Categories
Audio Posts In English

Security Affairs newsletter Round 458 by Pierluigi Paganini – INTERNATIONAL EDITION


newsletter.png

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

CISA adds Fortinet FortiOS bug to its Known Exploited Vulnerabilities catalog
macOS Backdoor RustDoor likely linked to Alphv/BlackCat ransomware operations
Exploiting a vulnerable Minifilter Driver to create a process killer
Black Basta ransomware gang hacked Hyundai Motor Europe
Fortinet warns of a new actively exploited RCE flaw in FortiOS SSL VPN
Ivanti warns of a new auth bypass flaw in its Connect Secure, Policy Secure, and ZTA gateway devices
26 Cyber Security Stats Every User Should Be Aware Of in 2024
US offers $10 million reward for info on Hive ransomware group leaders
Unraveling the truth behind the DDoS attack from electric toothbrushes
China-linked APT Volt Typhoon remained undetected for years in US infrastructure
Cisco fixes critical Expressway Series CSRF vulnerabilities
CISA adds Google Chromium V8 Type Confusion bug to its Known Exploited Vulnerabilities catalog
Fortinet addressed two critical FortiSIEM vulnerabilities
Experts warn of a critical bug in JetBrains TeamCity On-Premises
Critical shim bug impacts every Linux boot loader signed in the past decade
China-linked APT deployed malware in a network of the Dutch Ministry of Defence
Commercial spyware vendors are behind most zero-day exploits discovered by Google TAG
Google fixed an Android critical remote code execution flaw
A man faces up to 25 years in prison for his role in operating unlicensed crypto exchange BTC-e
U.S. Gov imposes visa restrictions on individuals misusing Commercial Spyware
HPE is investigating claims of a new security breach
Experts warn of a surge of attacks targeting Ivanti SSRF flaw 
How to hack the Airbus NAVBLUE Flysmart+ Manager
Crooks stole $25.5 million from a multinational firm using a ‘deepfake’ video call
Software firm AnyDesk disclosed a security breach
The ‘Mother of all Breaches’: Navigating the Aftermath and Fortifying Your Data with DSPM
US government imposed sanctions on six Iranian intel officials
A cyberattack impacted operations at Lurie Children’s Hospital
AnyDesk Incident: Customer Credentials Leaked and Published for Sale on the Dark Web

Cybercrime

Following The AnyDesk Incident: Customer Credentials Leaked And Published For Sale On The Dark Web  

Another Chicago hospital announces cyberattack  

HK firm scammed of RM120mil after employee duped by video call with deepfake of CFO  

Foreign National Charged for International Money Laundering Conspiracy and Role in Operation of Unlicensed Digital Currency Exchange BTC-e  

THE $6M DOLLAR SCAM: BLING WATCHES, BROKEN HEARTS, AND THE CURIOUS TALE OF “CLASSIC BAGGIE”  

Malware

Outsmarting Ransomware’s New Playbook

Buying Spying: How the commercial surveillance industry works and what can be done about it 

New MacOS Backdoor Written in Rust Shows Possible Link with Windows Ransomware Group  

RASPBERRY ROBIN KEEPS RIDING THE WAVE OF ENDLESS 1-DAYS 

Hacking

AnyDesk Incident Response 2-2-2024 

CVE-2024-21893 Technical Analysis

Hacking Electronic Flight Bags. Airbus NAVBLUE Flysmart+ Manager  

THE REAL SHIM SHADY – HOW CVE-2023-40547 IMPACTS MOST LINUX SYSTEMS 

HijackLoader Expands Techniques to Improve Defense Evasion 

New Fortinet RCE flaw in SSL VPN likely exploited in attacks

Iran accelerates cyber ops against Israel from chaotic start  

Intelligence and Information Warfare 

Treasury Sanctions Actors Responsible for Malicious Cyber Activities on Critical Infrastructure  

Why China Can’t Export Its Model of Surveillance   

MIVD reveals Chinese espionage methods in the Netherlands  

PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure

AI-Generated Voices in Robocalls Are Now Illegal  

Kimsuky disguised as a Korean company signed with a valid certificate to distribute Troll Stealer (English ver.)  

Cybersecurity          

Announcement of a Visa Restriction Policy to Promote Accountability for the Misuse of Commercial Spyware   

Critical Security Issue Affecting TeamCity On-Premises (CVE-2024-23917) – Update to 2023.11.3 Now

Cybersecurity expert says the next generation of identity theft is here: ‘Identity hijacking’     

Were 3 Million Toothbrushes Really Used for a DDoS Attack?

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)