Internet Security

Security Affairs newsletter Round 494 by Pierluigi Paganini – INTERNATIONAL EDITION

October 20, 2024 add comment

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

U.S. CISA adds Veeam Backup and Replication flaw to its Known Exploited Vulnerabilities catalog
North Korea-linked APT37 exploited IE zero-day in a recent attack
Omni Family Health data breach impacts 468,344 individuals
Iran-linked actors target critical infrastructure organizations
macOS HM Surf flaw in TCC allows bypass Safari privacy settings
Two Sudanese nationals indicted for operating the Anonymous Sudan group
Russia-linked RomCom group targeted Ukrainian government agencies since late 2023
A critical flaw in Kubernetes Image Builder could allow attackers to gain root access
VMware fixes high-severity SQL injection flaw CVE-2024-38814 in HCX
Brazil’s Polícia Federal arrested the notorious hacker USDoD
Finnish Customs dismantled the dark web drugs market Sipulitie
U.S. CISA adds Microsoft Windows Kernel, Mozilla Firefox and SolarWinds Web Help Desk bugs to its Known Exploited Vulnerabilities catalog
GitHub addressed a critical vulnerability in Enterprise Server
A new Linux variant of FASTCash malware targets financial systems
WordPress Jetpack plugin critical flaw impacts 27 million sites
Pokemon dev Game Freak discloses data breach
U.S. CISA adds Fortinet products and Ivanti CSA bugs to its Known Exploited Vulnerabilities catalog
Nation-state actor exploited three Ivanti CSA zero-days
Dutch police dismantled dual dark web market ‘Bohemia/Cannabia’
macOS HM Surf flaw in TCC allows bypass Safari privacy settings
Iran-linked actors target critical infrastructure organizations
North Korea-linked APT37 exploited IE zero-day in a recent attack
Fidelity Investments suffered a second data breach this year
Russia-linked group APT29 is targeting Zimbra and JetBrains TeamCity servers on a large scale

International Press – Newsletter

Cybercrime  

How Southeast Asian Cyber Syndicates Stole Billions  

International action against world’s largest dark web market ‘Bohemia/Cannabia’  

The FBI secretly created a coin to investigate crypto pump-and-dump schemes  

AI-Powered Cybercrime Cartels on the Rise in Asia  

Hackers Advertise Stolen Verizon Push-to-Talk ‘Call Logs’  

Finnish Customs, Europol, Swedish Police and Bitdefender Cooperation Leads to Sipulitie Dark Web Marketplace Shut Down  

Volkswagen monitoring data dump threat from 8Base ransomware crew

PF arrests hacker suspected of invading PF systems and those of other international institutions 

AI-Powered Cybercrime Cartels on the Rise in Asia  

Two Sudanese Nationals Indicted for Alleged Role in Anonymous Sudan Cyberattacks on Hospitals, Government Facilities, and Other Critical Infrastructure in Los Angeles and Around the World  

Alabama Man Arrested for Role in Securities and Exchange Commission X Account Hack  

Malware

Expanding the Investigation: Deep Dive into Latest TrickMo Samples  

HijackLoader evolution: abusing genuine signing certificates

FASTCash for Linux     

Encrypted Symphony: Infiltrating the Cicada3301 Ransomware-as-a-Service Group  

Ransomware Claims Spike: Key Insights from Coalition’s 2024 Cyber Claims Report

ClickFix tactic: The Phantom Meet

Hacking

Pokémon video game developer confirms its systems were breached by hackers  

Silent Threat: Red Team Tool EDRSilencer Disrupting Endpoint Security Solutions  

Chinese Scientists Report Using Quantum Computer to Hack Military-grade Encryption

Critical default credential bug in Kubernetes Image Builder allows SSH root access

Critical Kubernetes Image Builder Vulnerability Exposes Nodes to Root Access Risk

ESET partner breached to send data wipers to Israeli orgs

Intelligence and Information Warfare 

Earth Simnavaz (aka APT34) Levies Advanced Cyberattacks Against UAE and Gulf Regions

Burning Zero Days: Suspected Nation-State Adversary Targets Ivanti CSA        

Germany to beef up security checks amid spying fears   

AhnLab and NCSC Release Joint Report on Microsoft Zero-Day Browser Vulnerability (CVE-2024-38178)

How Israel’s bulky pager fooled Hezbollah

Iranian Cyber Actors’ Brute Force and Credential Access Activity Compromises Critical Infrastructure Organizations     

UAT-5647 targets Ukrainian and Polish entities with RomCom malware variants

AhnLab and NCSC Release Joint Report on Microsoft Zero-Day Browser Vulnerability (CVE-2024-38178)   

Cybersecurity

How the increasing demand for cyber insurance is changing the role of the CISO  

AI Models in Cybersecurity: From Misuse to Abuse

Some Americans are still using Kaspersky’s antivirus despite US government ban 

Cybersecurity skills in the EU: A new dawn?

Nearly Half of Security Professionals Agree GenAI Is One of Their Biggest Security Risks       

New rules to boost cybersecurity of EU’s critical entities and networks  

This Is Exactly How an Elon Musk-Funded PAC Is Microtargeting Muslims and Jews With Opposing Messages

AI-Powered Social Media Manipulation App Promises to ‘Shape Reality’

Guidelines and Companion Guide on Securing AI Systems         

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe to our Newsletter