Internet Security

Security Affairs newsletter Round 499 by Pierluigi Paganini – INTERNATIONAL EDITION

November 24, 2024 add comment

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

A cyberattack on gambling giant IGT disrupted portions of its IT systems
China-linked APT Gelsemium uses a new Linux backdoor dubbed WolfsBane
Microsoft seized 240 sites used by the ONNX phishing service
U.S. CISA adds Apple, Oracle Agile PLM bugs to its Known Exploited Vulnerabilities catalog
More than 2,000 Palo Alto Networks firewalls hacked exploiting recently patched zero-days
Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office
US DoJ charges five alleged members of the Scattered Spider cybercrime gang
Threat actor sells data of over 750,000 patients from a French hospital
Decade-old local privilege escalation bugs impacts Ubuntu needrestart package
Ford data breach involved a third-party supplier
Hacker obtained documents tied to lawsuit over Matt Gaetz’s sexual misconduct allegations
Apple addressed two actively exploited zero-day vulnerabilities
Unsecured JupyterLab and Jupyter Notebooks servers abused for illegal streaming of Sports events
Russian Phobos ransomware operator faces cybercrime charges
China-linked actor’s malware DeepData exploits FortiClient VPN zero-day
U.S. CISA adds Progress Kemp LoadMaster, Palo Alto Networks PAN-OS and Expedition bugs to its Known Exploited Vulnerabilities catalog
Great Plains Regional Medical Center ransomware attack impacted 133,000 individuals
Recently disclosed VMware vCenter Server bugs are actively exploited in attacks
Foreign adversary hacked email communications of the Library of Congress says
T-Mobile is one of the victims of the massive Chinese breach of telecom firms
Increased GDPR Enforcement Highlights the Need for Data Security
Critical Really Simple Security plugin flaw impacts 4M+ WordPress sites
A botnet exploits e GeoVision zero-day to compromise EoL devices

International Press – Newsletter

Cybercrime  

Ransomware Attack on Oklahoma Medical Center Impacts 133,000

Inside Intelligence Center: Financially Motivated Chinese Threat Actor SilkSpecter Targeting Black Friday Shoppers     

Phobos Ransomware Administrator Extradited from South Korea to Face Cybercrime Charges  

Ransomware gang Akira leaks unprecedented number of victims’ data in one day  

Ford investigates alleged breach following customer data leak

5 Defendants Charged Federally with Running Scheme that Targeted Victim Companies via Phishing Text Messages  

Targeting the Cybercrime Supply Chain  

Cyberattack Disrupts Systems of Gambling Giant IGT 

Justice Department Seizes Cybercrime Website and Charges Its Administrators  

Malware

Fake AI video generators infect Windows, macOS with infostealers  

How Italy became an unexpected spyware hub  

Babble Babble Babble Babble Babble Babble BabbleLoader  

One Sock Fits All: The use and abuse of the NSOCKS botnet

StopRansomware: BianLian Data Extortion Group   

Hacking

4,000,000 WordPress Sites Using Really Simple Security Free and Pro Versions Affected by Critical Authentication Bypass Vulnerability  

Threat Actors Hijack Misconfigured Servers for Live Sports Streaming  

Apple Releases Urgent Updates to Patch Actively Exploited Zero-Day Vulnerabilities

Hacker Is Said to Have Gained Access to File With Damaging Testimony About Gaetz  

Qualys TRU Uncovers Five Local Privilege Escalation Vulnerabilities in needrestart  

Threat Brief: Operation Lunar Peek, Activity Related to CVE-2024-0012 and CVE-2024-9474 (Updated Nov. 20)   

The Dark Side of Trust: Authority Citation-Driven Jailbreak Attacks on Large Language Models 

Intelligence and Information Warfare 

T-Mobile Hacked in Massive Chinese Breach of Telecom Networks  

Library of Congress emails hacked by ‘adversary’  

BrazenBamboo Weaponizes FortiClient Vulnerability to Steal VPN Credentials via DEEPDATA  

Unveiling WolfsBane: Gelsemium’s Linux counterpart to Gelsevirine 

DPRK IT Workers | A Network of Active Front Companies and Their Links to China 

The Nearest Neighbor Attack: How A Russian APT Weaponized Nearby Wi-Fi Networks for Covert Access  

Cybersecurity

CISA Director Jen Easterly to depart on Inauguration Day 

The Silent AI Leader Nobody is Talking About  

The AI Illusion: Navigating the Reality of Machine Learning in Cybersecurity  

Roles and Responsibilities Framework for Artificial Intelligence in Critical Infrastructure  

CWE Top 25 Most Dangerous Software Weaknesses  

Navigating cybersecurity investments in the time of NIS 2  

Vulnerabilities in VPNs Paper presented at the Privacy Enhancing Technologies Symposium 2024  

China’s Surveillance State Is Selling Citizen Data as a Side Hustle

Anyone Can Buy Data Tracking US Soldiers and Spies to Nuclear Vaults and Brothels in Germany  

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe to our Newsletter