A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
| Twitter confirmed that a security incident publicly exposed Circle tweets |
| FBI seized other domains used by the shadow eBook library Z-Library |
| WordPress Advanced Custom Fields plugin XSS exposes +2M sites to attacks |
| Fortinet fixed two severe issues in FortiADC and FortiOS |
| Pro-Russia group NoName took down multiple France sites, including the French Senate one |
| North Korea-linked Kimsuky APT uses new recon tool ReconShark |
| Fleckpe Android malware totaled +620K downloads via Google Play Store |
| Cisco EoL SPA112 2-Port Phone Adapters are affected by critical RCE |
| Experts devised a new exploit for the PaperCut flaw that can bypass all current detection |
| Facebook warns of a new information-stealing malware dubbed NodeStealer Russia-linked Sandworm APT uses WinRAR in destructive attacks on Ukraine’s public sector |
| City of Dallas shut down IT services after ransomware attack |
| Authorities dismantled the card-checking platform Try2Check |
| Passwordless sign-in with passkeys is now available for Google accounts |
| Hackers are taking advantage of the interest in generative AI to install Malware |
| Researchers found DoS flaws in popular BGP implementation |
| FBI and Ukrainian police seized 9 crypto exchanges used by cybercriminals |
| SpecTor operation: 288 individuals arrested in the seizure of marketplace Monopoly Market |
| The first iPhone Rapid Security Response update released by Apple fails to install |
| Fortinet warns of a spike in attacks against TBK DVR devices North Korea-linked ScarCruft APT uses large LNK files in infection chains |
| CISA adds TP-Link, Apache, and Oracle bugs to its Known Exploited Vulnerabilities catalog |
| New Lobshot hVNC malware spreads via Google ads |
| T-Mobile suffered the second data breach in 2023 |
| Experts spotted a new sophisticated malware toolkit called Decoy Dog |
| German IT provider Bitmarck hit by cyberattack |
| Iranian govt uses BouldSpy Android malware for internal surveillance operations |
| Russian APT Nomadic Octopus hacked Tajikistani carrier |
| Google banned 173k developer accounts in 2022 |
| Crooks broke into AT&T email accounts to empty their cryptocurrency wallets Russia-linked APT28 uses fake Windows Update instructions to target Ukraine govt bodies |
| White hat hackers showed how to take over a European Space Agency satellite |
International Press
Cybercrime
Bitmarck, one of Germany’s largest IT providers, hit by cyberattack
T-Mobile discloses second data breach since the start of 2023
288 dark web vendors arrested in major marketplace seizure
FBI disrupts virtual currency exchanges used to facilitate criminal activity
Cybercriminal Network Fueling the Global Stolen Credit Card Trade is Dismantled
City of Dallas impacted by ransomware attack, police computer dispatch system down
Z-Library eBook site disrupted again by FBI domain seizures
Hacking
Thales seizes control of esa demonstration satellite in first cybersecurity exercise of its kind
TBK DVR Authentication Bypass Attack
The Art of Information Disclosure: A Deep Dive into CVE-2022-37985, a Unique Information Disclosure Vulnerability in Windows Graphics Component
Finding XSS in a million websites (cPanel CVE-2023-29489)
Malware
ViperSoftX Updates Encryption, Steals Data
Lookout Discovers Android Spyware Tied to Iranian Police Targeting Minorities: BouldSpy
Dog Hunt: Finding Decoy Dog Toolkit via Anomalous DNS Traffic
Elastic Security Labs discovers the LOBSHOT malware
Meta says ChatGPT-related malware is on the rise
The malware threat landscape: NodeStealer, DuckTail, and more
Not quite an Easter egg: a new family of Trojan subscribers on Google Play
Kimsuky Evolves Reconnaissance Capabilities in New Global Campaign
Intelligence and Information Warfare
APT28 cyberattack: distribution of emails with “instructions” on “updating the operating system”
Nomadic Octopus’ Paperbug Campaign
CHAIN REACTION: ROKRAT’S MISSING LINK
WinRAR as a “cyberweapon”. Destructive cyberattack UAC-0165 (probably Sandworm) on the public sector of Ukraine using RoarBat
Pro-Russian Hackers Claim Downing of French Senate Website
Cybersecurity
How we fought bad apps and bad actors in 2022
So long passwords, thanks for all the phish
Three New BGP Message Parsing Vulnerabilities Disclosed in FRRouting Software
Twitter admits to ‘security incident’ involving Circles tweets
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
The post Security Affairs newsletter Round 418 by Pierluigi Paganini – International edition appeared first on Security Affairs.
