Security Affairs newsletter Round 425 by Pierluigi Paganini – International edition

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Someone is sending mysterious smartwatches to the US Military personnel
CISA orders govt agencies to fix recently disclosed flaws in Apple devices
VMware fixed five memory corruption issues in vCenter Server
Fortinet fixes critical FortiNAC RCE, install updates asap
More than a million GitHub repositories potentially vulnerable to RepoJacking
New Mirai botnet targets tens of flaws in popular IoT devices
Researchers released a PoC exploit for CVE-2023-20178 flaw in Cisco AnyConnect Secure
Norton parent firm Gen Digital, was victim of a MOVEit attack too
Apple addressed actively exploited zero-day flaws in iOS, macOS, and Safari
Analyzing the TriangleDB implant used in Operation Triangulation
Russia-linked APT28 hacked Roundcube email servers of Ukrainian entities
New Condi DDoS botnet targets TP-Link Wi-Fi routers
Critical RCE flaw CVE-2023-20887 in VMware vRealize exploited in the wild
3CX data exposed, third-party to blame
New Tsunami botnet targets Linux SSH servers
Zyxel addressed critical flaw CVE-2023-27992 in NAS Devices
Tackling Data Sovereignty with DDR
ASUS addressed critical flaws in some router models
Experts found components of a complex toolkit employed in macOS attacks
EU member states are urged to restrict without delay 5G equipment from risky suppliers
Diicot cybercrime gang expands its attack capabilities
Microsoft: June Outlook and cloud platform outages were caused by DDoS

Cybercrime

US govt offers $10 million bounty for info on Clop ransomware

FBI seizes BreachForums after arresting its owner Pompompurin in March
US Military Personnel Receiving Unsolicited, Suspicious Smartwatches

Twitter Hacker Sentenced to 5 Years in Prison for $120,000 Crypto Scam

Reddit Files: BlackCat/ALPHV ransomware gang claims to have stolen 80GB of data from Reddit

US govt offers $10 million bounty for info linking Clop ransomware gang to a foreign government.

Malware

Tracking Diicot: an emerging Romanian threat actor  

Fragments of Cross-Platform Backdoor Hint at Larger Mac OS Attack

Tsunami DDoS Malware Distributed to Linux SSH Servers        

Condi DDoS Botnet Spreads via TP-Link’s CVE-2023-1389  

Dissecting TriangleDB, a Triangulation spyware implant   

Why Malware Crypting Services Deserve More Scrutiny    

Hacking

Microsoft Response to Layer 7 Distributed Denial of Service (DDoS) Attacks   

VMware warns of critical vRealize flaw exploited in attacks

Researchers Expose New Severe Flaws in Wago and Schneider Electric OT Products

PoC Exploit Published for Cisco AnyConnect Secure Vulnerability 

GitHub Dataset Research Reveals Millions Potentially Vulnerable to RepoJacking

Intelligence and Information Warfare

BlueDelta Exploits Ukrainian Government Roundcube Mail Servers to Support Espionage Activities

APT28 group used three Roundcube exploits (CVE-2020-35730, CVE-2021-44026, CVE-2020-12641) during another espionage campaign (CERT-UA#6805)       

China-Linked APT15 Targets Foreign Ministries With ‘Graphican’ Backdoor

Cybersecurity

Second report on Member States’ progress in implementing the EU Toolbox on 5G Cybersecurity 

Google Backs Creation of Cybersecurity Clinics With $20 Million Donation

U.S. Cybersecurity Agency Adds 6 Flaws to Known Exploited Vulnerabilities Catalog

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

The post Security Affairs newsletter Round 425 by Pierluigi Paganini – International edition appeared first on Security Affairs.