Breaking News

Security Affairs newsletter Round 422 by Pierluigi Paganini – International edition

newsletternewsletter

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Xplain hack impacted the Swiss cantonal police and Fedpol
Zyxel published guidance for protecting devices from ongoing attacks
Kimsuky APT poses as journalists and broadcast writers in its attacks
New Linux Ransomware BlackSuit is similar to Royal ransomware
CISA adds Progress MOVEit Transfer zero-day to its Known Exploited Vulnerabilities catalog
New botnet Horabot targets Latin America
Point32Health ransomware attack exposed info of 2.5M people
MOVEit Transfer software zero-day actively exploited in the wild
Russia’s FSB blames the US intelligence for Operation Triangulation
Operation Triangulation: previously undetected malware targets iOS devices
California-based workforce platform Prosperix leaks drivers licenses and medical records
Apps with over 420 Million downloads from Google Play unveil the discovery of SpinOk spyware
BlackCat claims the hack of the Casepoint legal technology platform used by US agencies
Widespread exploitation by botnet operators of Zyxel firewall flaw
Experts warn of backdoor-like behavior within Gigabyte systems
Threat actors are exploiting Barracuda Email Security Gateway bug since October 2022
Swiss real estate agency Neho fails to put a password on its systems
Microsoft found a new bug that allows bypassing SIP root restrictions in macOS
PyPI enforces 2FA authentication to prevent maintainers’ account takeover
A database containing 478,000 RaidForums members leaked online
Beware of the new phishing technique “file archiver in the browser” that exploits zip domains
BrutePrint Attack allows to unlock smartphones with brute-forcing fingerprint
Lockbit ransomware attack on MCNA Dental impacts 8.9M individuals
New Go-written GobRAT RAT targets Linux Routers in Japan
Researchers analyzed the PREDATOR spyware and its loader Alien
Attackers use encrypted RPMSG messages in Microsoft 365 targeted phishing attacks
Industrial automation giant ABB disclosed data breach after ransomware attack
New Bandit Stealer targets web browsers and cryptocurrency wallets
CISA adds recently patched Barracuda zero-day to its Known Exploited Vulnerabilities catalog

International Press

Cybercrime

New hacking forum leaks data of 478,000 RaidForums members  

Ask Fitis, the Bear: Real Crooks Sign Their Malware   

Discord Admins Hacked by Malicious Bookmarks   

Hacking

Microsoft Encrypted Restricted Permission Messages Deliver Phishing

BrutePrint: Expose Smartphone Fingerprint Authentication to Brute-force Attack      

Barracuda Email Security Gateway Appliance (ESG) Vulnerability 

SUPPLY CHAIN RISK FROM GIGABYTE APP CENTER BACKDOOR

Widespread Exploitation of Zyxel Network Devices       

MOVEit Transfer Critical Vulnerability Rapid Response  

An extraordinary cyberattack hits Switzerland, affecting the army and many police  

Malware   

New Info Stealer Bandit Stealer Targets Browsers, Wallets  

Mercenary mayhem: A technical analysis of Intellexa’s PREDATOR spyware

GobRAT malware written in Go language targeting Linux routers  

Potentially millions of Android TVs and phones come with malware preinstalled  

Android apps containing SpinOk module with spyware features installed over 421,000,000 times   

New Horabot campaign targets the Americas  

Investigating BlackSuit Ransomware’s Similarities to Royal  

Intelligence and Information Warfare

Operation Triangulation: iOS devices targeted with previously unknown malware

The FSB of Russia revealed the intelligence action of the American intelligence services using apple mobile devices       

Chinese Threat Actor Used Modified Cobalt Strike Variant to Attack Taiwanese Critical Infrastructure   

North Korea Using Social Engineering to Enable Hacking of Think Tanks, Academia, and Media   

Cybersecurity

Securing PyPI accounts via Two-Factor Authentication

US Air Force denies AI drone attacked operator in test

Zyxel’s guidance for the recent attacks on the ZyWALL devices   

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Published by
Pierluigi Paganini
Tags: Cybercrimedata breachHackinghacking newsinformation security newsIT Information SecuritymalwarePierluigi PaganiniSecurity AffairsSecurity News
2 years ago

Recent Posts

Security Affairs newsletter Round 526 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best…

2 hours ago

Two Linux flaws can lead to the disclosure of sensitive data

Qualys warns of two information disclosure flaws in apport and systemd-coredump, the core dump handlers in Ubuntu, Red Hat Enterprise…

20 hours ago

Meta stopped covert operations from Iran, China, and Romania spreading propaganda

Meta stopped three covert operations from Iran, China, and Romania using fake accounts to spread…

2 days ago

US Treasury sanctioned the firm Funnull Technology as major cyber scam facilitator

The U.S. sanctioned Funnull Technology and Liu Lizhi for aiding romance scams that caused major…

2 days ago

ConnectWise suffered a cyberattack carried out by a sophisticated nation state actor<gwmw style="display:none;"></gwmw><gwmw style="display:none;"></gwmw>

ConnectWise detected suspicious activity linked to a nation-state actor, impacting a small number of its…

2 days ago

Victoria’s Secret ‘s website offline following a cyberattack

Victoria’s Secret took its website offline after a cyberattack, with experts warning of rising threats…

3 days ago