Security Affairs newsletter Round 449 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Hacktivists hacked an Irish water utility and interrupted the water supply
5Ghoul flaws impact hundreds of 5G devices with Qualcomm, MediaTek chips
Norton Healthcare disclosed a data breach after a ransomware attack
Bypassing major EDRs using Pool Party process injection techniques
Founder of Bitzlato exchange has pleaded for unlicensed money transmitting
Android barcode scanner app exposes user passwords
Russia-linked APT8 exploited Outlook zero-day to target European NATO members
UK and US expose Russia Callisto Group’s activity and sanction members
A cyber attack hit Nissan Oceania
New Krasue Linux RAT targets telecom companies in Thailand
Atlassian addressed four new RCE flaws in its products
CISA adds Qualcomm flaws to its Known Exploited Vulnerabilities catalog
Experts demonstrate a post-exploitation tampering technique to display Fake Lockdown mode
GST Invoice Billing Inventory exposes sensitive data to threat actors
Threat actors breached US govt systems by exploiting Adobe ColdFusion flaw
ENISA published the ENISA Threat Landscape for DoS Attacks Report
Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts
Google fixed critical zero-click RCE in Android
New P2PInfect bot targets routers and IoT devices
Malvertising attacks rely on DanaBot Trojan to spread CACTUS Ransomware
LockBit on a Roll – ICBC Ransomware Attack Strikes at the Heart of the Global Financial Order
Zyxel fixed tens of flaws in Firewalls, Access Points, and NAS devices
New Agent Raccoon malware targets the Middle East, Africa and the US

Cybercrime

Opinion: Why crypto was the perfect tool for criminals and kleptocrats  

What it means — CitrixBleed ransomware group woes grow as over 60 credit unions, hospitals, financial services and more breached in US  

Paper trail ends in jail time for 1 013 money mules  

Founder and Majority Owner of Cryptocurrency Exchange Pleads Guilty to Unlicensed Money Transmitting  

ALPHV ransomware site outage rumored to be caused by law enforcement

Malware

Microsoft Warns of Malvertising Scheme Spreading CACTUS Ransomware

P2Pinfect – New Variant Targets MIPS Devices  

Curse of the Krasue: New Linux Remote Access Trojan targets Thailand  

New macOS Trojan-Proxy piggybacking on cracked software   

Hacking

POL Cyber Command has observed malicious activity against Microsoft Exchange servers  

Threat Actors Exploit Adobe ColdFusion CVE-2023-26360 for Initial Access to Government Servers

Fake Lockdown Mode: A post-exploitation tampering technique  

CISA says US government agency was hacked thanks to ‘end of life’ software  

The #PoolParty You Will Never Forget: New Process Injection Techniques Using #Windows Thread Pools

5Ghoul  : Unleashing Chaos on 5G Edge Devices  

Hackers hit Erris water in stance over Israel

Millions of patient scans and health records spilling online thanks to decades-old protocol bug  

Intelligence and Information Warfare

Microsoft Warns of Kremlin-Backed APT28 Exploiting Critical Outlook Vulnerability

The Israel-Hamas War Reveals the Fundamental Flaws of Social Media  

The Internet Enabled Mass Surveillance. A.I. Will Enable Mass Spying  

Reddit Says Leaked U.S.-U.K. Trade Documents Posted on the Site Are Linked to a Russian Information Campaign

UK exposes attempted Russian cyber interference in politics and democratic processes

Russian FSB cyber actor Star Blizzard continues worldwide spear-phishing campaigns

Star Blizzard increases sophistication and evasion in ongoing attacks           

Fighting Ursa Aka APT28: Illuminating a Covert Campaign 

AI’s ‘Fog of War’    

Russian hackers targeted US intel officers in ‘sophisticated spear phishing campaign,’ DOJ says  

Google Warns China Is Ramping Up Cyberattacks Against Taiwan

Hollywood plays unwitting Cameo in Kremlin plot to discredit Zelensky 

Cybersecurity

Google Cloud – Cybersecurity Forecast 2024 

ENISA Threat Landscape for DoS Attacks  

a16z Funded AI Platform Generated Images That “Could Be Categorized as Child Pornography,” Leaked Documents Show   

Apple says it is not aware anyone using Lockdown Mode got hacked   

Report: 2.6 billion personal records compromised by data breaches in past two years — underscoring need for end‑to‑end encryption    

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)