Security Affairs newsletter Round 424 by Pierluigi Paganini

Security Affairs newsletter Round 424 by Pierluigi Paganini – International edition

Pierluigi Paganini June 18, 2023

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Law enforcement shutdown a long-standing DDoS-for-hire service

A Russian national charged for committing LockBit Ransomware attacks

Oil and gas giant Shell is another victim of Clop ransomware attacks

Progress fixed a third flaw in MOVEit Transfer software
Unveiling the Balada injector: a malware epidemic in WordPress

China-linked APT UNC3886 used VMware ESXi Zero-Day

LLM meets Malware: Starting the Era of Autonomous Threat

Microsoft Patch Tuesday for June 2023 fixes 6 critical flaws

St. Margaret’s Health is the first hospital to cite a cyberattack as a reason for its closure

A database containing data of +8.9 million Zacks users was leaked online

Fortinet urges to patch the critical RCE flaw CVE-2023-27997 in Fortigate firewalls

UK communications regulator Ofcom hacked with a MOVEit file transfer zero-day

Experts released PoC exploit for MOVEit Transfer CVE-2023-34362 flaw

Intellihartx data breach exposed the personal and health info of 490,000 individuals
FUD Malware obfuscation engine BatCloak continues to evolve

Fortinet urges to patch a critical RCE flaw in Fortigate firewalls

Xplain data breach also impacted the national Swiss railway FSS

Microsoft warns of multi-stage AiTM phishing and BEC attacks

Pro-Ukraine Cyber Anarchy Squad claims the hack of the Russian telecom provider Infotel JSC

Updated Android spyware GravityRAT steals WhatsApp Backups

Barracuda ESG zero-day exploited by China-linked APT

Russia-linked APT Gamaredon update TTPs in recent attacks against Ukraine

Cybersecurity agencies published a joint LockBit ransomware advisory

Microsoft links Cadet Blizzard APT to Russia’s military intelligence GRU

Critical flaw found in WooCommerce Stripe Gateway Plugin used by +900K sites

Cybercrime

Oil and gas giant Shell confirms it was impacted by Clop ransomware attacks

Russian National Arrested and Charged with Conspiring to Commit LockBit Ransomware Attacks Against U.S. and Foreign Businesses

DETAINED FOR DDOS ATTACKS AS PART OF THE NEXT EDITION OF THE INTERNATIONAL “POWER OFF” OPERATION

Malware

Android GravityRAT goes after WhatsApp backups

LLM meets Malware: Starting the Era of Autonomous Threat

Reverse Engineering Terminator aka Zemana AntiMalware/AntiLogger Driver

Understanding Ransomware Threat Actors: LockBit

Hacking

Two XSS Vulnerabilities in Azure with Embedded postMessage IFrames

Intelligence and Information Warfare

Hackers hacked the websites of a Moscow provider and a number of Russian companies: they wish the Armed Forces of Ukraine success

VMware ESXi Zero-Day Used by Chinese Espionage Actor to Perform Privileged Guest Operations on Compromised Hypervisors

Spy agencies acquire commercial data with little coordination and few controls

Cadet Blizzard emerges as a novel and distinct Russian threat actor

Shuckworm: Inside Russia’s Relentless Cyber Campaign Against Ukraine

Barracuda ESG Zero-Day Vulnerability (CVE-2023-2868) Exploited Globally by Aggressive and Skilled Actor, Suspected Links to China

Cybersecurity

An Illinois hospital is the first health care facility to link its closing to a ransomware attack

The June 2023 Security Update Review

Unauthenticated IDOR to PII Disclosure in WooCommerce Stripe Gateway Plugin

MEPs ready to negotiate first-ever rules for safe and transparent AI

CISA Instructs Federal Agencies to Secure Internet-Exposed Devices

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Cybercrime data breach Hacking hacking news information security news malware Newsletter Pierluigi Paganini Security Affairs Security News

Pierluigi Paganini June 24, 2025

The U.S. House banned WhatsApp on government devices due to security concerns

Pierluigi Paganini June 24, 2025

Security Affairs newsletter Round 424 by Pierluigi Paganini – International edition

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

you might also like

The U.S. House banned WhatsApp on government devices due to security concerns

Russia-linked APT28 use Signal chats to target Ukraine official with malware

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

The U.S. House banned WhatsApp on government devices due to security concerns

Russia-linked APT28 use Signal chats to target Ukraine official with malware

China-linked APT Salt Typhoon targets Canadian Telecom companies

U.S. warns of incoming cyber threats following Iran airstrikes

McLaren Health Care data breach impacted over 743,000 people

QUICK LINKS

Security Affairs newsletter Round 424 by Pierluigi Paganini – International edition

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

you might also like

The U.S. House banned WhatsApp on government devices due to security concerns

Russia-linked APT28 use Signal chats to target Ukraine official with malware

leave a comment

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

The U.S. House banned WhatsApp on government devices due to security concerns

Russia-linked APT28 use Signal chats to target Ukraine official with malware

China-linked APT Salt Typhoon targets Canadian Telecom companies

U.S. warns of incoming cyber threats following Iran airstrikes

McLaren Health Care data breach impacted over 743,000 people

Subscribe to my email list and stay
up-to-date!