Security Affairs newsletter Round 472 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

North Korea-linked IT workers infiltrated hundreds of US firms
Turla APT used two new backdoors to infiltrate a European ministry of foreign affairs
City of Wichita disclosed a data breach after the recent ransomware attack
CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalog
CISA adds Google Chrome zero-days to its Known Exploited Vulnerabilities catalog
North Korea-linked Kimsuky APT attack targets victims via Messenger
Electronic prescription provider MediSecure impacted by a ransomware attack
Google fixes seventh actively exploited Chrome zero-day this year, the third in a week
Santander: a data breach at a third-party provider impacted customers and employees
FBI seized the notorious BreachForums hacking forum
A Tornado Cash developer has been sentenced to 64 months in prison
Adobe fixed multiple critical flaws in Acrobat and Reader
Ransomware attack on Singing River Health System impacted 895,000 people
Microsoft Patch Tuesday security updates for May 2024 fixes 2 actively exploited zero-days
VMware fixed zero-day flaws demonstrated at Pwn2Own Vancouver 2024
MITRE released EMB3D Threat Model for embedded devices
Google fixes sixth actively exploited Chrome zero-day this year
Phorpiex botnet sent millions of phishing emails to deliver LockBit Black ransomware
Threat actors may have exploited a zero-day in older iPhones, Apple warns
City of Helsinki suffered a data breach
Russian hackers defaced local British news sites
Australian Firstmac Limited disclosed a data breach after cyber attack
Pro-Russia hackers targeted Kosovo’s government websites
As of May 2024, Black Basta ransomware affiliates hacked over 500 organizations worldwide

International Press – Newsletter

Cybercrime    

New LockBit Black Campaign Observed  

Developer of Tornado Cash gets jail sentence for laundering billions of dollars in cryptocurrency  

Australian government investigating ‘large-scale ransomware’ data breach of script provider MediSecure   

Boeing confirms attempted $200 million ransomware extortion attempt  

Personal Information Stolen in City of Wichita Ransomware Attack

Attribution Matters!? Eight Names of Ransomware Actors Revealed, So What?  

Malware

Linux maintainers were infected for 2 years by SSH-dwelling backdoor with huge reach

400,000 Linux Servers Hit by Ebury Botnet    

To the Moon and back(doors): Lunar landing in diplomatic missions  

Springtail: New Linux Backdoor Added to Toolkit  

Hacking 

Third Chrome Zero-Day Patched by Google Within One Week 

Cyber Official Speaks Out, Reveals Mobile Network Attacks in U.S.  

Hackers Moving To AI But Lacking Behind The Defenders In Adoption Rates  

Kimsuky APT attack discovered using Facebook and MS management console   

Intelligence and Information Warfare 

Russian Hackers Accused of Cyberattacks on Kosovo Government Websites 

OSINT overdose: Intelligence agencies seek new ways to manage surge of open-source intel  

Russia directing hackers to attack UK and west, says director of GCHQ  

AI spy: Microsoft launches covert chatbot for US intel agencies

U.S. elections face more threats from foreign actors and artificial intelligence  

China-linked group uses malware to try to spy on commercial shipping, new report says  

Cybersecurity   

Helsinki suffers data breach after hackers exploit unpatched flaw

The MITRE EMB3D™ Threat Model

THE MAY 2024 SECURITY UPDATE REVIEW      

Santander Data Breach Impacts Customers, Employees  

Mysterious actor spills over 1.2B records on Chinese users   

Charges and Seizures Brought in Fraud Scheme Aimed at Denying Revenue for Workers Associated with North Korea   

U.S. elections face more threats from foreign actors and artificial intelligence      

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)