Security Affairs newsletter Round 475 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

New York Times source code compromised via exposed GitHub token

SolarWinds fixed multiple flaws in Serv-U and SolarWinds Platform

Pandabuy was extorted twice by the same threat actor

UAC-0020 threat actor used the SPECTR Malware to target Ukraine’s defense forces

Chinese threat actor exploits old ThinkPHP flaws since October 2023

A new Linux version of TargetCompany ransomware targets VMware ESXi environments

FBI obtained 7,000 LockBit decryption keys, victims should contact the feds to get support

RansomHub operation is a rebranded version of the Knight RaaS

Malware can steal data collected by the Windows Recall tool, experts warn

Cisco addressed Webex flaws used to compromise German government meetings

Zyxel addressed three RCEs in end-of-life NAS devices

A ransomware attack on Synnovis impacted several London hospitals

RansomHub gang claims the hack of the telecommunications giant Frontier Communications

Cybercriminals attack banking customers in EU with V3B phishing kit – PhotoTAN and SmartID supported.

Experts released PoC exploit code for a critical bug in Progress Telerik Report Servers

Multiple flaws in Cox modems could have impacted millions of devices

CISA adds Oracle WebLogic Server flaw to its Known Exploited Vulnerabilities catalog

Spanish police shut down illegal TV streaming network

APT28 targets key networks in Europe with HeadLace malware

Experts found information of European politicians on the dark web

FlyingYeti targets Ukraine using WinRAR exploit to deliver COOKBOX Malware

International Press – Newsletter

Cybercrime  

Cybercriminals Attack Banking Customers In EU With V3B Phishing Kit      

The National Police dismantles a network that obtained more than 5,300,000 euros through the illicit distribution of audiovisual content        

London hospital services impacted by ransomware incident  

Snowflake Data Breach Impacts Ticketmaster, Other Organizations

New York Times source code stolen using exposed GitHub token

Malware

Russian Power Companies, IT Firms, and Govt Agencies Hit by Decoy Dog Trojan

RansomHub: New Ransomware has Origins in Older Knight

FBI recovers 7,000 LockBit keys, urges ransomware victims to reach out   

TargetCompany’s Linux Variant Targets ESXi Environments  

UAC-0020 (Vermin) attacks the Defense Forces of Ukraine using the SPECTR WPS in tandem with a legitimate SyncThing (“SickSync” campaign)   

Hacking 

Snowflake at centre of world’s largest data breach 

Hacking Millions of Modems (and Investigating Who Hacked My Modem)  

Molding Lies Into Reality || Exploiting CVE-2024-4358  

Five new vulnerabilities found in Zyxel NAS devices (including code execution and privilege escalation)

A Zero Day TikTok Hack Is Taking Over Celebrity And Brand Accounts    

Stealing everything you’ve ever typed or viewed on your own Windows PC is now possible with two lines of code — inside the Copilot+ Recall disaster      

2024: Old CVEs, New Targets — Active Exploitation of ThinkPHP  

Intelligence and Information Warfare 

Video Games Might Matter for Terrorist Financing  

Disrupting FlyingYeti’s campaign targeting Ukraine

GRU’s BlueDelta Targets Key Networks in Europe with Multi-Phase Espionage Campaigns      

Revealed: Russian legal foundation linked to Kremlin activities in Europe  

NSA chief says China readying destructive cyberattacks on critical infrastructure  

How Russia is trying to disrupt the 2024 Paris Olympic Games  

Cybersecurity  

Generative AI is expected to magnify the risk of deepfakes and other fraud in banking  

Cyber house of cards – Politicians’ personal details exposed online

Preventing and Waging War in the AI–CYBER Era

Google Leak Reveals Thousands of Privacy Incidents    

Coast Guard To Empower Maritime Cybersecurity  

361 million stolen accounts leaked on Telegram added to HIBP

Cisco Patches Webex Bugs Following Exposure of German Government Meetings

How to Opt Out of Instagram and Facebook Using Your Posts for AI        

How to spot a deepfake: the maker of a detection tool shares the key giveaways  

Pierluigi Paganini

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

(SecurityAffairs – hacking, newsletter)