Security Affairs newsletter Round 474 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Ticketmaster confirms data breach impacting 560 million customers

Critical Apache Log4j2 flaw still threatens global finance

Crooks stole more than $300M worth of Bitcoin from the exchange DMM Bitcoin

ShinyHunters is selling data of 30 million Santander customers

Over 600,000 SOHO routers were destroyed by Chalubo malware in 72 hours

LilacSquid APT targeted organizations in the U.S., Europe, and Asia since at least 2021

BBC disclosed a data breach impacting its Pension Scheme members

CISA adds Check Point Quantum Security Gateways and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog

Experts found a macOS version of the sophisticated LightSpy spyware

Operation Endgame, the largest law enforcement operation ever against botnets

Law enforcement operation dismantled 911 S5 botnet

Okta warns of credential stuffing attacks targeting its Cross-Origin Authentication feature Check Point released hotfix for actively exploited VPN zero-day

BreachForums resurrected after FBI seizure

ABN Amro discloses data breach following an attack on a third-party provider

Christie disclosed a data breach after a RansomHub attack

Experts released PoC exploit code for RCE in Fortinet SIEM

WordPress Plugin abused to install e-skimmers in e-commerce sites

TP-Link Archer C5400X gaming router is affected by a critical flaw

Sav-Rx data breach impacted over 2.8 million individuals

The Impact of Remote Work and Cloud Migrations on Security Perimeters

New ATM Malware family emerged in the threat landscape

A high-severity vulnerability affects Cisco Firepower Management Center

CERT-UA warns of malware campaign conducted by threat actor UAC-0006

Malware-laced JAVS Viewer deploys RustDoor implant in supply chain attack

International Press – Newsletter

Cybercrime  

Into the Lion’s Den Inside the Growing Risk of Gift Card Fraud  

Phishing with Cloudflare Workers: Transparent Phishing and HTML Smuggling  

Christie’s Confirms Data Breach After Ransomware Group Claims Attack  

Breach Forums Return to Clearnet and Dark Web Despite FBI Seizure

Treasury Sanctions a Cybercrime Network Associated with the 911 S5 Botnet  

911 S5 Botnet Dismantled and Its Administrator Arrested in Coordinated International Operation  

Largest ever operation against botnets hits dropper malware ecosystem   

Hackers steal $305M from DMM Bitcoin crypto exchange 

Ticketmaster confirms data hack which could affect 560m globally

How a Nigerian influencer, North Korean hacker and Canadian scammer committed fraud worldwide        

Malware

New ATM Malware Threatens European Banking Security   

Server Side Credit Card Skimmer Lodged in Obscure Plugin   

LightSpy: Implant for macOS  

The Pumpkin Eclipse  

Hacking 

Remote Command Execution on TP-Link Archer C5400X 

CVE-2024-23108: Fortinet FortiSIEM 2nd Order Command Injection Deep-Dive   

Important Security Update – Stay Protected Against VPN Information Disclosure (CVE-2024-24919)

Detecting Cross-Origin Authentication Credential Stuffing Attacks     

Recent ‘MFA Bombing’ Attacks Targeting Apple Users

Intelligence and Information Warfare 

NATO holds first meeting of Critical Undersea Infrastructure Network  

CERT-UA warns: Ukrainian finances targeted with SmokeLoader malware  

How the DOJ is using a Civil War-era law to enforce corporate cybersecurity  

LilacSquid: The stealthy trilogy of PurpleInk, InkBox and InkLoader  

GRU’s BlueDelta Targets Key Networks in Europe with Multi-Phase Espionage Campaigns  

OpenAI models used in nation-state influence campaigns, company says  

Cybersecurity  

Stop Using “SLA” When Discussing Vulnerabilities  

How to Identify and Remove VPN Applications That Contain 911 S5 Back Doors  

Multiple botnets dismantled in largest international ransomware operation ever  

HUGE Google Search document leak reveals inner workings of ranking algorithm       

NIST Getting Outside Help for National Vulnerability Database

Cybersecurity Education Maturity Assessment  

‘It’s putting patients’ lives in danger’: Nurses say ransomware attack is stressing hospital operations   

Could the Next War Begin in Cyberspace?   

OpenAI’s Altman Sidesteps Questions About Governance, Johansson at UN AI Summit

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)