve data use by Big Tech, France says
Google fixes Android zero-days exploited in attacks, 60 other flaws
WhatsApp Vulnerability Could Facilitate Remote Code Execution
Trump orders probe of former cybersecurity chief for declaring 2020 election secure
Cybersecurity industry falls silent as Trump turns ire on SentinelOne
Cybersecurity Community Must Not Remain Silent On Executive Order Attacking Former CISA Director
Ransomware attack cost IKEA operator in Eastern Europe $23 million
Ex-Meta exec tells Senate Zuck dangled US citizen data in bid to enter China
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)