Security Affairs newsletter Round 490 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Hackers stole over $44 million from Asian crypto platform BingX
OP KAERB: Europol dismantled phishing scheme targeting mobile users
Ukraine bans Telegram for government agencies, military, and critical infrastructure
Tor Project responded to claims that law enforcement can de-anonymize Tor users
UNC1860 provides Iran-linked APTs with access to Middle Eastern networks
US DoJ charged two men with stealing and laundering $230 Million worth of cryptocurrency
The Vanilla Tempest cybercrime gang used INC ransomware for the first time in attacks on the healthcare sector
U.S. CISA adds new Ivanti Cloud Services Appliance Vulnerability to its Known Exploited Vulnerabilities catalog
Ivanti warns of a new actively exploited Cloud Services Appliance (CSA) flaw
International law enforcement operation dismantled criminal communication platform Ghost
U.S. CISA adds Microsoft Windows, Apache HugeGraph-Server, Oracle JDeveloper, Oracle WebLogic Server, and Microsoft SQL Server bugs to its Known Exploited Vulnerabilities catalog
SIEM for Small and Medium-Sized Enterprises: What you need to know
Antivirus firm Dr.Web disconnected all servers following a cyberattack
Experts warn of China-linked APT’s Raptor Train IoT Botnet
Credential Flusher, understanding the threat and how to protect your login data
U.S. Treasury issued fresh sanctions against entities linked to the Intellexa Consortium
Broadcom fixed Critical VMware vCenter Server flaw CVE-2024-38812
Remote attack on pagers used by Hezbollah caused 9 deaths and thousands of injuries
Chinese man charged for spear-phishing against NASA and US Government
Data Breach
Qilin ransomware attack on Synnovis impacted over 900,000 patients
D-Link addressed three critical RCE in wireless router models
Apple dismisses lawsuit against surveillance firm NSO Group due to risk of threat intelligence exposure
Hacker tricked ChatGPT into providing detailed instructions to make a homemade bomb
Port of Seattle confirmed that Rhysida ransomware gang was behind the August attack

International Press – Newsletter

Cybercrime  

Bad Stark! The cybercriminal’s playground

The Dark Nexus Between Harm Groups and ‘The Com’

Phishing Pages Delivered Through Refresh HTTP Response Header  

How scammers bypass customer identity verification using deepfakes 

Data on nearly 1 million NHS patients leaked online following ransomware attack on London hospitals  

Chinese National Charged for Multi-Year “Spear-Phishing” Campaign  

Police Hack Into ‘Ghost’, An Encrypted Platform for Criminals 

Global Coalition Takes Down New Criminal Communication Platform  

Storm clouds on the horizon: Resurgence of TeamTNT?  

Indictment Charges Two in $230 Million Cryptocurrency Scam  

An international criminal network dedicated to unlocking stolen mobile phones and stealing the digital lives of victims has been dismantled  

More than $44 million in cryptocurrency stolen from Singaporean platform BingX  

Malware

CISA warns of Windows flaw used in infostealer malware attacks

Exotic SambaSpy is now dancing with Italian users  

Loki: a new private agent for the popular Mythic framework  

Microsoft: US Healthcare Sector Targeted by INC Ransomware Affiliate  

Hacking

Hacker tricks ChatGPT into giving out detailed instructions for making homemade bombs   

Microsoft Says Recent Windows Vulnerability Exploited as Zero-Day 

Sabotage by Signal: An Investigative Report into Lebanon’s Deadly Pager Explosions and How Cyber Warfare Hijacked Communication  

China Using Powerful Hacking Firms to Run Its Espionage War  

US government ‘took control’ of a botnet run by Chinese government hackers, says FBI director  

Ivanti warns of another critical CSA flaw exploited in attacks

Password Spraying Detection in Active Directory  

Air-Gapped Networks Vulnerable to Acoustic Attack via LCD Screens  

A Journey From sudo iptables To Local Privilege Escalation  

This Windows PowerShell Phish Has Scary Potential  

Intelligence and Information Warfare 

US Space Forces stops use of AI tools for information security concerns  

North Korean Hackers Target Cryptocurrency Users on LinkedIn with RustDoor Malware

Hezbollah vows to punish Israel after pager explosions across Lebanon  

Hezbollah pagers explode across Lebanon, causing thousands of injuries  

An Offer You Can Refuse: UNC2970 Backdoor Deployment Using Trojanized PDF Reader  

Derailing the Raptor Train

An Offer You Can Refuse: UNC2970 Backdoor Deployment Using Trojanized PDF Reader   

Russian election interference efforts focus on the Harris-Walz campaign 

UNC1860 and the Temple of Oats: Iran’s Hidden Hand in Middle Eastern Networks  

The NCCC has decided to restrict the use of Telegram in government agencies, military formations, and critical infrastructure facilities

Spotlight, Spy Way of Life | France The Peninsula Paris, a luxury hotel turned spy hub by Gaza and Ukraine crisis  

Cybersecurity

Apple seeks to drop its lawsuit against Israeli spyware pioneer NSO 

Enterprise ServiceNow Knowledge Bases at Risk: Extensive Data Exposures Uncovered 

Treasury Sanctions Enablers of the Intellexa Commercial Spyware Consortium  

NSA’s secret Amazon-developed cloud environment progressing ‘very well’  

Chrome Introduces One-Time Permissions and Enhanced Safety Check for Safer Browsing

Discord launches end-to-end encrypted voice and video chats  

Doctor Web resumed virus database updates after the attack on its infrastructure

Apple’s new macOS Sequoia update is breaking some cybersecurity tools     

“Bad Romance”: How Kaspersky Lab Failed to Conquer the Western Cybersecurity Market

Is Tor still safe to use?

Investigations in the so-called darknet: Law enforcement agencies undermine Tor anonymisation     

CISA boss: Makers of insecure software are the real cyber villains

FTC exposes massive surveillance of kids, teens by social media giants

Former OpenAI Employee Leaks AGI Progress Documents to Congress  

Internet surveillance firm Sandvine says it’s leaving 56 ‘non-democratic’ countries  

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Subscribe to the newsletter for free here:

https://www.linkedin.com/build-relation/newsletter-follow?entityUrn=7093942975545667584

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)