A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
| ViperSoftX uses more sophisticated encryption and anti-analysis techniques |
| Atomic macOS Stealer is advertised on Telegram for $1,000 per month |
| CISA warns of a critical flaw affecting Illumina medical devices |
| OpenAI reinstates ChatGPT service in Italy after meeting Garante Privacy’s demands |
| Cisco discloses a bug in the Prime Collaboration Deployment solution |
| Zyxel fixed a critical RCE flaw in its firewall devices and urges customers to install the patches |
| Ukraine cyber police arrested a man for selling data of 300M people |
| Google obtained a temporary court order against CryptBot distributors |
| Researchers found the first Linux variant of the RTM locker |
| Crooks use PaperCut exploits to deliver Cl0p and LockBit ransomware CryptoRom: OkCupid scam cost Florida man $480k – we followed the money to Binance |
| Iranian Charming Kitten APT used a new BellaCiao malware in recent wave of attacks |
| China-linked Alloy Taurus APT uses a Linux variant of PingPull malware |
| A component in Huawei network appliances could be used to take down Germany’s telecoms networks |
| Thousands of publicly-exposed Apache Superset installs exposed to RCE attacks |
| Pro-Russia hacking group executed a disruptive attack against a Canadian gas pipeline |
| SLP flaw allows DDoS attacks with an amplification factor as high as 2200 times |
| VMware addressed two zero-day flaws demonstrated at Pwn2Own Vancouver 2023 |
| A new Mirai botnet variant targets TP-Link Archer A21 |
| Google researchers found multiple security issues in Intel TDX Google Authenticator App now supports Google Account synchronization |
| Peugeot leaks access to user information in South America |
| North Korea-linked BlueNoroff APT is behind the new RustBucket Mac Malware |
| AuKill tool uses BYOVD attack to disable EDR software |
| Experts released PoC Exploit code for actively exploited PaperCut flaw |
| EvilExtractor, a new All-in-One info stealer appeared on the Dark Web |
| Russian cybercrime group likely behind ongoing exploitation of PaperCut flaws |
| Hackers can hack organizations using data found on their discarded enterprise network equipment |
| Health insurer Point32Health suffered a ransomware attack |
| Experts spotted first-ever crypto mining campaign leveraging Kubernetes RBAC |
International Press
Cybercrime
Continuing our work to hold cybercriminal ecosystems accountable
First draft of controversial UN Cybercrime Treaty slated for June
The cyber police exposed an attacker in the sale of databases with personal data of citizens of Ukraine and the EU
Hacking
First-Ever Attack Leveraging Kubernetes RBAC to Backdoor Clusters
Hacker Group Names Are Now Absurdly Out of Control
Critical vulnerabilities in papercut print management software
PaperCut CVE-2023-27350 Deep Dive and Indicators of Compromise
Compromising Garmin’s Sport Watches: A Deep Dive into GarminOS and its MonkeyC Virtual Machine
Cyberattacks on Canada’s gas infrastructure left ‘no physical damage,’ Trudeau says
CVE-2023-27524: Insecure Default Configuration in Apache Superset Leads to Remote Code Execution
Malware
EvilExtractor – All-in-One Stealer
‘AuKill’ EDR killer malware abuses Process Explorer driver
Chinese Alloy Taurus Updates PingPull Malware
RTM Locker Ransomware as a Service (RaaS) Now Suits Up for Linux Architecture
Threat Actor Selling New Atomic macOS (AMOS) Stealer on Telegram
Citrix Users at Risk: AresLoader Spreading Through Disguised GitLab Repo
Intelligence and Information Warfare
BlueNoroff APT group targets macOS with ‘RustBucket’ Malware
TP-LINK WAN-SIDE VULNERABILITY CVE-2023-1389 ADDED TO THE MIRAI BOTNET ARSENAL
Leaked Pentagon Documents Reveal Secrets About Friends and Foes
How China’s Huawei spooked Germany into launching a probe
Unpacking BellaCiao: A Closer Look at Iran’s Latest Malware
Cybersecurity
Discarded, not destroyed: Old routers reveal corporate secrets
Google Authenticator now supports Google Account synchronization
Intel Trust Domain Extensions (TDX) Security Review
New high-severity vulnerability (CVE-2023-29552) discovered in the Service Location Protocol (SLP)
South Korea, US agree to cooperate on cybersecurity and combating North Korean digital heists
ChatGPT: OpenAI reinstates service in Italy with enhanced transparency and rights for european users and non-users
Illumina Cybersecurity Vulnerability Affecting the Universal Copy Service Software May Present Risks for Patient Results and Customer Networks: Letter to Health Care Providers
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Please vote for Security Affairs (https://securityaffairs.com/) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS
Vote for me in the sections:
- The Teacher – Most Educational Blog
- The Entertainer – Most Entertaining Blog
- The Tech Whizz – Best Technical Blog
- Best Social Media Account to Follow (@securityaffairs)
Please nominate Security Affairs as your favorite blog.
Nominate here: https://docs.google.com/forms/d/e/1FAIpQLSfaFMkrMlrLhOBsRPKdv56Y4HgC88Bcji4V7OCxCm_OmyPoLw/viewform
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)
The post Security Affairs newsletter Round 417 by Pierluigi Paganini – International edition appeared first on Security Affairs.
