Security Affairs newsletter Round 446 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Israeli man sentenced to 80 months in prison for providing hacker-for-hire services
Russian APT Gamaredon uses USB worm LitterDrifter against Ukraine
The board of directors of OpenAI fired Sam Altman
Medusa ransomware gang claims the hack of Toyota Financial Services
CISA adds Sophos Web Appliance bug to its Known Exploited Vulnerabilities catalog
A critical OS command injection flaw affects Fortinet FortiSIEM
Zimbra zero-day exploited to steal government emails by four groups
Vietnam Post exposes 1.2TB of data, including email addresses
Samsung suffered a new data breach
FBI and CISA warn of attacks by Rhysida ransomware gang
Critical flaw fixed in SAP Business One product
Law enforcement agencies dismantled the illegal botnet proxy service IPStorm
Gamblers’ data compromised after casino giant Strendus fails to set password
VMware disclosed a critical and unpatched authentication bypass flaw in VMware Cloud Director Appliance
Microsoft Patch Tuesday security updates fixed 3 actively exploited flaws
Danish critical infrastructure hit by the largest cyber attack in Denmark’s history
Major Australian ports blocked after a cyber attack on DP World
Nuclear and Oil & Gas are Major Targets of Ransomware Groups in 2024
CISA adds five vulnerabilities in Juniper devices to its Known Exploited Vulnerabilities catalog
LockBit ransomware gang leaked data stolen from Boeing
North Korea-linked APT Sapphire Sleet targets IT job seekers with bogus skills assessment portals
The Lorenz ransomware group hit Texas-based Cogdell Memorial Hospital
The State of Maine disclosed a data breach that impacted 1.3M people

Cybercrime

Maine gov data breach: MOVEit Global Security Incident

Ransomware Attacks Against The Energy Sector On The Rise – Nuclear And Oil & Gas Are Major Targets In 2024    

Russian and Moldovan National Pleads Guilty to Operating Illegal Botnet Proxy Service that Infected Tens of Thousands of Internet-Connected Devices Around the World   

Hackers Use Online Casinos to Gamble Mountains of Cash They Steal from Victims

Israeli Hacker-For-Hire Sentenced To 80 Months In Prison For Involvement In Massive Spearphishing Campaign  

Malware

StopRansomware: Rhysida Ransomware  

MALWARE SPOTLIGHT – INTO THE TRASH: ANALYZING LITTERDRIFTER  

A deep dive into Phobos ransomware, recently deployed by 8Base group  

Hacking

The attack against Danish, critical infrastructure

Novel backdoor persists even after critical Confluence vulnerability is patched

CacheWarp Attack: New Vulnerability in AMD SEV Exposes Encrypted VMs

LLM RED TEAMING GPT’S: PROMPT LEAKAGE, API LEAKAGE, DOCUMENTS LEAKAGE   

Elephant Hunting | Inside an Indian Hack-For-Hire Group

Intelligence and Information Warfare

Microsoft Warns of Fake Skills Assessment Portals Targeting IT Job Seekers

Unraveling the Kremlin’s Strategy: Russian Influence Operations and the Israel-Hamas Conflict

Zimbra 0-day used to target international government organizations

How an Indian startup hacked the world          

Cybersecurity

THE NOVEMBER 2023 SECURITY UPDATE REVIEW   

Addressing the State of AI’s Impact on Cyber Disinformation/Misinformation

What I learned about identity theft protection after my identity was stolen at the airport  

Running Signal Will Soon Cost $50 Million a Year

Sam Altman fired as CEO of OpenAI      

FCC Adopts Rules to Protect Consumers’ Cell Phone Accounts

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe to our Newsletter