Breaking News

Security Affairs newsletter Round 416 by Pierluigi Paganini – International edition

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Abandoned Eval PHP WordPress plugin abused to backdoor websites
CISA adds MinIO, PaperCut, and Chrome bugs to its Known Exploited Vulnerabilities catalog
At least 2 critical infrastructure orgs breached by North Korea-linked hackers behind 3CX attack
American Bar Association (ABA) suffered a data breach,1.4 million members impacted
Pro-Russia hackers launched a massive attack against the EUROCONTROL agency
Cisco fixed critical flaws in the Industrial Network Director and Modeling Labs solutions
Intro to phishing: simulating attacks to build resiliency
Multinational ICICI Bank leaks passports and credit card numbers
VMware fixed a critical flaw in vRealize that allows executing arbitrary code as root
Lazarus APT group employed Linux Malware in recent attacks and was linked to 3CX supply chain attack
Experts disclosed two critical flaws in Alibaba cloud database services
Google TAG warns of Russia-linked APT groups targeting Ukraine
Trigona Ransomware targets Microsoft SQL servers
Russian national sentenced to time served for committing money laundering for the Ryuk ransomware operation
Google fixed the second actively exploited Chrome zero-day of 2023
US and UK agencies warn of Russia-linked APT28 exploiting Cisco router flaws
Iran-linked Mint Sandstorm APT targeted US critical infrastructure
PWNYOURHOME, FINDMYPWN, LATENTIMAGE: 3 iOS Zero-Click exploits used by NSO Group in 2022
Experts temporarily disrupted the RedLine Stealer operations
CISA adds bugs in Chrome and macOS to its Known Exploited Vulnerabilities catalog
The intricate relationships between the FIN7 group and members of the Conti ransomware gang
Israeli surveillance firm QuaDream is shutting down amidst spyware accusations
New QBot campaign delivered hijacking business correspondence
China-linked APT41 group spotted using open-source red teaming tool GC2
Vice Society gang is using a custom PowerShell tool for data exfiltration
Experts warn of an emerging Python-based credential harvester named Legion
Experts found the first LockBit encryptor that targets macOS systems
NCR was the victim of BlackCat/ALPHV ransomware gang
Remcos RAT campaign targets US accounting and tax return preparation firms

International Press

Cybercrime

NCR suffers Aloha POS outage after BlackCat ransomware attack

Capita IT breach gets worse as Black Basta claims it’s now selling off stolen data

Ex-Conti and FIN7 Actors Collaborate with New Domino Backdoor  

Takedown of GitHub Repositories Disrupts RedLine Malware Operations  

Hacking

Legion: an AWS Credential Harvester and SMTP Hijacker    

Russian Man Who Laundered Money for Ryuk Ransomware Gang Sentenced   

#BrokenSesame: Accidental ‘write’ permissions to private registry allowed potential RCE to Alibaba Cloud Database Services  

European air traffic control agency’s website under cyber attack from pro-Russian hackers: Report

X_Trader Supply Chain Attack Affects Critical Infrastructure Organizations in U.S. and Europe  

Massive Abuse of Abandoned Eval PHP WordPress Plugin   

Malware

The LockBit ransomware (kinda) comes for macOS  

Vice Society: A Tale of Victim Data Exfiltration via PowerShell, aka Stealing off the Land  

QBot banker delivered through business correspondence

Trigona Ransomware Attacking MS-SQL Servers   

Triple Threat NSO Group’s Pegasus Spyware Returns in 2022 with a Trio of iOS 15 and iOS 16 Zero-Click Exploit Chains 

Intelligence and Information Warfare

Threat Horizons April 2023 Threat Horizons Report

Online Gaming Chats Have Long Been Spy Risk for US Military

DOJ charges 34 with operating Chinese gov’t troll farm that harassed dissidents 

The NTC Vulkan Files: Implications for Cybersecurity and Businesses  

Nation-state threat actor Mint Sandstorm refines tradecraft to attack high-value targets  

State-sponsored campaigns target global network infrastructure

APT28 Exploits Known Vulnerability to Carry Out Reconnaissance and Deploy Malware on Cisco Routers

Ukraine remains Russia’s biggest cyber focus in 2023  

Linux malware strengthens links between Lazarus and the 3CX supply‑chain attack    

Cybersecurity

Offensive cyber company QuaDream shutting down amidst spyware accusations  

Questions and Answers: Cyber: towards stronger EU capabilities for effective operational cooperation, solidarity and resilience   

Google Chrome Hit by Second Zero-Day Attack – Urgent Patch Update Released

AI security concerns in a nutshell – Practical AI Security guide

WhatsApp and Signal unite against online safety bill amid privacy concerns    

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Please vote for Security Affairs (https://securityaffairs.com/) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS
Vote for me in the sections:

  • The Teacher – Most Educational Blog
  • The Entertainer – Most Entertaining Blog
  • The Tech Whizz – Best Technical Blog
  • Best Social Media Account to Follow (@securityaffairs)

Please nominate Security Affairs as your favorite blog.

Nominate here: https://docs.google.com/forms/d/e/1FAIpQLSfaFMkrMlrLhOBsRPKdv56Y4HgC88Bcji4V7OCxCm_OmyPoLw/viewform

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Published by
Pierluigi Paganini
Tags: Cybercrimedata breachHackinghacking newsinformation security newsIT Information SecuritymalwareNewsletterPierluigi PaganiniSecurity AffairsSecurity News
3 years ago

Recent Posts

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 84

Security Affairs Malware newsletter includes a collection of the best articles and research on malware…

29 minutes ago

Security Affairs newsletter Round 563 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best…

1 hour ago

Fintech firm Figure disclosed data breach after employee phishing attack

Fintech firm Figure confirmed a data breach after hackers used social engineering to trick an…

21 hours ago

U.S. CISA adds a flaw in BeyondTrust RS and PRA to its Known Exploited Vulnerabilities catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in BeyondTrust RS and…

23 hours ago

Suspected Russian hackers deploy CANFAIL malware against Ukraine

A new alleged Russia-linked APT group targeted Ukrainian defense, government, and energy groups, with CANFAIL…

1 day ago

New threat actor UAT-9921 deploys VoidLink against enterprise sectors

A new threat actor, UAT-9921, uses the modular VoidLink framework to target technology and financial…

2 days ago

This website uses cookies.