Security Affairs newsletter Round 427 by Pierluigi Paganini

Security Affairs newsletter Round 427 by Pierluigi Paganini – International edition

Pierluigi Paganini July 09, 2023

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Google addressed 3 actively exploited flaws in Android

Iran-linked APT TA453 targets Windows and macOS systems

Bangladesh government website leaked data of millions of citizens

A man has been charged with a cyber attack on the Discovery Bay water treatment facility

Progress warns customers of a new critical flaw in MOVEit Transfer software

CISA and FBI warn of Truebot infecting US and Canada based organizations

Cisco warns of a flaw in Nexus 9000 series switches that allows modifying encrypted traffic

StackRot, a new Linux Kernel privilege escalation vulnerability

Ransomware accounts for 54% of cyber threats in the health sector

CVE-2022-29303 flaw in SolarView product can be exploited in attacks against the energy sector
RedEnergy Stealer-as-a-Ransomware employed in attacks in the wild

The Port of Nagoya, the largest Japanese port, suffered a ransomware attack

NoName(057)16’s DDoSia Project’s gets an upgrade

Swedish data protection authority rules against the use of Google Analytics

MOVEit attack on Aon exposed data of the staff at the Dublin Airport

Neo_Net runs eCrime campaign targeting clients of banks globally

Hackers stole millions of dollars worth of crypto assets from Poly Network platform

335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997

Anonymous Sudan claims to have stolen 30 million Microsoft’s customer accounts

SmugX: Chinese APT uses HTML smuggling to target European Ministries and embassies
The Impacts of Data Loss on Your Organization

CISA adds Samsung and D-link bugs to its Known Exploited Vulnerabilities catalog

New Windows Meduza Stealer targets tens of crypto wallets and password managers

Experts detected a new variant of North Korea-linked RUSTBUCKET macOS malware

WordPress sites using the Ultimate Member plugin are under attack

Cybercrime

Malvertising Used as Entry Vector for BlackCat, Actors Also Leverage SpyBoy Terminator

Neo_Net | The Kingpin of Spanish eCrime

The #Port of #Nagoya, the largest Japanese port, suffered a #ransomware attack

Tracy Resident Charged With Computer Attack On Discovery Bay Water Treatment Facility

Malware

The DPRK strikes using a new variant of RUSTBUCKET

Meduza Stealer: What Is It & How Does It Work?

Ransomware Redefined: RedEnergy Stealer-as-a-Ransomware attacks

MAR-10445155-1.v1 Truebot Activity Infects U.S. and Canada Based Networks

Hacking

CVE-2023-27997 Is Exploitable, and 69% of FortiGate Firewalls Are Vulnerable

Dublin Airport staff pay data ‘compromised’ by criminals

Following NoName057(16) DDoSia Project’s Targets

Actively Exploited Industrial Control Systems Hardware – SolarView Series

Intelligence and Information Warfare

CHINESE THREAT ACTORS TARGETING EUROPE IN SMUGX CAMPAIGN

Welcome to New York: Exploring TA453’s Foray into LNKs and Mac Malware

Cybersecurity

Four companies must stop using Google Analytics

Health Threat Landscape

Researchers Uncover New Linux Kernel ‘StackRot’ Privilege Escalation Vulnerability Bangladesh government website leaks citizens’ personal data

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Pierluigi Paganini June 27, 2025

OneClik APT campaign targets energy sector with stealthy backdoors

Pierluigi Paganini June 27, 2025

Security Affairs newsletter Round 427 by Pierluigi Paganini – International edition

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

you might also like

OneClik APT campaign targets energy sector with stealthy backdoors

APT42 impersonates cyber professionals to phish Israeli academics and journalists

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

OneClik APT campaign targets energy sector with stealthy backdoors

APT42 impersonates cyber professionals to phish Israeli academics and journalists

Kai West, aka IntelBroker, indicted for cyberattacks causing $25M in damages

Cisco fixed critical ISE flaws allowing Root-level remote code execution

U.S. CISA adds AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet FortiOS flaws to its Known Exploited Vulnerabilities catalog

QUICK LINKS

Security Affairs newsletter Round 427 by Pierluigi Paganini – International edition

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

you might also like

OneClik APT campaign targets energy sector with stealthy backdoors

APT42 impersonates cyber professionals to phish Israeli academics and journalists

leave a comment

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

OneClik APT campaign targets energy sector with stealthy backdoors

APT42 impersonates cyber professionals to phish Israeli academics and journalists

Kai West, aka IntelBroker, indicted for cyberattacks causing $25M in damages

Cisco fixed critical ISE flaws allowing Root-level remote code execution

U.S. CISA adds AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet FortiOS flaws to its Known Exploited Vulnerabilities catalog

Subscribe to my email list and stay
up-to-date!