A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
| A botnet exploits e GeoVision zero-day to compromise EoL devices |
| Palo Alto Networks confirmed active exploitation of recently disclosed zero-day |
| NSO Group used WhatsApp exploits even after Meta-owned company sued it |
| Glove Stealer bypasses Chrome’s App-Bound Encryption to steal cookies |
| Bitfinex hacker Ilya Lichtenstein was sentenced to 5 years in prison |
| U.S. CISA adds Palo Alto Networks Expedition bugs to its Known Exploited Vulnerabilities catalog |
| Hackers target critical flaw CVE-2024-10914 in EOL D-Link NAS Devices |
| China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials |
| Bitdefender released a decryptor for the ShrinkLocker ransomware |
| China’s Volt Typhoon botnet has re-emerged |
| Zoom addressed two high-severity issues in its platform |
| Microsoft Patch Tuesday security updates for November 2024 fix two actively exploited zero-days |
| Ahold Delhaize experienced a cyber incident affecting several of its U.S. brands |
| A cyberattack on payment systems blocked cards readers across stores and gas stations in Israel |
| Apple indeed added a feature called “inactivity reboot” in iOS 18.1 that reboots locked devices |
| Ymir ransomware, a new stealthy ransomware grow in the wild |
| Amazon discloses employee data breach after May 2023 MOVEit attacks |
| A new fileless variant of Remcos RAT observed in the wild |
| A surge in Pro-Russia cyberattacks after decision to monitor North Korean Troops in Ukraine |
| U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers |
International Press – Newsletter
Cybercrime
Amazon confirms employee data stolen after hacker claims MOVEit breach
Bitcoin Fog Founder Sentenced to 12 Years for Cryptocurrency Money Laundering
A new way we’re helping others track frauds and scams online
An Interview With the Target & Home Depot Hacker
Bitfinex Hacker Sentenced in Money Laundering Conspiracy Involving Billions in Stolen Cryptocurrency
Bitfinex Hacker Sentenced in Money Laundering Conspiracy Involving Billions in Stolen Cryptocurrency
Malware
New Campaign Uses Remcos RAT to Exploit Victims
Bengal cat lovers in Australia get psspsspss’d in Google-driven Gootloader campaign
Glove Stealer: Leveraging IElevator to Bypass App-Bound Encryption & Steal Sensitive Data
Ymir: new stealthy ransomware in the wild
Botnet exploits GeoVision zero-day to install Mirai malware
Hacking
Seoul accuses pro-Kremlin hackers of attacking websites over decision to monitor North Korean troops in Ukraine
Massive MOVEit Vulnerability Breach: Hacker Leaks Employee Data from Amazon, McDonald’s, HSBC, HP, and Potentially 1000+ Other Companies
DDoS cyberattack temporarily blocks Israeli credit card payments
GoIssue – The Tool Behind Recent GitHub Phishing Attacks
Fault Injection – Down the Rabbit Hole
Exploiting a Quarantine UAF Mitigation on a Custom Allocator Challenge
Command Injection Vulnerability in name parameter for D-Link NAS
PAN-OS Firewall Vulnerability Under Active Exploitation – IoCs Released
Intelligence and Information Warfare
U.S. Agency Warns Employees About Phone Use Amid Ongoing China Hack
APT Actors Embed Malware within macOS Flutter Applications
The Botnet is Back: SSC STRIKE Team Uncovers a Renewed Cyber Threat
Iranian “Dream Job” Campaign 11.24
Hamas-affiliated Threat Actor WIRTE Continues its Middle East Operations and Moves to Disruptive Activity
CVE-2024-43451: A New Zero-Day Vulnerability Exploited in the wild
Joint Statement from FBI and CISA on the People’s Republic of China (PRC) Targeting of Commercial Telecommunications Infrastructure
Malware Spotlight: A Deep-Dive Analysis of WezRat
Cybersecurity
iOS 18.1 added a new ‘Inactivity Reboot’ security feature for iPhone
The November 2024 Security Update Review
CISA Flags Two Actively Exploited Palo Alto Flaws; New RCE Attack Confirmed
Pregnancy Tracking App ‘What to Expect’ Refuses to Fix Issue that Allows Full
New Apple security feature reboots iPhones after 3 days, researchers confirm
NSO Group used WhatsApp exploits after the messaging app sued the spyware developer, court filing says
Insights and Current Gaps in Open-Source LLM Vulnerability Scanners: A Comparative Analysis
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)
