A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
| 15 SpyLoan Android apps found on Google Play had over 8 million installs |
| Notorious ransomware programmer Mikhail Pavlovich Matveev arrested in Russia |
| Phishing-as-a-Service Rockstar 2FA continues to be prevalent |
| Zello urges users to reset passwords following a cyber attack |
| A cyberattack impacted operations at UK Wirral University Teaching Hospital |
| T-Mobile detected network intrusion attempts and blocked them |
| ProjectSend critical flaw actively exploited in the wild, experts warn |
| Bootkitty is the first UEFI Bootkit designed for Linux systems |
| VMware fixed five vulnerabilities in Aria Operations product |
| Operation Serengeti: INTERPOL arrested 1,006 suspects in 19 African countries |
| How DSPM Helps Businesses Meet Compliance Requirements |
| Russian group RomCom exploited Firefox and Tor Browser zero-days to target attacks Europe and North America |
| Software firm Blue Yonder providing services to US and UK stores, including Starbucks, hit by ransomware attack |
| The source code of Banshee Stealer leaked online |
| U.S. CISA adds Array Networks AG and vxAG ArrayOS flaw to its Known Exploited Vulnerabilities catalog |
| Thai police arrested Chinese hackers involved in SMS blaster attacks |
| Zyxel firewalls targeted in recent ransomware attacks |
| Malware campaign abused flawed Avast Anti-Rootkit driver |
| Russia-linked APT TAG-110 uses targets Europe and Asia |
| Russia-linked threat actors threaten the UK and its allies, minister to say |
| DoJ seized credit card marketplace PopeyeTools and charges its administrators |
International Press – Newsletter
Cybercrime
Chinese cybercrime bust in thailand, over 700 million calls using fake ’02’ numbers
Software company providing services to US and UK grocery stores says it was hit by ransomware attack
Hacker in Snowflake Extortions May Be a U.S. Soldier
Major cybercrime operation nets 1,006 suspects
UK hospital network postpones procedures after cyberattack
Tether Has Become a Massive Money Laundering Tool for Mexican Drug Traffickers, Feds Say
Florida Telecommunications and Information Technology Worker Sentenced for Conspiring to Act as Agent of Chinese Government
Rockstar 2FA: A Driving Force in Phishing-as-a-Service (PaaS)
Rockstar 2FA Phishing-as-a-Service (PaaS): Noteworthy Email Campaigns
A programmer wanted by the FBI will be tried in Kaliningrad
11 arrested in Europol shutdown of illegal IPTV streaming networks
Uganda confirms hack of central bank accounts, official downplays extent of loss
Malware
PyPI Python Library “aiocpa” Found Exfiltrating Crypto Keys via Telegram Bot
Bootkitty: Analyzing the first UEFI bootkit for Linux
Gaming Engines: An Undetected Playground for Malware Loaders
Dozens of Machines Infected: Year-Long NPM Supply Chain Attack Combines Crypto Mining and Data Theft
SpyLoan: A Global Threat Exploiting Social Engineering
Hacking
Recent Zyxel Firewall Vulnerability Exploited in Ransomware Attacks
Zyxel USG FLEX and ATP series – Upgrading your device and ALL credentials to avoid hackers’ attacks
RomCom exploits Firefox and Windows zero days in the wild
Palo Alto GlobalProtect – RCE and Privilege Escalation via Malicious VPN Server (CVE-2024-5921)
ProjectSend CVE-2024-11680 Exploited in the Wild
Are You Already In The Matrix—35 Million Devices Under Blue Pill Attack
Over Two Dozen Flaws Identified in Advantech Industrial Wi-Fi Access Points – Patch ASAP
Intelligence and Information Warfare
Russia-Aligned TAG-110 Targets Asia and Europe with HATVIBE and CHERRYSPY
Russia ready to wage cyber war on UK, minister to say
China-Nexus TAG-112 Compromises Tibetan Websites to Distribute Cobalt Strike
Unveiling the Past and Present of APT-K-47 Weapon: Asyncshell
UK seeks collaboration for security research lab to counter Russia and ‘new AI arms race’
Microsoft shares latest intelligence on North Korean and Chinese threat actors at CYBERWARCON
Game of Emperor: Unveiling Long Term Earth Estries Cyber Intrusions
An Update on Recent Cyberattacks Targeting the US Wireless Companies
“Operation Undercut” Shows Multifaceted Nature of SDA’s Influence Operations
Cybersecurity
Introducing Restore Credentials: Effortless account restoration for Android apps
Bipartisan Legislation Seeks Stronger Healthcare Cybersecurity
Generative AI Under Attack: Flowbreaking Exploits Trigger Data Leaks
GenAI Tools and Decision-Making: Beware a New Control Trap
Microsoft Hacking Warning—450 Million Windows Users Must Now Act
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)