Security Affairs newsletter Round 413 by Pierluigi Paganini – International edition

April 2, 2023  By Pierluigi Paganini


A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

If you want to also receive for free the newsletter with the international press subscribe here.

LockBit leaks data stolen from the South Korean National Tax Service
Italy’s Data Protection Authority temporarily blocks ChatGPT over privacy concerns
CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog
Hackers are actively exploiting a flaw in the Elementor Pro WordPress plugin
Cyber Police of Ukraine arrested members of a gang that defrauded EU citizens of $4.33M
Russian APT group Winter Vivern targets email portals of NATO and diplomats
Super FabriXss vulnerability in Microsoft Azure SFX could lead to RCE
New AlienFox toolkit harvests credentials for tens of cloud services
3CX voice and video conferencing software victim of a supply chain attack
New Mélofée Linux malware linked to Chinese APT groups
QNAP fixed Sudo privilege escalation bug in NAS devices
Australia’s Casino Giant Crown Resorts disclosed data breach after Clop ransomware attack
OpenAI quickly fixed account takeover bugs in ChatGPT
Google TAG shares details about exploit chains used to install commercial spyware
Clipper attacks use Trojanized TOR Browser installers
Toyota Italy accidentally leaked sensitive data
Bitter APT group targets China’s nuclear energy sector 
Latitude Data breach is worse than initially estimated. 14 million individuals impacted
Europol warns of criminal use of ChatGPT
Telecom giant Lumen suffered a ransomware attack and disclose a second incident
Apple fixes recently disclosed CVE-2023-23529 zero-day on older devices
New MacStealer macOS malware appears in the cybercrime underground
Updates from the MaaS: new threats delivered through NullMixer
Technical analysis of China-linked Earth Preta APT’s infection chain
Malicious Python Package uses Unicode support to evade detection 
OpenAI: A Redis bug caused a recent ChatGPT data exposure incident
Microsoft shares guidance for investigating attacks exploiting CVE-2023-23397
Vice Society claims attack on Puerto Rico Aqueduct and Sewer Authority

International Press

Cybercrime

The criminal use of ChatGPT – a cautionary tale about large language models  

Casino Giant Crown Resorts Investigating Ransomware Group’s Data Theft Claims  

The cyber police exposed members of a criminal group that defrauded EU citizens of 160 million hryvnias with the help of phishing   

Hacking

Spyware vendors use 0-days and n-days against popular platforms  

Sudoedit bypass in Sudo <= 1.9.12p1 CVE-2023-22809  

#SmoothOperator | Ongoing Campaign Trojanizes #3CXDesktopApp in Supply Chain Attack

Super FabriXss: From XSS to an RCE in Azure Service Fabric Explorer by Abusing an Event Tab Cluster Toggle (CVE-2023-23383) Lidor Ben Shitrit Reading time: 11 Minutes

Critical Elementor Pro Vulnerability Exploited   

Malware

Malicious Actors Use Unicode Support in Python to Evade Detection  

Updates from the MaaS: new threats delivered through NullMixer  

MacStealer: New macOS-based Stealer Malware Identified  

Copy-paste heist or clipboard-injector attacks on cryptousers   

Mélofée: a new alien malware in the Panda’s toolset targeting Linux hosts  

Ironing out (the macOS details) of a Smooth Operator

Dissecting AlienFox | The Cloud Spammer’s Swiss Army Knife

Intelligence and Information Warfare

Guidance for investigating attacks using CVE-2023-23397

Pack it Secretly: Earth Preta’s Updated Stealthy Strategies

Phishing Campaign Targets Chinese Nuclear Energy Industry  

Exploitation is a Dish Best Served Cold: Winter Vivern Uses Known Zimbra Vulnerability to Target Webmail Portals of NATO-Aligned Governments in Europe    

Cybersecurity

Lloyd’s of London says its controversial cyberwar exclusions could hit profits   

Wearable Brain Devices Will Challenge Our Mental Privacy

President Biden Signs Executive Order Restricting Use of Commercial Spyware

UK Introduces Mass Surveillance With Online Safety Bill

Artificial intelligence: stop to ChatGPT by the Italian SA
Personal data is collected unlawfully, no age verification system is in place for children

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Please vote for Security Affairs (https://securityaffairs.com/) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS
Vote for me in the sections:

  • The Teacher – Most Educational Blog
  • The Entertainer – Most Entertaining Blog
  • The Tech Whizz – Best Technical Blog
  • Best Social Media Account to Follow (@securityaffairs)

Please nominate Security Affairs as your favorite blog.

Nominate here: https://docs.google.com/forms/d/e/1FAIpQLSfaFMkrMlrLhOBsRPKdv56Y4HgC88Bcji4V7OCxCm_OmyPoLw/viewform

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)



Pierluigi Paganini
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.





You might also like





  • Digging the Deep Web: Exploring the dark side of the web

    Digging The Deep Web

  • Center for Cyber Security and International Relations Studies

  • Subscribe Security Affairs Newsletter

    newsletter

  • SecurityAffairs awarded as Best European Cybersecurity Tech Blog at European Cybersecurity Blogger Awards

    EU Sec Bloggers Awards 22


More Story

Leaked documents from Russian firm NTC Vulkan show Sandworm cyberwarfare arsenal

 Files leaked by Russian IT contractor NTC Vulkan show that Russia-linked Sandworm APT requested it to develop offensive...