Security Affairs newsletter Round 432 by Pierluigi Paganini – International edition

Pierluigi Paganini August 13, 2023

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Police dismantled bulletproof hosting service provider Lolek Hosted
Python URL parsing function flaw can enable command execution
UK govt contractor MPD FM leaks employee passport data
Power Generator in South Africa hit with DroxiDat and Cobalt Strike
The Evolution of API: From Commerce to Cloud
Gafgyt botnet is targeting EoL Zyxel routers
Charming Kitten APT is targeting Iranian dissidents in Germany
Statc Stealer, a new sophisticated info-stealing malware
CISA discovered a new backdoor, named Whirlpool, used in Barracuda ESG attacks
CISA adds actively exploited flaw in .NET, Visual Studio to its Known Exploited Vulnerabilities catalog
US Govt launches Artificial Intelligence Cyber Challenge
Data of all serving police officers Police Service of Northern Ireland (PSNI) mistakenly published online
Balada Injector still at large – new domains discovered
EvilProxy used in massive cloud account takeover scheme
Downfall Intel CPU side-channel attack exposes sensitive data
LockBit threatens to leak medical data of cancer patients stolen from Varian Medical Systems
Microsoft Patch Tuesday for August 2023 fixed 2 actively exploited flaws
UK Electoral Commission discloses a data breach
43 Android apps in Google Play with 2.5M installs loaded ads when a phone screen was off
Zoom trains its AI model with some user data, without giving them an opt-out option
North Korea compromised Russian missile engineering firm NPO Mashinostroyeniya
A new sophisticated SkidMap variant targets unsecured Redis servers
FBI warns of crooks posing as NFT developers in fraudulent schema
The number of ransomware attacks targeting Finland increased fourfold since it started the process to join NATO
Microsoft fixed a flaw in Power Platform after being criticized
Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack
BlueCharlie changes attack infrastructure in response to reports on its activity


Criminals Pose as Non-Fungible Token (NFT) Developers to Target Internet Users with an Interest in NFT Acquisition    

Interpol Busts Phishing-as-a-Service Platform ’16Shop,’ Leading to 3 Arrests

5 arrested in Poland for running bulletproof hosting service for cybercrime gangs

Administrator of ‘Bulletproof’ Webhosting Domain Charged in Connection with Facilitation of NetWalker Ransomware      

Hackers Rig Casino Card-Shuffling Machines for ‘Full Control’ Cheating  


Honeypot Recon: New Variant of SkidMap Targeting Redis   

Invisible Adware: Unveiling Ad Fraud Targeting Korean Android Users   

MAR-10454006.r4.v2 SEASPY and WHIRLPOOL Backdoors  

Statc Stealer: Decoding the Elusive Malware Threat  

Focus on DroxiDat/SystemBC  


UK Electoral Commission – Public notification of cyber-attack on Electoral Commission systems  

Downfall Attacks

Cloud Account Takeover Campaign Leveraging EvilProxy Targets Top-Level Executives at over 100 Global Organizations  

Zyxel Router Command Injection Attack 

Python Parsing Error Enabling Bypass CVE-2023-24329 

Teens Hacked Boston Subway Cards to Get Infinite Free Rides—and This Time, Nobody Got Sued  

Intelligence and Information Warfare

Comrades in Arms? | North Korea Compromises Sanctioned Russian Missile Engineering Company   

Ukrainian official touts country’s wartime cyber intelligence efforts  

Iranian cyber spies are targeting dissidents in Germany, warns intelligence service

MoustachedBouncer: Espionage against foreign diplomats in Belarus

Department of Homeland Security’s Cyber Safety Review Board to Conduct Review on Cloud Security      


Microsoft mitigates Power Platform Custom Code information disclosure vulnerability

Chinese Lawfare in the Maritime, Aviation, and Information Technology Domains       

Zoom can now train its A.I. using some customer data, according to updated terms    


‘Monumental’ data breach exposes names of entire Northern Ireland police force  

Pentagon launches AI competition to solicit help securing computer systems  

Northern Ireland police may have endangered its own officers by posting details online in error

OpenAI’s web scraping GPTBot is under attack – here’s why   

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

you might also like

leave a comment