Security Affairs newsletter Round 493 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

A cyber attack hit Iranian government sites and nuclear facilities
Ransomware operators exploited Veeam Backup & Replication flaw CVE-2024-40711 in recent attacks
GitLab fixed a critical flaw that could allow arbitrary CI/CD pipeline execution
Iran and China-linked actors used ChatGPT for preparing attacks
Internet Archive data breach impacted 31M users
E-skimming campaign uses Unicode obfuscation to hide the Mongolian Skimmer
U.S. CISA adds Ivanti CSA and Fortinet bugs to its Known Exploited Vulnerabilities catalog
Mozilla issued an urgent Firefox update to fix an actively exploited flaw
Palo Alto fixed critical flaws in PAN-OS firewalls that allow for full compromise of the devices
Cybercriminals Are Targeting AI Conversational Platforms
Awaken Likho APT group targets Russian government with a new implant
U.S. CISA adds Windows and Qualcomm bugs to its Known Exploited Vulnerabilities catalog
Three new Ivanti CSA zero-day actively exploited in attacks
Ukrainian national pleads guilty in U.S. court for operating the Raccoon Infostealer
Qualcomm fixed a zero-day exploited limited, targeted attacks
MoneyGram discloses data breach following September cyberattack
American Water shut down some of its systems following a cyberattack
Universal Music data breach impacted 680 individuals
Cyber warfare
Kyiv’s hackers launched an unprecedented cyber attack on Russian state media VGTRK on Putin’s birthday
FBCS data breach impacted 238,000 Comcast customers
Critical Apache Avro SDK RCE flaw impacts Java applications
Man pleads guilty to stealing over $37 Million worth of cryptocurrency
U.S. CISA adds Synacor Zimbra Collaboration flaw to its Known Exploited Vulnerabilities catalog
China-linked group Salt Typhoon hacked US broadband providers and breached wiretap systems
Google Pixel 9 supports new security features to mitigate baseband attacks

International Press – Newsletter

Cybercrime  

Indiana Man Pleads Guilty to Conspiracies Involving Cyber Intrusion and $37 Million Cryptocurrency Theft 

Recognition Tech onto Meta’s Smart Glasses to Instantly Dox Strangers  

MoneyGram says hackers stole customers’ personal information and transaction data  

Ukrainian National Pleads Guilty to “Raccoon Infostealer” Cybercrime  

Not All Fun and Games: Lua Malware Targets Educational Sector and Student Gaming Engines

Lamborghini Carjackers Lured by $243M Cyberheist 

69,000 Bitcoins Are Headed for the US Treasury—While the Agent Who Seized Them Is in Jail  

Timeshare Owner? The Mexican Drug Cartels Want You  

Casio: Notice of Partial Service Outage and Information Leak Caused by Ransomware Attack

He founded a “startup” to access sanctioned Russian websites: the cyber police of Khmelnytskyi region exposed the hacker  

Hacked ‘AI Girlfriend’ Data Shows Prompts Describing Child Sexual Abuse  

Malware

Over 300,000! GorillaBot: The New King of DDoS Attacks

Hidden cryptocurrency mining and theft campaign affected over 28,000 users  

The Mongolian Skimmer: different clothes, equally dangerous   

Ransomware Report: Unveiling Trends in Attack Payouts and Negotiations  

Hacking

Qualcomm Urges OEMs to Patch Critical DSP and WLAN Flaws Amid Active Exploits

Zero-Day Alert: Three Critical Ivanti CSA Vulnerabilities Actively Exploited

Mozilla fixes Firefox zero-day actively exploited in attacks

Palo Alto Expedition: From N-Day to Full Compromise  

LLM attacks take just 42 seconds on average, 20% of jailbreaks succeed   

Twitter Bot Network

The Internet Archive is under attack, with a breach revealing info for 31 million accounts     

Intelligence and Information Warfare 

U.S. Wiretap Systems Targeted in China-Linked Hack       

Hacker attack disrupts Russian state media on Putin’s birthday

Awaken Likho is awake: new techniques of an APT group

Mind the (air) gap: GoldenJackal gooses government guardrails  

Contagious Interview: DPRK Threat Actors Lure Tech Industry Job Seekers to Install New Variants of BeaverTail and InvisibleFerret Malware

Navigating the Shadows: An In-Depth Analysis of Iranian APTs and Their Evolving Threat Landscape in 2024 

OpenAI Report: Influence and cyber operations: an update 

NSA cyber chief: Espionage is now Russia’s focus for cyberattacks on Ukraine 

Iran Hit By ‘Heavy Cyberattacks’ Targeting Its Nuclear Facilities Amid Middle East Tensions

Update on SVR Cyber Operations and Vulnerability Exploitation  

Cybersecurity

America’s allies are shifting: Cyberspace is about persistence, not deterrence
Global State of CPS Security report 

About a quarter million Comcast subscribers had their data stolen from debt collector

Vulnerable APIs and Bot Attacks Costing Businesses Up to $186 Billion Annually

American Water shuts down online services after cyberattack

Rise of the robots: AI to shape UK defense review 

Managing Cybersecurity in the Age of Artificial Intelligence 

New Ponemon Report Shows Awareness of Cyber Risks to Healthcare Organizations is not Always Translating to Adequate Protections

Best Practices to Configure BIG-IP LTM Systems to Encrypt HTTP Persistence Cookies       

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)