A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
GootLoader is still active and efficient |
Hackers stole OpenAI secrets in a 2023 security breach |
Hackers leak 170k Taylor Swift’s ERAS Tour Barcodes |
Polyfill.io Supply Chain Attack: 384,773 hosts still embedding a polyfill JS script linking to the malicious domain |
New Golang-based Zergeca Botnet appeared in the threat landscape |
Microsoft discloses 2 flaws in Rockwell Automation PanelView Plus |
Hackers compromised Ethereum mailing list and launched a crypto draining attack |
OVHcloud mitigated a record-breaking DDoS attack in April 2024 |
Healthcare fintech firm HealthEquity disclosed a data breach |
Brazil data protection authority bans Meta from training AI models with data originating in the country |
Splunk fixed tens of flaws in Splunk Enterprise and Cloud Platform |
Polish government investigates Russia-linked cyberattack on state news agency |
Evolve Bank data breach impacted fintech firms Wise and Affirm |
Prudential Financial data breach impacted over 2.5 million individuals |
Australian man charged for Evil Twin Wi-Fi attacks on domestic flights |
China-linked APT exploited Cisco NX-OS zero-day to deploy custom malware |
Critical unauthenticated remote code execution flaw in OpenSSH server |
Monti gang claims the hack of the Wayne Memorial Hospital in Pennsylvania |
Juniper Networks fixed a critical authentication bypass flaw in some of its routers |
Threat actors actively exploit D-Link DIR-859 router flaw CVE-2024-0769 |
Russia-linked Midnight Blizzard stole email of more Microsoft customers |
Russia-linked group APT29 likely breached TeamViewer’s corporate network |
International Press – Newsletter
Cybercrime
USD 257 million seized in global police crackdown against online scams
Man charged over creation of ‘evil twin’ free WiFi networks to access personal data
Europol coordinates global action against criminal abuse of Cobalt Strike
Twilio says hackers identified cell phone numbers of two-factor app Authy users
HealthEquity data breach exposes protected health information
The Rise of Packet Rate Attacks: When Core Routers Turn Evil
Free Tickets? Fraud Alert: Hackers Leak Taylor Swift’s ERAS Tour Barcodes Targeting Ticketmaster
Some data is ‘breached’ during a hacking attack on the Alabama Education Department
Malware
CapraTube Remix | Transparent Tribe’s Android Spyware Targeting Gamers, Weapons Enthusiasts
Supply Chain Compromise Leads to Trojanized Installers for Notezilla, RecentX, Copywhiz
MerkSpy: Exploiting CVE-2021-40444 to Infiltrate Systems
Meet Brain Cipher — The new ransomware behind Indonesia’s data center attack
Hacking
Perma-Vuln: D-Link DIR-859, CVE-2024-0769
regreSSHion: Remote Unauthenticated Code Execution Vulnerability in OpenSSH server
Apple IDs Targeted in US Smishing Campaign
High-Precision Branch Target Injection Attacks Exploiting the Indirect Branch Predictor
blog.ethereum.org mailing list incident
July 2: Polyfill.io Supply Chain Attack – Digging into the Web of Compromised Domains
New Intel CPU Vulnerability ‘Indirector’ Exposes Sensitive Data
Attack Cases Against HTTP File Server (HFS) (CVE-2024-23692)
Intelligence and Information Warfare
TeamViewer IT security update
How the CIA is using generative AI — now and into the future
China-Nexus Threat Group ‘Velvet Ant’ Exploits Cisco Zero-Day (CVE-2024-20399) to Compromise Nexus Switch Devices – Advisory for Mitigation and Response
UN urges Russia to ‘immediately’ cease interference in European satellites
Polish news agency probably hit by Russian cyberattack, minister says
How Intelligence Sharing Can Help Keep Major Worldwide Sporting Events on Track
Cybersecurity
If you’re using Polyfill.io code on your site – like 100,000+ are – remove it immediately
Fintech company Wise says some customers affected by Evolve Bank data breach
Brazil data regulator bans Meta from mining data to train AI models
Vulnerabilities in PanelView Plus devices could lead to remote code execution
A Hacker Stole OpenAI Secrets, Raising Fears That China Could, Too
There’s a new government in the UK. What can we expect from it on cyber?
Ticketmaster discredits dark web claims of stolen barcodes for Taylor Swift concerts
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)