Security Affairs newsletter Round 470 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Blackbasta gang claimed responsibility for Synlab Italia attack

LockBit published data stolen from Simone Veil hospital in Cannes

Russia-linked APT28 and crooks are still using the Moobot botnet

Dirty stream attack poses billions of Android installs at risk

ZLoader Malware adds Zeus’s anti-analysis feature

Ukrainian REvil gang member sentenced to 13 years in prison

Pro-Russia hackers target critical infrastructure in North America and Europe

HPE Aruba Networking addressed four critical ArubaOS RCE flaws

Threat actors hacked the Dropbox Sign production environment

CISA adds GitLab flaw to its Known Exploited Vulnerabilities catalog

Panda Restaurant Group disclosed a data breach

Ex-NSA employee sentenced to 262 months in prison for attempting to transfer classified documents to Russia

Cuttlefish malware targets enterprise-grade SOHO routers

A flaw in the R programming language could allow code execution

Muddling Meerkat, a mysterious DNS Operation involving China’s Great Firewall

Notorious Finnish Hacker sentenced to more than six years in prisonBlackbasta gang claimed responsibility for Synlab Italia attack

CISA guidelines to protect critical infrastructure against AI-based threats

NCSC: New UK law bans default passwords on smart devices

The FCC imposes $200 million in fines on four US carriers for unlawfully sharing user location data

Google prevented 2.28 million policy-violating apps from being published on Google Play in 2023

Financial Business and Consumer Solutions (FBCS) data breach impacted 2M individuals

Cyber-Partisans hacktivists claim to have breached Belarus KGB

The Los Angeles County Department of Health Services disclosed a data breach

Multiple Brocade SANnav SAN Management SW flaws allow device compromise

ICICI Bank exposed credit card data of 17000 customers

Okta warns of unprecedented scale in credential stuffing attacks on online services

Targeted operation against Ukraine exploited 7-year-old MS Office bug

International Press – Newsletter

Cybercrime    

Man Who Mass-Extorted Psychotherapy Patients Gets Six Years 

Panda Restaurants discloses data breach after corporate systems hack

UnitedHealth CEO Says Hackers Lurked in Network for Nine Days Before Ransomware Strike

Sodinokibi/REvil Affiliate Sentenced for Role in $700M Ransomware Scheme      

Cybersecurity consultant arrested after allegedly extorting IT firm

Cannes Simone Veil hospital center – CYBER ​​ATTACK PRESS RELEASE  

Malware

2024 Bad Bot Report  

Dragos Industrial Ransomware Analysis: Q1 2024  

Malware: Cuckoo Behaves Like Cross Between Infostealer and Spyware  

Eight Arms To Hold You: The Cuttlefish Malware  

Zloader Learns Old Tricks  

Router Roulette: Cybercriminals and Nation-States Sharing Compromised Networks   

Hacking 

How to Block Residential Proxies using Okta  

AI models inch closer to hacking on their own   

Hackers use developing countries as testing ground for new ransomware attacks  

Hackers claim to have infiltrated Belarus’ main security service 

R-BITRARY CODE EXECUTION: VULNERABILITY IN R’S DESERIALIZATION  

A recent security incident involving Dropbox Sign

DEFENDING OT OPERATIONS AGAINST ONGOING PRO-RUSSIA HACKTIVIST ACTIVITY

“Dirty stream” attack: Discovering and mitigating a common vulnerability pattern in Android apps  

Intelligence and Information Warfare 

Germany grapples with wave of spying threats from Russia and China   

A CUNNING OPERATOR: MUDDLING MEERKAT AND CHINA’S GREAT FIREWALL 

Former NSA Employee Sentenced to Over 21 Years in Prison for Attempted Espionage  

Iranian state-backed cyber spies continue to impersonate media brands, think tanks 

US moves to bar Huawei, other Chinese telecoms from certifying wireless equipment

Cybersecurity   

Japanese police create fake support scam payment cards to warn victims

Why ICICI Bank has blocked thousands of credit cards

Discord dismantles Spy.pet site that snooped on millions of users

Assessing the Cyber Threat to the Nation’s Water Supply  

Safety and Security Guidelines for Critical Infrastructure Owners and Operators

How we fought bad apps and bad actors in 2023

FCC fines carriers $196 million for selling customer location data

Smart devices: new law helps citizens to choose secure products      

Semaforum with Joseph Cox: ‘I was just blown away by its audacity’  

Mind-Bending Math Could Stop Quantum Hackers—but Few Understand It  

2024 Data Breach Investigations Report  

The PLA Navy’s Blue Team Center Games for War

NSA, cybersecurity partners issue urgent OT threat warning        

Why hundreds of U.S. banks may be at risk of failure  

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)