A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.
If you want to also receive for free the newsletter with the international press subscribe here.
| NCA infiltrates the cybercriminal underground with fake DDoS-for-hire sites |
| Pwn2Own Vancouver 2023 awarded $1,035,000 and a Tesla for 27 0-days |
| CISA announced the Pre-Ransomware Notifications initiative |
| China-linked hackers target telecommunication providers in the Middle East |
| City of Toronto is one of the victims hacked by Clop gang using GoAnywhere zero-day |
| Critical flaw in WooCommerce Payments plugin allows site takeover |
| Pwn2Own Vancouver 2023 Day 2: Microsoft Teams, Oracle VirtualBox, and Tesla hacked |
| Experts published PoC exploit code for Veeam Backup & Replication bug Cisco fixed multiple severe vulnerabilities in its IOS and IOS XE software |
| Nexus, an emerging Android banking Trojan targets 450 financial apps |
| Dole discloses data breach after February ransomware attack |
| Pwn2Own Vancouver 2023 Day 1: Windows 11 and Tesla hacked |
| Lionsgate streaming platform with 37m subscribers leaks user data |
| Rogue ChatGPT extension FakeGPT hijacked Facebook accounts |
| Experts released PoC exploits for severe flaws in Netgear Orbi routers |
| ENISA: Ransomware became a prominent threat against the transport sector in 2022 |
| BreachForums current Admin Baphomet shuts down BreachForums |
| Independent Living Systems data breach impacts more than 4M individuals New Bad Magic APT used CommonMagic framework in the area of Russo-Ukrainian conflict |
| New ShellBot bot targets poorly managed Linux SSH Servers |
| 2022 Zero-Day exploitation continues at a worrisome pace |
| Ferrari confirms data breach after receiving a ransom demand from an unnamed extortion group |
| Crooks stole more than $1.5M worth of Bitcoin from General Bytes ATMs |
| Acropalypse flaw in Google Pixel’s Markup tool allowed the recovery of edited images |
| Threat actors abuse Adobe Acrobat Sign to distribute RedLine info-stealer |
| Emotet is back after a three-month hiatus |
| Play ransomware gang hit Dutch shipping firm Royal Dirkzwager Lowe’s Market chain leaves client data up for grabs |
| NBA is warning fans of a data breach after a third-party newsletter service hack |
International Press
Cybercrime
[Developing] BreachForums’ Alleged Admin Pompompurin Arrested, Dark Web Reacts
Largest telecom in Guam starts restoring services after cyberattack
Dole Says Employee Information Compromised in Ransomware Attack
NCA infiltrates cyber crime market with disguised DDoS sites
DOJ says ‘millions’ of US citizens victimized by BreachForums administrator
FBI, CISA investigating cyberattack on Puerto Rico’s water authority
Hacking
(Ab)using Adobe Acrobat Sign to distribute malware
Exploiting aCropalypse: Recovering Truncated PNGs
External Trusts Are Evil
Vulnerability Spotlight: Netgear Orbi router vulnerable to arbitrary command execution
MojoBox: Yet-Another Not-So-SmartLock
PWN2OWN VANCOUVER 2023 – DAY THREE RESULTS
Malware
Emotet adopts Microsoft OneNote attachments
ShellBot Malware Being Distributed to Linux SSH Servers
“FakeGPT” #2: Open-Source Turned Malicious in Another Variant of the Facebook Account-Stealer Chrome Extension
Nexus: a new Android botnet?
Building a Custom Mach-O Memory Loader for macOS – Part 1
Intelligence and Information Warfare
Bad magic: new APT found in the area of Russo-Ukrainian conflict
German and South Korean Agencies Warn of Kimsuky’s Expanding Cyber Attack Tactics
Notorious SideCopy APT group sets sights on India’s DRDO
Operation Tainted Love | Chinese APTs Target Telcos in New Attacks
Cybersecurity
Move, Patch, Get Out the Way: 2022 Zero-Day Exploitation Continues at an Elevated Pace
UK issues strategy to protect National Health Service from cyberattacks
Understanding Cyber Threats in Transport
Lineup set for House talks on Section 702 surveillance law
Veeam Backup and Replication CVE-2023-27532 Deep Dive
Critical Vulnerability Discovered in WooCommerce Payments
Getting Ahead of the Ransomware Epidemic: CISA’s Pre-Ransomware Notifications Help Organizations Stop Attacks Before Damage Occurs
Russia’s Rostec allegedly can de-anonymize Telegram users
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, Moshen Dragon)
The post Security Affairs newsletter Round 412 by Pierluigi Paganini – International edition appeared first on Security Affairs.
