Security Affairs newsletter Round 485 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Large-scale extortion campaign targets publicly accessible environment variable files (.env)
OpenAI dismantled an Iranian influence operation targeting the U.S. presidential election
National Public Data confirms a data breach
Banshee Stealer, a new macOS malware with a monthly subscription price of $3,000
Millions of Pixel devices can be hacked due to a pre-installed vulnerable app
ValleyRAT malware is targeting Chinese-speaking users
Microsoft urges customers to fix zero-click Windows RCE in the TCP/IP stack
A group linked to RansomHub operation employs EDR-killing tool EDRKillShifter
Google disrupted hacking campaigns carried out by Iran-linked APT42
Black Basta ransomware gang linked to a SystemBC malware campaign
A massive cyber attack hit Central Bank of Iran and other Iranian banks
China-linked APT Earth Baku targets Europe, the Middle East, and Africa
SolarWinds addressed a critical RCE in all Web Help Desk versions
Kootenai Health data breach impacted 464,000 patients
Microsoft Patch Tuesday security updates for August 2024 addressed six actively exploited bugs
A PoC exploit code is available for critical Ivanti vTM bug
Elon Musk claims that a DDoS attack caused problems with the livestream interview with Donald Trump
CERT-UA warns of a phishing campaign targeting government entities
US DoJ dismantled remote IT worker fraud schemes run by North Korea
A FreeBSD flaw could allow remote code execution, patch it now!
EastWind campaign targets Russian organizations with sophisticated backdoors
Microsoft found OpenVPN bugs that can be chained to achieve RCE and LPE
Foreign nation-state actors hacked Donald Trump’s campaign
Malware
ADT disclosed a data breach that impacted more than 30,000 customers

International Press – Newsletter

Cybercrime  

Hackers leak 2.7 billion data records with Social Security numbers

Disrupting Russian Cybercrime: WWH-Club Admins Arrested  

International Investigation Leads to Shutdown of Ransomware Group  

Six ransomware gangs behind over 50% of 2024 attacks

Kootenai Health Data Breach

Unconfirmed Hack of 2.9 Billion Records at National Public Data Sparks Media Frenzy Amid Lawsuits 

Suspected head of prolific cybercrime groups arrested and extradited  

Texas firm says it lost $60M in a bank wire transfer scam  

Russian Citizen Sentenced to 40 Months for Selling Stolen Financial Information on the Criminal Internet Marketplace Slilpp  

Ransomware attack on Flint affecting city services as FBI investigates incident  

Inside the “3 Billion People” National Public Data Breach  

NationalPublicData.com Hack Exposes a Nation’s Data

Leaked Environment Variables Allow Large-Scale Extortion Operation of Cloud Environments      

Malware

Deciphering the Brain Cipher Ransomware  

Ideal typosquat ‘solana-py’ steals your crypto wallet keys  

Ransomware attackers introduce new EDR killer to their arsenal

A Deep Dive into a New ValleyRAT Campaign Targeting Chinese Speakers

Tusk: unraveling a complex infostealer campaign      

Hacking

Chained for attack: OpenVPN vulnerabilities discovered leading to RCE and LPE 

Musk’s interview with Trump marred by technical glitches 

GhostWrite Attack    

Massive cyberattack rocks Central Bank of Iran, computer system paralyzed – report

Ongoing Social Engineering Campaign Refreshes Payloads  

Threat Actor Tools Found that Bypass Antivirus, Delete Backups, Disable Systems   

Want to Win a Bike Race? Hack Your Rival’s Wireless Shifters 

Zero-Click Exploit Concerns Drive Urgent Patching of Windows TCP/IP Flaw 

iVerify Discovers Android Vulnerability Impacting Millions of Pixel Devices Around the World  

CVE-2024-38213: Copy2Pwn Exploit Evades Windows Web Protections  

Unicoin hints at potential data meddling after G-Suite compromise

Intelligence and Information Warfare 

We received internal Trump documents from ‘Robert.’ Then the campaign confirmed it was hacked

EastWind Campaign: New CloudSorcerer Attacks on Russian Government Organizations

Justice Department Disrupts North Korean Remote IT Worker Fraud Schemes Through Charges and Arrest of Nashville Facilitator

UAC-0198: Widespread Distribution of ANONVNC (MESHAGENT) Among Ukrainian Government Organizations

A Dive into Earth Baku’s Latest Campaign  

Pentagon to Conduct Massive Experiment for Connect-Everything Initiative 

Iranian backed group steps up phishing campaigns against Israel, U.S.      

NATO must recognize the potential of open-source intelligence  

Disrupting a covert Iranian influence operation 

Trump campaign hack-and-leak appears like a rerun of 2016. This time, media outlets are responding differently  

Cybersecurity

OpenSSH pre-authentication async signal safety issue  

THE AUGUST 2024 SECURITY UPDATE REVIEW  

NIST finalizes trio of post-quantum encryption standards

German Cyber Agency Wants Changes in Microsoft, CrowdStrike Products After Tech Outage  

Inside the FBI’s Dashboard for Wiretapping the World  

Quantum Computers Will Kill Digital Security. These Algorithms Could Stop Them  

An A.I.-powered version of Mr. Musk has appeared in thousands of inauthentic ads, contributing to billions in fraud   

After nearly 3B personal records leak online, Florida data broker confirms it was ransacked by cyber-thieves

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)