Security Affairs newsletter Round 462 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Threat actors breached two crucial systems of the US CISA
CISA adds JetBrains TeamCity bug to its Known Exploited Vulnerabilities catalog
Critical Fortinet FortiOS bug CVE-2024-21762 potentially impacts 150,000 internet-facing devices
QNAP fixed three flaws in its NAS devices, including an authentication bypass
Threat actors breached two crucial systems of the US CISA
CISA adds JetBrains TeamCity bug to its Known Exploited Vulnerabilities catalog
Critical Fortinet FortiOS bug CVE-2024-21762 potentially impacts 150,000 internet-facing devices
QNAP fixed three flaws in its NAS devices, including an authentication bypass
Snake, a new Info Stealer spreads through Facebook messages
National intelligence agency of Moldova warns of Russia attacks ahead of the presidential election
CISA adds Apple iOS and iPadOS memory corruption bugs to its Known Exploited Vulnerabilities Catalog
Linux Malware targets misconfigured misconfigured Apache Hadoop, Confluence, Docker, and Redis servers
CISA ADDS ANDROID PIXEL AND SUNHILLO SURELINE BUGS TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG
Watch out, GhostSec and Stourmous groups jointly conducting ransomware attacks
LockBit 3.0’s Bungled Comeback Highlights the Undying Risk of Torrent-Based (P2P) Data Leakage
Apple emergency security updates fix two new iOS zero-days
VMware urgent updates addressed Critical ESXi Sandbox Escape bugs
US Gov sanctioned Intellexa Consortium individuals and entities behind Predator spyware attacks
CISA ADDS MICROSOFT WINDOWS KERNEL BUG USED BY LAZARUS APT TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG
Experts disclosed two severe flaws in JetBrains TeamCity On-Premises software
Ukraine’s GUR hacked the Russian Ministry of Defense
Some American Express customers’ data exposed in a third-party data breach
META hit with privacy complaints by EU consumer groups
New GTPDOOR backdoor is designed to target telecom carrier networks
Threat actors hacked Taiwan-based Chunghwa Telecom
New Linux variant of BIFROSE RAT uses deceptive domain strategies
Eken camera doorbells allow ill-intentioned individuals to spy on you
U.S. Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp

Cybercrime

BlackCat Ransomware Affiliate TTPs 

American Express credit cards EXPOSED in third-party vendor data breach – account numbers and names among details accessed in hack  

LockBit 3.0’S Bungled Comeback Highlights The Undying Risk Of Torrent-Based Data Leakage  

Hackers Behind the Change Healthcare Ransomware Attack Just Received a $22 Million Payment

On-Device Fraud on the rise: exposing a recent Copybara fraud campaign 

2023 FBI Internet Crime Report

Hacker attack on Xplain: National Cyber Security Centre publishes data analysis report  

Stormous ransomware gang takes credit for attack on Belgian brewer Duvel

Malware

US: Spyware ruling a welcome step towards accountability for those targeted with NSO spyware  

The Art of Domain Deception: Bifrost’s New Tactic to Deceive Users  

GTPDOOR – A novel backdoor tailored for covert access over the roaming exchange  

GhostSec’s joint ransomware operation and evolution of their arsenal

Spinning YARN – A New Linux Malware Campaign Targets Docker, Apache Hadoop, Redis and Confluence

Unboxing Snake – Python Infostealer Lurking Through Messaging Services  

Hunting for Fortinet CVE-2024-21762: Vulnerability Research for Detection Engineering  

Hacking  

These Video Doorbells Have Terrible Security. Amazon Sells Them Anyway  

CryptoChameleon: New Phishing Tactics Exhibited in FCC-Targeted Attack

How recent cyberattacks revealed America’s infrastructure weaknesses

Taiwan Military Says Hackers Sold Telecom Giant’s Data on Web      

CVE-2024-27198 and CVE-2024-27199: JetBrains TeamCity Multiple Authentication Bypass Vulnerabilities (FIXED)  

CryptoChameleon: New Phishing Tactics Exhibited in FCC-Targeted Attack 

CISA forced to take two systems offline last month after Ivanti compromise  

Intelligence and Information Warfare 

How the Chinese civilian and military intelligence agencies confronting CIA and the Pentagon 

German defense chat overheard by Russian eavesdroppers on Cisco’s WebEx

Software, ciphers, secret documents — cyber specialists of the State Security Service hacked the Russian Ministry of Defense  

Moldova warns of Russian ‘hybrid attacks’ ahead of presidential election  

Update on Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard  

Cybersecurity          

Court orders maker of Pegasus spyware to hand over code to WhatsApp  

There is no clear cybersecurity policy  

Companies Are Already Not Complying With The New SEC Cybersecurity Incident Disclosure Rules  

Treasury Sanctions Members of the Intellexa Commercial Spyware Consortium

AI tools put companies at risk of data exfiltration

Millions Of Google, WhatsApp, Facebook 2FA Security Codes Leak Online

Spyware makers express concern after US sanctions spyware veteran        

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)