Security Affairs newsletter Round 428 by Pierluigi Paganini – International edition

Pierluigi Paganini July 15, 2023

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Russia-linked APT Gamaredon starts stealing data from victims between 30 and 50 minutes after the initial compromise
The source code of the BlackLotus UEFI Bootkit was leaked on GitHub
US CISA warns of Rockwell Automation ControlLogix flaws
Indexing Over 15 Million WordPress Websites with PWNPress
New AVrecon botnet remained under the radar for two years while targeting SOHO Routers
Apple re-released Rapid Security Response to fix recently disclosed zero-day
Zimbra urges customers to manually fix actively exploited zero-day reported by Google TAG
Chinese hackers compromised emails of U.S. Government agencies
SonicWall urges organizations to fix critical flaws in GMS/Analytics products
Citrix fixed a critical flaw in Secure Access Client for Ubuntu
Cl0p hacker operating from Russia-Ukraine war front line – exclusive
Fortinet fixed a critical flaw in FortiOS and FortiProxy
Microsoft mitigated an attack by Chinese threat actor Storm-0558
Unpatched Office zero-day CVE-2023-36884 actively exploited in targeted attacks
HCA Healthcare data breach impacted 11 million patients
Apple issued Rapid Security Response updates to fix a zero-day but pulled them due to a Safari bug
VMware warns customers of exploit available for critical vRealize RCE flaw CVE-2023-20864
Cybercriminals Evolve Antidetect Tooling for Mobile OS-Based Fraud
Experts released PoC exploit for Ubiquiti EdgeRouter flaw
RomCom RAT attackers target groups supporting NATO membership of Ukraine
A flaw in Revolut US payments resulted in the theft of $20 Million
France’s government is giving the police more surveillance power
Two spyware sending data of more than 1.5M users to China were found in Google Play Store

Cybercrime

Cybercriminals Evolve Antidetect Tooling For Mobile OS-Based Fraud  

Storm-0978 attacks reveal financial and espionage motives  

Cl0p hacker operating from Russia-Ukraine war front line – exclusive  

UK battles hacking wave as ransomware gang claims ‘biggest ever’ NHS breach

Deutsche Bank confirms provider breach exposed customer data

Malware

Two spyware tied with China found hiding on the Google Play Store  

The Turkish Government Masqueraded Site Distributing Android RAT 

Routers From The Underground: Exposing AVrecon  

BlackLotus UEFI Bootkit Source Code Leaked on GitHub

Hacking

Report: Revolut US Payments Flaw Leads to $20 Million Theft

AWS CodeBuild + S3 == Privilege Escalation

Game Hacking 101: Unleashing the Power of Memory Manipulation  

SSD ADVISORY –  EDGEROUTERS AND AIRCUBE MINIUPNPD HEAP OVERFLOW  

Exploit Code Published for Remote Root Flaw in VMware Logging Software    

Dragos Enabled Defense Against APT Exploits for Rockwell Automation ControlLogix

         
Intelligence and Information Warfare

France set to allow police to spy through phones

RomCom Threat Actor Suspected of Targeting Ukraine’s NATO Membership Talks at the NATO Summit   

Mitigation for China-Based Threat Actor Activity   

How a Cloud Flaw Gave Chinese Spies a Key to Microsoft’s Kingdom 

CISA and FBI Release Cybersecurity Advisory on Enhanced Monitoring to Detect APT Activity Targeting Outlook Online

Chinese hackers breach email of Commerce Secretary Raimondo and State Department officials       

Summary information on the activities of the UAC-0010 group as of July 2023  

Cybersecurity

Microsoft mitigates China-based threat actor Storm-0558 targeting of customer email   

White House unveils ‘roadmap’ for national cyber strategy goals   

Zimbra urges admins to manually fix zero-day exploited in attacks

CISA Releases One Industrial Control Systems Advisory  

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)



you might also like

leave a comment