Security Affairs newsletter Round 486 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Hackers can take over Ecovacs home robots to spy on their owners
Russian national arrested in Argentina for laundering money of crooks and Lazarus APT
Qilin ransomware steals credentials stored in Google Chrome
Phishing attacks target mobile users via progressive web applications (PWA)
New malware Cthulhu Stealer targets Apple macOS users
China-linked APT Velvet Ant exploited zero-day to compromise Cisco switches
A cyberattack hit US oil giant Halliburton
U.S. CISA adds Dahua IP Camera, Linux Kernel and Microsoft Exchange Server bugs to its Known Exploited Vulnerabilities catalog
SolarWinds fixed a hardcoded credential issue in Web Help Desk
A cyberattack disrupted operations of US chipmaker Microchip Technology
Google addressed the ninth actively exploited Chrome zero-day this year
GitHub fixed a new critical flaw in the GitHub Enterprise Server 
Experts disclosed a critical information-disclosure flaw in Microsoft Copilot Studio
North Korea-linked APT used a new RAT called MoonPeak
Pro-Russia group Vermin targets Ukraine with a new malware family
A backdoor in millions of Shanghai Fudan Microelectronics RFID cards allows cloning
Ransomware payments rose from $449.1 million to $459.8 million
Previously unseen Msupedge backdoor targeted a university in Taiwan
Oracle NetSuite misconfiguration could lead to data exposure
Toyota disclosed a data breach after ZeroSevenGroup leaked stolen data on a cybercrime forum
CISA adds Jenkins Command Line Interface (CLI) bug to its Known Exploited Vulnerabilities catalog
Researchers uncovered new infrastructure linked to the cybercrime group FIN7Hacking
From 2018: DeepMasterPrints: deceive fingerprint recognition systems with MasterPrints generated with GANs
Large-scale extortion campaign targets publicly accessible environment variable files (.env)

International Press – Newsletter

Cybercrime  

The “Mad Liberator” ransomware group leverages social-engineering moves to watch out for  

New U.N. Cybercrime Treaty Could Threaten Human Rights 

FIN7: The Truth Doesn’t Need to be so STARK 

2024 Crypto Crime Mid-year Update Part 1: Cybercrime Climbs as Exchange Thieves and Ransomware Attackers Grow Bolder      

Pulaski County Man Sentenced for Cyber Intrusion and Aggravated Identity Theft 

Microchip Technology says operations disrupted by cyberattack 

Member of Russian cybercrime group charged in Ohio  

Argentinian Authorities Arrest Russian National for Laundering the Crypto Proceeds of Illicit Activity 

Hacker tried to dodge child support by breaking into registry to fake his death, prosecutors say  

Malware

Meet UULoader: An Emerging and Evasive Malicious Installer

BlindEagle flying high in Latin America  

Finding Malware: Unveiling NUMOZYLOD with Google Security Operations      

NGate Android malware relays NFC traffic to steal cash  

From the Depths: Analyzing the Cthulhu Stealer Malware for macOS  

PEAKLIGHT: Decoding the Stealthy Memory-Only Malware  

Qilin ransomware caught stealing credentials stored in Google Chrome  

Hacking

MakeShift: Security Analysis of Shimano Di2 Wireless Gear Shifting in Bicycles

Potential Widespread Data Exposure Analysis: Oracle NetSuite  

MIFARE Classic: exposing the static encrypted nonce variant… and a few hardware backdoors

SSRFing the Web with the help of Copilot Studio  

$4,998 Bounty Awarded and 100,000 WordPress Sites Protected Against Unauthenticated Remote Code Execution Vulnerability Patched in GiveWP WordPress Plugin

Phrack hacker zine publishes new edition after three years

Google fixes ninth Chrome zero-day exploited in attacks this year

Hackers now use AppDomain Injection to drop CobaltStrike beacons

Ecovacs says it will fix bugs that can be abused to spy on robot owners  

Be careful what you pwish for – Phishing in PWA applications  

Intelligence and Information Warfare 

Disrupting a covert Iranian influence operation  

Safeguarding Digital Freedom: How a Gen Discovery Helped to Protect Windows Users Everywhere   

Best Laid Plans: TA453 Targets Religious Figure with Fake Podcast Invite Delivering New BlackSmith Malware Toolset

Russia-linked Vermin hackers target Ukraine with new malware strain  

TodoSwift Disguises Malware Download Behind Bitcoin PDF  

MoonPeak malware from North Korean actors unveils new details on attacker infrastructure

China-Nexus Threat Group ‘Velvet Ant’ Leverages a Zero-Day to Deploy Malware on Cisco Nexus Switches  

From cybercrime to terrorism, FBI director says America faces many elevated threats ‘all at once’  

US government accuses Iran of Trump campaign hack; Iran scoffs  

Cybersecurity

Nvidia Sued for Scraping YouTube After 404 Media Investigation 

The Rise of Techno-Colonialism  

Toyota confirms breach after stolen data leaks on hacking forum

Researchers Have Ranked AI Models Based on Risk—and Found a Wild Range  

Critical Privilege Escalation in LiteSpeed Cache Plugin Affecting 5+ Million Sites  

Memory corruption vulnerabilities in Suricata and FreeRDP  

Top US oilfield firm Halliburton hit by cyberattack, source says 

Local Networks Go Global When Domain Names Collide  

The New Bioweapons  

Hack on North Miami Tests Ransom Payment Bans  

National Public Data Published Its Own Passwords

Finding security flaws in Android ahead of malicious hackers      

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe to our Newsletter