Breaking News

Security Affairs newsletter Round 420 by Pierluigi Paganini – International edition

newsletternewsletter

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

We are in the final!

Please vote for Security Affairs (https://securityaffairs.com/) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS
Vote for me in the sections where is reported Securityaffairs or my name Pierluigi Paganini

Please nominate Security Affairs as your favorite blog.

Nominate Pierluigi Paganini and Security Affairs here here: https://docs.google.com/forms/d/e/1FAIpQLSepvnj8b7QzMdLh7vWEDQDqohjBUsHyn3x3xRdYGCetwVy2DA/viewform

2021 data breach exposed data of 70 Million Luxottica customers
Cybercrime gang FIN7 returned and was spotted delivering Clop ransomware
US CISA warns of a Samsung vulnerability under active exploitation
February cyber incident will cost molten metal flow engineering firm Vesuvius £3.5 million
NPM packages found containing the TurkoRat infostealer
Lemon Group gang pre-infected 9 million Android devices for fraudulent activities
Apple fixed three new actively exploited zero-day vulnerabilities
KeePass 2.X Master Password Dumper allows retrieving the KeePass master password
Admin of the darknet carding platform Skynet Market pleads guilty
Critical fixed critical flaws in Cisco Small Business Switches
Ukraine, Ireland, Japan and Iceland join NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE)
Monitoring the dark web to identify threats to energy sector organizations
US Gov offers a $10M reward for a Russian ransomware actor
Multiple flaws in Teltonika industrial cellular router expose OT networks to hack
University admission platform Leverage EDU exposed student passports
Lacroix Group shut down three facilities after a ‘targeted cyberattack’
China-linked APT Mustang Panda targets TP-Link routers with a custom firmware implant
President Zelensky imposes sanctions against the Russian IT sector
CISA adds Ruckus bug and another six flaws to its Known Exploited Vulnerabilities catalog
Lancefly APT uses powerful Merdoor backdoor in attacks on Asian orgs
PharMerica data breach impacts more than 5.8 million individuals
New RA Group ransomware gang is the latest group using leaked Babuk source code
Introducing the DRM-Report Q1 2023: Unveiling the Current State of Ransomware
Former Ubiquiti employee gets 6 years in jail for stealing confidential data and extorting company
Former ByteDance executive alleges TikTok of wrongful conduct
The latest variant of the RapperBot botnet adds cryptojacking capabilities
Capita warns customers to assume that their data was stolen

International Press

Cybercrime

Former Employee Of Technology Company Sentenced To Six Years In Prison For Stealing Confidential Data And Extorting Company For Ransom  

Cyber attack contained at LACROIX

Russian National Charged with Ransomware Attacks Against Critical Infrastructure   

Man Pleads Guilty to Conspiracy to Sell Stolen Financial Information on Dark Web  

Knocking    down Hive: How the FBI ran its own ransomware decryption operation

Re-Victimization from Police-Auctioned Cell Phones

Inside the Italian Mafia’s Encrypted Phone of Choice

Hacking

Triple Threat: Breaking Teltonika Routers Three Ways   https://claroty.com/team82/research/triple-threat-breaking-teltonika-routers-three-ways

KeePass 2.X Master Password Dumper (CVE-2023-32784)   

Malware

RapperBot DDoS Botnet Expands into Cryptojacking   

Newly identified RA Group compromises companies in U.S. and South Korea with leaked Babuk source code   

Lemon Group’s Cybercriminal Businesses Built on Preinfected Devices

RATs found hiding in the npm attic       

Intelligence and Information Warfare

South Korea alleges spies messaged North Korean handlers via YouTube comments

Lancefly: Group Uses Custom Backdoor to Target Orgs in Government, Aviation, Other Sectors   

THE DRAGON WHO SOLD HIS CAMARO: ANALYZING CUSTOM ROUTER IMPLANT

The Underground History of Russia’s Most Ingenious Hacker Group

Cybersecurity

Executive fired from TikTok’s Chinese owner says Beijing had access to app data in termination suit   

The NATO CCDCOE welcomes new members Iceland, Ireland, Japan, and Ukraine  

Apple fixes three new zero-days exploited to hack iPhones, Macs   

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Published by
Pierluigi Paganini
Tags: Cybercrimedata breachHackinghacking newsinformation security newsIT Information SecuritymalwareNewsletterPierluigi PaganiniSecurity AffairsSecurity News
2 years ago

Recent Posts

Two Linux flaws can lead to the disclosure of sensitive data

Qualys warns of two information disclosure flaws in apport and systemd-coredump, the core dump handlers in Ubuntu, Red Hat Enterprise…

15 hours ago

Meta stopped covert operations from Iran, China, and Romania spreading propaganda

Meta stopped three covert operations from Iran, China, and Romania using fake accounts to spread…

1 day ago

US Treasury sanctioned the firm Funnull Technology as major cyber scam facilitator

The U.S. sanctioned Funnull Technology and Liu Lizhi for aiding romance scams that caused major…

2 days ago

ConnectWise suffered a cyberattack carried out by a sophisticated nation state actor<gwmw style="display:none;"></gwmw><gwmw style="display:none;"></gwmw>

ConnectWise detected suspicious activity linked to a nation-state actor, impacting a small number of its…

2 days ago

Victoria’s Secret ‘s website offline following a cyberattack

Victoria’s Secret took its website offline after a cyberattack, with experts warning of rising threats…

3 days ago

China-linked APT41 used Google Calendar as C2 to control its TOUGHPROGRESS malware

Google says China-linked group APT41 controlled malware via Google Calendar to target governments through a…

3 days ago