A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
U.S. CISA adds Ivanti Cloud Services Appliance Vulnerability to its Known Exploited Vulnerabilities catalog |
Ivanti Cloud Service Appliance flaw is being actively exploited in the wild |
GitLab fixed a critical flaw in GitLab CE and GitLab EE |
New Linux malware called Hadooken targets Oracle WebLogic servers |
Lehigh Valley Health Network hospital network has agreed to a $65 million settlement after data breach |
Vo1d malware infected 1.3 Million Android-based TV Boxes in 197 countries |
Cybersecurity giant Fortinet discloses a data breach |
UK NCA arrested a teenager linked to the attack on Transport for London |
Singapore Police arrest six men allegedly involved in a cybercrime syndicate |
Adobe Patch Tuesday security updates fixed multiple critical issues in the company’s products |
Highline Public Schools school district suspended its activities following a cyberattack |
RansomHub ransomware gang relies on Kaspersky TDSKiller tool to disable EDR |
Ivanti fixed a maximum severity flaw in its Endpoint Management software (EPM) |
Microsoft Patch Tuesday security updates for September 2024 addressed four actively exploited zero-days |
Quad7 botnet evolves to more stealthy tactics to evade detection |
Poland thwarted cyberattacks that were carried out by Russia and Belarus |
U.S. CISA adds SonicWall SonicOS, ImageMagick and Linux Kernel bugs to its Known Exploited Vulnerabilities catalog |
Electronic payment gateway Slim CD disclosed a data breach impacting 1.7M individuals |
Experts demonstrated how to bypass WhatsApp View Once feature |
Predator spyware operation is back with a new infrastructure |
TIDRONE APT targets drone manufacturers in Taiwan |
Multiple malware families delivered exploiting GeoServer GeoTools flaw CVE-2024-36401 |
Progress Software fixed a maximum severity flaw in LoadMaster |
Feds indicted two alleged administrators of WWH Club dark web marketplace |
International Press – Newsletter
Cybercrime
Russian And Kazakhstani Men Indicted For Running Dark Web Criminal Marketplaces, Forums, And Trainings
Sextortion scam now use your “cheating” spouse’s name as a lure
Researchers trace massive data leak to US data broker: why should you care
Cyber-Attack on Payment Gateway Exposes 1.7 Million Credit Card Details
Highline Public Schools closes schools following cyberattack
In Wake of Durov Arrest, Some Cybercriminals Ditch Telegram
Six Persons To Be Charged For Offences In Relation To Illegal Cyber Activities
UK arrests teen linked to Transport for London cyber attack
Fortinet suffers third-party data breach affecting Asia-Pacific customers
Malware
Mythical Beasts and Where to Find Them: Mapping the Global Spyware Market and its Threats to National Security and Human Rights
Malware’s Shared Secrets: Code Similarity Insights for Ransomware Gangs Activities Tracking
Mallox ransomware: in-depth analysis and evolution
A glimpse into the Quad7 operators’ next moves and associated botnets
Ajina attacks Central Asia: Story of an Uzbek Android Pandemic
Void captures over a million Android TV boxes
Hacking
Watch the Typo: Our PoC Exploit for Typosquatting in GitHub Actions
Threat Actors Exploit GeoServer Vulnerability CVE-2024-36401
YubiKeys are vulnerable to cloning attacks thanks to newly discovered side channel
Once and Forever: WhatsApp’s View Once Functionality is Broken
PIXHELL Attack: Leaking Sensitive Information from Air-Gap Computers via `Singing Pixels’
Critical SonicWall SSLVPN bug exploited in ransomware attacks
Flipper Zero releases Firmware 1.0 after three years of development
DragonRank, a Chinese-speaking SEO manipulator service provider
CVE-2024-29847 Deep Dive: Ivanti Endpoint Manager AgentPortal Deserialization of Untrusted Data Remote Code Execution Vulnerability
Living off the land, GPO style
Intelligence and Information Warfare
DeFied Expectations — Examining Web3 Heists
Australian links revealed in global defence company scandal involving China, Russia and Iran
TIDRONE Targets Military and Satellite Industries in Taiwan
MI6 and CIA warn of ‘reckless campaign of sabotage across Europe’ being waged by Russia
Earth Preta Evolves its Attacks with New Malware and Strategies
Chinese APT Abuses VSCode to Target Government in Asia
Poland neutralises sabotage group linked to Belarus and Russia
Fake recruiter coding tests target devs with malicious Python packages
Cybersecurity
25 Ways to Make the SOC More Efficient and Avoid Team Burnout
An Open door
The September 2024 Security Update Review
The rise of fake influencers
Bug Left Some Windows PCs Dangerously Unpatched
YARA Rule Crafting: A Deep Dive into Signature-Based Threat Hunting Strategies
WordPress.org to require 2FA for plugin developers by October
Data Protection Commission launches inquiry into Google AI model
Building a Cybersecurity and Privacy Learning Program
UK Data Centers Gain Critical Infrastructure Status, Raising Green Belt Controversy
Record $65 Million Settlement Reached Between Saltz Mongeluzzi Bendesky and LVHN on Behalf of Cancer Patients Whose Nude Photos Were Hacked
Facebook scrapes photos of kids from Australian user profiles to train its AI
Global Cybersecurity Index
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)