Security Affairs newsletter Round 474 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Ticketmaster confirms data breach impacting 560 million customers
Critical Apache Log4j2 flaw still threatens global finance
Crooks stole more than $300M worth of Bitcoin from the exchange DMM Bitcoin
ShinyHunters is selling data of 30 million Santander customers
Over 600,000 SOHO routers were destroyed by Chalubo malware in 72 hours 
LilacSquid APT targeted organizations in the U.S., Europe, and Asia since at least 2021
BBC disclosed a data breach impacting its Pension Scheme members
CISA adds Check Point Quantum Security Gateways and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog
Experts found a macOS version of the sophisticated LightSpy spyware
Operation Endgame, the largest law enforcement operation ever against botnets
Law enforcement operation dismantled 911 S5 botnet
Okta warns of credential stuffing attacks targeting its Cross-Origin Authentication feature
Check Point released hotfix for actively exploited VPN zero-day
BreachForums resurrected after FBI seizure
ABN Amro discloses data breach following an attack on a third-party provider
Christie disclosed a data breach after a RansomHub attack
Experts released PoC exploit code for RCE in Fortinet SIEM
WordPress Plugin abused to install e-skimmers in e-commerce sites
TP-Link Archer C5400X gaming router is affected by a critical flaw
Sav-Rx data breach impacted over 2.8 million individuals
The Impact of Remote Work and Cloud Migrations on Security Perimeters
New ATM Malware family emerged in the threat landscape
A high-severity vulnerability affects Cisco Firepower Management Center
CERT-UA warns of malware campaign conducted by threat actor UAC-0006
Malware-laced JAVS Viewer deploys RustDoor implant in supply chain attack

International Press – Newsletter

Cybercrime  

Into the Lion’s Den Inside the Growing Risk of Gift Card Fraud  

Phishing with Cloudflare Workers: Transparent Phishing and HTML Smuggling  

Christie’s Confirms Data Breach After Ransomware Group Claims Attack  

Breach Forums Return to Clearnet and Dark Web Despite FBI Seizure

Treasury Sanctions a Cybercrime Network Associated with the 911 S5 Botnet  

911 S5 Botnet Dismantled and Its Administrator Arrested in Coordinated International Operation  

Largest ever operation against botnets hits dropper malware ecosystem   

Hackers steal $305M from DMM Bitcoin crypto exchange 

Ticketmaster confirms data hack which could affect 560m globally

How a Nigerian influencer, North Korean hacker and Canadian scammer committed fraud worldwide        

Malware

New ATM Malware Threatens European Banking Security   

Server Side Credit Card Skimmer Lodged in Obscure Plugin   

LightSpy: Implant for macOS  

The Pumpkin Eclipse  

Hacking 

Remote Command Execution on TP-Link Archer C5400X 

CVE-2024-23108: Fortinet FortiSIEM 2nd Order Command Injection Deep-Dive   

Important Security Update – Stay Protected Against VPN Information Disclosure (CVE-2024-24919)

Detecting Cross-Origin Authentication Credential Stuffing Attacks     

Recent ‘MFA Bombing’ Attacks Targeting Apple Users

Intelligence and Information Warfare 

NATO holds first meeting of Critical Undersea Infrastructure Network  

CERT-UA warns: Ukrainian finances targeted with SmokeLoader malware  

How the DOJ is using a Civil War-era law to enforce corporate cybersecurity  

LilacSquid: The stealthy trilogy of PurpleInk, InkBox and InkLoader  

GRU’s BlueDelta Targets Key Networks in Europe with Multi-Phase Espionage Campaigns  

OpenAI models used in nation-state influence campaigns, company says  

Cybersecurity  

Stop Using “SLA” When Discussing Vulnerabilities  

How to Identify and Remove VPN Applications That Contain 911 S5 Back Doors  

Multiple botnets dismantled in largest international ransomware operation ever  

HUGE Google Search document leak reveals inner workings of ranking algorithm       

NIST Getting Outside Help for National Vulnerability Database

Cybersecurity Education Maturity Assessment  

‘It’s putting patients’ lives in danger’: Nurses say ransomware attack is stressing hospital operations   

Could the Next War Begin in Cyberspace?   

OpenAI’s Altman Sidesteps Questions About Governance, Johansson at UN AI Summit

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)