A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
| U.S. Treasury Sanctions Chinese cybersecurity firm and actor over federal agency breach tied to Salt Typhoon |
| EU privacy non-profit group filed complaints against TikTok, SHEIN, AliExpress, and other Chinese companies |
| U.S. CISA adds Aviatrix Controllers vulnerability to its Known Exploited Vulnerabilities catalog |
| ESET detailed a flaw that could allow a bypass of the Secure Boot in UEFI systems |
| Russia-linked APT Star Blizzard targets WhatsApp accounts |
| Prominent US law firm Wolf Haldenstein disclosed a data breach |
| Clop Ransomware exploits Cleo File Transfer flaw: dozens of claims, disputed breaches |
| MikroTik botnet relies on DNS misconfiguration to spread malware |
| Threat actor leaked config files and VPN passwords for over Fortinet Fortigate devices |
| Microsoft Patch Tuesday updates for January 2025 fixed three actively exploited flaws |
| U.S. CISA adds Fortinet FortiOS flaw to its Known Exploited Vulnerabilities catalog |
| Codefinger ransomware gang uses compromised AWS keys to encrypt S3 bucket |
| CVE-2024-44243 macOS flaw allows persistent malware installation |
| FBI deleted China-linked PlugX malware from over 4,200 US computers |
| Russia-linked APT UAC-0063 target Kazakhstan in with HATVIBE malware |
| A new campaign is likely targeting a zero-day in Fortinet FortiGate firewalls |
| Threat actors exploit Aviatrix Controller flaw to deploy backdoors and cryptocurrency miners |
| U.S. CISA adds BeyondTrust PRA and RS and Qlik Sense flaws to its Known Exploited Vulnerabilities catalog |
| Inexperienced actors developed the FunkSec ransomware using AI tools |
| Credit Card Skimmer campaign targets WordPress via database injection |
| Microsoft took legal action against crooks who developed a tool to abuse its AI-based services |
| Pro-Russia hackers NoName057 targets Italy again after Zelensky’s visit to the country |
| How a researcher earned $100,000 hacking a Facebook server |
International Press – Newsletter
Cybercrime
Taking legal action to protect the public from abusive AI-generated content
Justice Department and FBI Conduct International Operation to Delete Malware Used by China-Backed Hackers
Huione: the company behind the largest ever illicit online marketplace has launched a stablecoin
Unknown group releases Fortinet config files and VPN passwords to the darknet
NHS Cyberattack in UK Inflicted Long-Term Harm on Patient Health
Clop ransomware gang names dozens of victims hit by Cleo mass-hack, but several firms dispute breaches
Sneaky 2FA: exposing a new AiTM Phishing-as-a-Service
How victims of PowerSchool’s data breach helped each other investigate ‘massive’ hack
Chinese Innovations Spawn Wave of Toll Phishing Via SMS
Gravy Analytics breached (to be confirmed)
Hackers Claim Massive Breach of Location Data Giant, Threaten to Leak Data
Malware
Stealthy Credit Card Skimmer Targets WordPress Checkout Pages via Database Injection
Abusing AWS Native Services: Ransomware Encrypting S3 Buckets with SSE-C
Python-Based Malware Powers RansomHub Ransomware to Exploit Network Flaws
One Mikro Typo: How a simple DNS misconfiguration enables malware delivery by a Russian botnet
Hacking
Backdooring Your Backdoors – Another $20 Domain, More Governments
Analyzing CVE-2024-44243, a macOS System Integrity Protection bypass through kernel extensions
Wiz Research Identifies Exploitation in the Wild of Aviatrix Controller RCE (CVE-2024-50603)
Console Chaos: A Campaign Targeting Publicly Exposed Management Interfaces on Fortinet FortiGate Firewalls
From arbitrary pointer dereference to arbitrary read/write in latest Windows 11
Under the cloak of UEFI Secure Boot: Introducing CVE-2024-7344
Karmada Security Audit
Intelligence and Information Warfare
Double-Tap Campaign: Russia-nexus APT possibly related to APT28 conducts cyber espionage on Central Asia and Kazakhstan diplomatic relations
How Barcelona became an unlikely hub for spyware startups
Secret Phone Surveillance Tech Was Likely Deployed at 2024 DNC
New Star Blizzard spear-phishing campaign targets WhatsApp accounts
Treasury Sanctions Company Associated with Salt Typhoon and Hacker Associated with Treasury Compromise
Treasury Targets IT Worker Network Generating Revenue for DPRK Weapons Programs
FBI Warns iPhone, Android, Windows Users—Do Not Install These Apps
Cybersecurity
2025 cybersecurity trends: deepfakes, AI and quantum computing
The State of IT Security in Germany 2024
Global Cybersecurity Outlook 2025
Ministers consider ban on all UK public bodies making ransomware payments
The January 2025 Security Update Review
Governments call for spyware regulations in UN Security Council meeting
2024 US Healthcare Data Breaches: 585 Incidents, 180 Million Compromised User Records
TikTok, AliExpress, SHEIN & Co surrender Europeans’ data to authoritarian China
Mad at Meta? Don’t Let Them Collect and Monetize Your Personal Data
CISA unveils ‘Secure by Demand’ guidelines to bolster OT security
Opening the AI Black Box: Scientists use math to peek inside how artificial intelligence makes decisions
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)
