Security Affairs newsletter Round 417 by Pierluigi Paganini – International edition

April 30, 2023  By Pierluigi Paganini


A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

ViperSoftX uses more sophisticated encryption and anti-analysis techniques
Atomic macOS Stealer is advertised on Telegram for $1,000 per month
CISA warns of a critical flaw affecting Illumina medical devices
OpenAI reinstates ChatGPT service in Italy after meeting Garante Privacy’s demands
Cisco discloses a bug in the Prime Collaboration Deployment solution
Zyxel fixed a critical RCE flaw in its firewall devices and urges customers to install the patches
Ukraine cyber police arrested a man for selling data of 300M people
Google obtained a temporary court order against CryptBot distributors
Researchers found the first Linux variant of the RTM locker
Crooks use PaperCut exploits to deliver Cl0p and LockBit ransomware
CryptoRom: OkCupid scam cost Florida man $480k – we followed the money to Binance
Iranian Charming Kitten APT used a new BellaCiao malware in recent wave of attacks
China-linked Alloy Taurus APT uses a Linux variant of PingPull malware
A component in Huawei network appliances could be used to take down Germany’s telecoms networks
Thousands of publicly-exposed Apache Superset installs exposed to RCE attacks
Pro-Russia hacking group executed a disruptive attack against a Canadian gas pipeline
SLP flaw allows DDoS attacks with an amplification factor as high as 2200 times
VMware addressed two zero-day flaws demonstrated at Pwn2Own Vancouver 2023
A new Mirai botnet variant targets TP-Link Archer A21
Google researchers found multiple security issues in Intel TDX
Google Authenticator App now supports Google Account synchronization
Peugeot leaks access to user information in South America
North Korea-linked BlueNoroff APT is behind the new RustBucket Mac Malware
AuKill tool uses BYOVD attack to disable EDR software
Experts released PoC Exploit code for actively exploited PaperCut flaw
EvilExtractor, a new All-in-One info stealer appeared on the Dark Web
Russian cybercrime group likely behind ongoing exploitation of PaperCut flaws
Hackers can hack organizations using data found on their discarded enterprise network equipment
Health insurer Point32Health suffered a ransomware attack
Experts spotted first-ever crypto mining campaign leveraging Kubernetes RBAC

International Press

Cybercrime

Continuing our work to hold cybercriminal ecosystems accountable  

First draft of controversial UN Cybercrime Treaty slated for June

The cyber police exposed an attacker in the sale of databases with personal data of citizens of Ukraine and the EU   

Hacking

First-Ever Attack Leveraging Kubernetes RBAC to Backdoor Clusters   

Hacker Group Names Are Now Absurdly Out of Control

Critical vulnerabilities in papercut print management software

PaperCut CVE-2023-27350 Deep Dive and Indicators of Compromise 

Compromising Garmin’s Sport Watches: A Deep Dive into GarminOS and its MonkeyC Virtual Machine

Cyberattacks on Canada’s gas infrastructure left ‘no physical damage,’ Trudeau says      

CVE-2023-27524: Insecure Default Configuration in Apache Superset Leads to Remote Code Execution   

Malware

EvilExtractor – All-in-One Stealer

‘AuKill’ EDR killer malware abuses Process Explorer driver   

Chinese Alloy Taurus Updates PingPull Malware   

RTM Locker Ransomware as a Service (RaaS) Now Suits Up for Linux Architecture

Threat Actor Selling New Atomic macOS (AMOS) Stealer on Telegram

Citrix Users at Risk: AresLoader Spreading Through Disguised GitLab Repo       

Intelligence and Information Warfare

BlueNoroff APT group targets macOS with ‘RustBucket’ Malware

TP-LINK WAN-SIDE VULNERABILITY CVE-2023-1389 ADDED TO THE MIRAI BOTNET ARSENAL   

Leaked Pentagon Documents Reveal Secrets About Friends and Foes

How China’s Huawei spooked Germany into launching a probe      

Unpacking BellaCiao: A Closer Look at Iran’s Latest Malware   

Cybersecurity

Discarded, not destroyed: Old routers reveal corporate secrets

Google Authenticator now supports Google Account synchronization

Intel Trust Domain Extensions (TDX) Security Review  

New high-severity vulnerability (CVE-2023-29552) discovered in the Service Location Protocol (SLP)

South Korea, US agree to cooperate on cybersecurity and combating North Korean digital heists  

ChatGPT: OpenAI reinstates service in Italy with enhanced transparency and rights for european users and non-users

Illumina Cybersecurity Vulnerability Affecting the Universal Copy Service Software May Present Risks for Patient Results and Customer Networks: Letter to Health Care Providers  

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Please vote for Security Affairs (https://securityaffairs.com/) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS
Vote for me in the sections:

  • The Teacher – Most Educational Blog
  • The Entertainer – Most Entertaining Blog
  • The Tech Whizz – Best Technical Blog
  • Best Social Media Account to Follow (@securityaffairs)

Please nominate Security Affairs as your favorite blog.

Nominate here: https://docs.google.com/forms/d/e/1FAIpQLSfaFMkrMlrLhOBsRPKdv56Y4HgC88Bcji4V7OCxCm_OmyPoLw/viewform

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)



Pierluigi Paganini
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.





You might also like





  • Digging the Deep Web: Exploring the dark side of the web

    Digging The Deep Web

  • Center for Cyber Security and International Relations Studies

  • Subscribe Security Affairs Newsletter

    newsletter

  • SecurityAffairs awarded as Best European Cybersecurity Tech Blog at European Cybersecurity Blogger Awards

    EU Sec Bloggers Awards 22


More Story

ViperSoftX uses more sophisticated encryption and anti-analysis techniques

 A new variant of the information-stealing malware ViperSoftX implements sophisticated techniques to avoid detection. Trend...