Security Affairs newsletter Round 469 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Hackers may have accessed thousands of accounts on the California state welfare platform
Brokewell Android malware supports an extensive set of Device Takeover capabilities
Experts warn of an ongoing malware campaign targeting WP-Automatic plugin
Cryptocurrencies and cybercrime: A critical intermingling
Kaiser Permanente data breach may have impacted 13.4 million patients
Over 1,400 CrushFTP internet-facing servers vulnerable to CVE-2024-4040 bug
Sweden’s liquor supply severely impacted by ransomware attack on logistics company
CISA adds Cisco ASA and FTD and CrushFTP VFS flaws to its Known Exploited Vulnerabilities catalog
CISA adds Microsoft Windows Print Spooler flaw to its Known Exploited Vulnerabilities catalog
DOJ arrested the founders of crypto mixer Samourai for facilitating $2 Billion in illegal transactions
Google fixed critical Chrome vulnerability CVE-2024-4058
Nation-state actors exploited two zero-days in ASA and FTD firewalls to breach government networks
Hackers hijacked the eScan Antivirus update mechanism in malware campaign
US offers a $10 million reward for information on four Iranian nationals
The street lights in Leicester City cannot be turned off due to a cyber attack
North Korea-linked APT groups target South Korean defense contractors
U.S. Gov imposed Visa restrictions on 13 individuals linked to commercial spyware activity
A cyber attack paralyzed operations at Synlab Italia
Hackers threaten to leak a copy of the World-Check database used to assess potential risks associated with entities
Windows DOS-to-NT flaws exploited to achieve unprivileged rootkit-like capabilities
A flaw in the Forminator plugin impacts hundreds of thousands of WordPress sites
Akira ransomware received $42M in ransom payments from over 250 victims
DuneQuixote campaign targets the Middle East with a complex backdoor

International Press Newsletter

Cybercrime    

Malware dev lures child exploiters into honeytrap to extort them

Hackers are threatening to leak World-Check, a huge sanctions and financial crimes watchlist  

Founders And CEO Of Cryptocurrency Mixing Service Arrested And Charged With Money Laundering And Unlicensed Money Transmitting Offenses 

Alcohol sales disrupted in Sweden after reported ransomware attack      

Health insurance giant Kaiser will notify millions of a data breach after sharing patients’ data with advertisers

Russian FSB Counterintelligence Chief Gets 9 Years in Cybercrime Bribery Scheme  

Malware

#StopRansomware: Akira Ransomware

Malvertising campaign targeting IT teams with MadMxShell      

GuptiMiner: Hijacking Antivirus Updates for Distributing Backdoors and Casual Mining  

New Malware Campaign Targets WP-Automatic Plugin  

Brokewell: do not go broke from new banking malware! 

Hacking 

MagicDot: A Hacker’s Magic Show of Disappearing Dots and Spaces

Leicester street lights stuck on all day due to cyber attack  

Unauthenticated CrushFTP Zero-Day Enables Complete Server Compromise  

GPT-4 can exploit security flaws on its own, study shows

Hackers accessed more than 19,000 accounts on California state welfare platform     

Android TVs Can Expose User Email Inboxes

Uncorking Old Wine: Zero-Day from 2017 + Cobalt Strike Loader in Unholy Alliance   

Intelligence and Information Warfare 

DuneQuixote campaign targets Middle Eastern entities with “CR4T” malware

Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials   Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials   

North Korea hacking teams hack South Korea defence contractors – police

Treasury Designates Iranian Cyber Actors Targeting U.S. Companies and Government Agencies       

ArcaneDoor – New espionage-focused campaign found targeting perimeter network devices  

Israel Tried to Keep Sensitive Spy Tech Under Wraps. It Leaked Abroad    

Australia’s spy chief warns AI set to inflame radicalisation 

German spy agency warns companies against being too “naive” on China  

Cybersecurity   

Promoting Accountability for the Misuse of Commercial Spyware  

Google Patches Critical Chrome Vulnerability  

2023: A ‘Good’ Year for OT Cyberattacks     

Chaturbate Will Pay Texas $675,000 for Violating New Porn Age Verification Law

UK’s Investigatory Powers Bill to become law despite tech world opposition

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Follow me on Twitter: @securityaffairs and Facebook and Mastodon