Security Affairs newsletter Round 454 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Akira ransomware targets Finnish organizations
GitLab fixed a critical zero-click account hijacking flaw
Juniper Networks fixed a critical RCE bug in its firewalls and switches
Vast Voter Data Leaks Cast Shadow Over Indonesia ’s 2024 Presidential Election
Researchers created a PoC for Apache OFBiz flaw CVE-2023-51467
Team Liquid’s wiki leak exposes 118K users
CISA adds Ivanti and Microsoft SharePoint bugs to its Known Exploited Vulnerabilities catalog
Two zero-day bugs in Ivanti Connect Secure actively exploited
X Account of leading cybersecurity firm Mandiant was hacked because not adequately protected
Cisco fixed critical Unity Connection vulnerability CVE-2024-20272
ShinyHunters member sentenced to three years in prison
HMG Healthcare disclosed a data breach
Threat actors hacked the X account of the Securities and Exchange Commission (SEC) and announced fake Bitcoin ETF approval
Entire population of Brazil possibly exposed in massive data leak
Decryptor for Tortilla variant of Babuk ransomware released
Microsoft Patch Tuesday for January 2024 fixed 2 critical flaws
CISA adds Apache Superset bug to its Known Exploited Vulnerabilities catalog
LockBit ransomware gang claims the attack on Capital Health
Syrian group Anonymous Arabic distributes stealthy malware Silver RAT
Swiss Air Force sensitive files stolen in the hack of Ultra Intelligence & Communications
Saudi Ministry exposed sensitive data for 15 months
DoJ charged 19 individuals in a transnational cybercrime investigation xDedic Marketplace
Long-existing Bandook RAT targets Windows machines
A cyber attack hit the Beirut International Airport
Iranian crypto exchange Bit24.cash leaks user passports and IDs
Turkish Sea Turtle APT targets Dutch IT and Telecom firms

Cybercrime

Hundreds of Thousands of Dollars Worth of Solana Cryptocurrency Assets Stolen in Recent CLINKSINK Drainer Campaigns  

Vast Voter Data Leaks Cast Shadow Over Indonesia’s 2024 Presidential Election 

Finnish organizations targeted by Akira ransomware 

Member of notorious international hacking crew sentenced to prison  

Foreign National Sentenced for Conspiring to Launder Proceeds of Internet Fraud Schemes  

Ransomware gang targets nonprofit providing clean water to world’s poorest  

Malware

Thousands of Sites with Popup Builder Compromised by Balada Injector     

Finnish organizations targeted by Akira ransomware  

Decryptor for Babuk ransomware variant released after hacker arrested  

You Had Me at Hi — Mirai-Based NoaBot Makes an Appearance

A GAMER TURNED MALWARE DEVELOPER : DIVING INTO SILVERRAT AND IT’S SYRIAN ROOTS      

Hacking

Active Exploitation of Two Zero-Day Vulnerabilities in Ivanti Connect Secure VPN

Weaponizing Apache OFBiz CVE-2023-51467

CVE-2023-46805 (Authentication Bypass) & CVE-2024-21887 (Command Injection) for Ivanti Connect Secure and Ivanti Policy Secure Gateways

Active Exploitation of Two Zero-Day Vulnerabilities in Ivanti Connect Secure VPN

China claims it cracked Apple’s AirDrop to find numbers, email addresses     

Weaponizing Apache OFBiz CVE-2023-51467  

Intelligence and Information Warfare 

Chinese hackers invade critical US power and water systems: Report  

Pro-Ukraine hackers breach Russian ISP in revenge for KyivStar attack

Nation-State Actors Weaponize Ivanti VPN Zero-Days, Deploying 5 Malware Families

Dutch Engineer Used Water Pump to Get Billion-Dollar Stuxnet Malware Into Iranian Nuclear Facility: Report

China-Linked Volt Typhoon Hackers Possibly Targeting Australian, UK Governments

Cybersecurity

THE DECEMBER 2023 SECURITY UPDATE REVIEW   

Ubiquiti Users Somehow Being Fed Access to Strangers’ Security Cameras  

Exercise Crossed Swords Tests Allied Cyber Operations  

Microsoft Cloud enables customers to keep all personal data within European Data Boundary

Why securing the OT environment against cyberattacks is vital  

Global Risks Report 2024     

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)