Security Affairs newsletter Round 503 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

BadBox rapidly grows, 190,000 Android devices infected
Romanian national was sentenced to 20 years in prison for his role in NetWalker ransomware attacksSophos fixed critical vulnerabilities in its Firewall product
U.S. CISA adds BeyondTrust software flaw to its Known Exploited Vulnerabilities catalog
Raccoon Infostealer operator sentenced to 60 months in prison
Mirai botnet targets SSR devices, Juniper Networks warns
Fortinet warns about Critical flaw in Wireless LAN Manager FortiWLM
CERT-UA: Russia-linked UAC-0125 abuses Cloudflare Workers to target Ukrainian army
US considers banning TP-Link routers over cybersecurity concerns
APT
Russia-linked APT29 group used red team tools in rogue RDP attacks
Threat actors are attempting to exploit Apache Struts vulnerability CVE-2024-53677
Irish Data Protection Commission (DPC) fined Meta €251 million for a 2018 data breach
The Mask APT is back after 10 years of silence
Texas Tech University data breach impacted 1.4 million individuals
The FBI warns of HiatusRAT scanning campaigns against Chinese-branded web cameras and DVRs
Russia FSB relies on Ukrainian minors for criminal activities disguised as “quest games”
U.S. CISA adds Microsoft Windows Kernel-Mode Driver and Adobe ColdFusion flaws to its Known Exploited Vulnerabilities catalog
ConnectOnCall data breach impacted over 900,000 individuals
Report claims that Serbian authorities abused Cellebrite tool to install NoviSpy spyware
Multiple flaws in Volkswagen Group’s infotainment unit allow for vehicle compromise
PUMAKIT, a sophisticated rootkit that uses advanced stealth mechanisms 

International Press – Newsletter

Cybercrime  

New Investment Scam Leverages AI, Social Media Ads to Target Victims Worldwide

Texas Tech University Data Breach Impacts 1.4 Million People 

Hacker Leaks Cisco Data

New fake Ledger data breach emails try to steal crypto wallets  

How to Lose a Fortune with Just One Bad Click  

Effective Phishing Campaign Targeting European Companies and Institutions  

Ukrainian National Sentenced to Federal Prison in “Raccoon Infostealer” Cybercrime Case  

Romanian National Sentenced to 20 Years in Prison in Connection with NetWalker Ransomware Attacks Resulting in the Payment of Millions of Dollars in Ransoms  

United States Charges Dual Russian and Israeli National as Developer of LockBit Ransomware Group  

ACE Shutters One of the Largest Live Sports Piracy Rings in the World  

Malware

Vishing via Microsoft Teams Facilitates DarkGate Malware Intrusion  

Spyware distributed through Amazon Appstore  

BADBOX Botnet Is Back  

Supply Chain Attack on Rspack npm Packages Injects Cryptojacking Malware  

Hacking

Researchers find security flaws in Skoda cars that may let hackers remotely track them  

Exploit attempts inspired by recent Struts2 File Upload Vulnerability (CVE-2024-53677, CVE-2023-50164)

Hackers Can Jailbreak Digital License Plates to Make Others Pay Their Tolls and Tickets  

Not All Roads Lead to PWN2OWN: Firmware Reverse Engineering (Part 2)  

Current State of SonicWall Exposure: Firmware Decryption Unlocks New Insights  

Investigating Malicious Hardware with Industrial CT  

Fortinet FortiWLM Deep-Dive, IOCs, and the Almost Story of the “Forti Forty”  

Intelligence and Information Warfare 

Glutton: A New Zero-Detection PHP Backdoor from Winnti Targets Cybercrimals 

“A Digital Prison”: Surveillance and the suppression of civil society in Serbia  

The SBU and the National Police detained minors in Kharkiv who were spying for the FSB under the guise of a quest game  

Hidden in Plain Sight: TA397’s New Attack Chain Delivers Espionage RATs  

Analyzing FLUX#CONSOLE: Using Tax-Themed Lures, Threat Actors Exploit Windows Management Console to Deliver Backdoor Payloads 

Trump administration wants to go on cyber offensive against China

Earth Koshchei Coopts Red Team Tools in Complex RDP Attacks  

Cyberattack UAC-0125 using the theme “Army+” (CERT-UA#12559)  

Cybersecurity

ESET Threat Report H2 2024 

OpenAI whistleblower found dead in San Francisco

Irish Data Protection Commission fines Meta €251 Million  

Foreign hackers need to face real consequences, Mike Waltz says  

US considers ban on China’s TP-Link over security concerns, WSJ reports 

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)