Security Affairs newsletter Round 438 by Pierluigi Paganini

Security Affairs newsletter Round 438 by Pierluigi Paganini – International edition

Pierluigi Paganini September 24, 2023

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Government of Bermuda blames Russian threat actors for the cyber attack

City of Dallas has set a budget of $8.5 million to mitigate the May Royal ransomware attack

Recently patched Apple and Chrome zero-days exploited to infect devices in Egypt with Predator spyware

CISA adds Trend Micro Apex One and Worry-Free Business Security flaw to its Known Exploited Vulnerabilities catalog

Information of Air Canada employees exposed in recent cyberattack

Sandman APT targets telcos with LuaDream backdoor

Experts warn of a 600X increase in P2Pinfect traffic

Apple rolled out emergency updates to address 3 new actively exploited zero-day flaws

Ukrainian hackers are behind the Free Download Manager supply chain attack

Space and defense tech maker Exail Technologies exposes database access

Pro-Russia hacker group NoName launched a DDoS attack on Canadian airports causing severe disruptions

Experts found critical flaws in Nagios XI network monitoring software

The dark web drug marketplace PIILOPUOTI was dismantled by Finnish Customs

International Criminal Court hit with a cyber attack

GitLab addressed critical vulnerability CVE-2023-5009

Trend Micro addresses actively exploited zero-day in Apex One and other security Products

APT ShroudedSnooper threat actors target telecom companies in the Middle East

Recent cyber attack is causing Clorox products shortage

12,000 Juniper SRX firewalls and EX switches vulnerable to CVE-2023-36845

Earth Lusca expands its arsenal with SprySOCKS Linux malware

Microsoft AI research division accidentally exposed 38TB of sensitive data

German intelligence warns cyberattacks could target liquefied natural gas (LNG) terminals

Deepfake and smishing. How hackers compromised the accounts of 27 Retool customers in the crypto industry

FBI hacker USDoD leaks highly sensitive TransUnion data

North Korea’s Lazarus APT stole almost $240 million in crypto assets since June

Clop gang stolen data from major North Carolina hospitals

CardX released a data leak notification impacting their customers in Thailand

Cybercrime

Russian cyber thieves linked to personal data breach at North Carolina hospitals

International operation closes down Piilopuoti dark web marketplace

THE CITY OF DALLAS RANSOMWARE INCIDENT: MAY 2023

Nigerian National Pleads Guilty To His Role In A Business Email Compromise Scheme

Malware

Bumblebee Loader Resurfaces in New Campaign

Earth Lusca Employs New Linux Backdoor, Uses Cobalt Strike for Lateral Movement

Stealth Falcon preying over Middle Eastern skies with Deadglyph

Inside the Code of a New XWorm Variant

Who’s Behind the 8Base Ransomware Website?

Cado Security Labs Researchers Witness a 600X Increase in P2Pinfect Traffic

Hacking

Retool attack – When MFA isn’t actually MFA

Fileless Remote Code Execution on Juniper Firewalls

Arbitrary code execution vulnerability in Trend Micro endpoint products’ ability to uninstall third-party security products

The outage at the airports really came from a computer attack

Russia linked to cyberattack on government services

Intelligence and Information Warfare

How the Lazarus Group is stepping up crypto hacks and changing its tactics

Lazarus Group’s Web3 Rampage

German spy chief warns of cyberattacks targeting liquefied natural gas terminals

New ShroudedSnooper actor targets telecommunications firms in the Middle East with novel Implants

Sandman APT | A Mystery Group Targeting Telcos with a LuaJIT Toolkit

Is That a Spy in Your Car?

0-days exploited by commercial surveillance vendor in Egypt

PREDATOR IN THE WIRES

OilRig’s Outer Space and Juicy Mix: Same ol’ rig, new drill pipes

Cybersecurity

Apple and Google Are Introducing New Ways to Defeat Cell Site Simulators, But Is it Enough?

NSA, FBI, and CISA Release Cybersecurity Information Sheet on Deepfake Threats

38TB of data accidentally exposed by Microsoft AI researchers

Clorox Blames Damaging Cyberattack for Product Shortage

MGM losing up to $8.4M per day as cyberattack paralyzes slot machines, hotels for 8th straight day: analyst

Apple emergency updates fix 3 new zero-days exploited in attacks

Cisco makes largest ever acquisition, buying cybersecurity company Splunk for $28 billion in cash

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Pierluigi Paganini August 13, 2025

Charon Ransomware targets Middle East with APT attack methods

Pierluigi Paganini August 13, 2025

Security Affairs newsletter Round 438 by Pierluigi Paganini – International edition

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

you might also like

Charon Ransomware targets Middle East with APT attack methods

Hackers leak 2.8M sensitive records from Allianz Life in Salesforce data breach

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Charon Ransomware targets Middle East with APT attack methods

Hackers leak 2.8M sensitive records from Allianz Life in Salesforce data breach

SAP fixed 26 flaws in August 2025 Update, including 4 Critical

August 2025 Patch Tuesday fixes a Windows Kerberos Zero-Day

Dutch NCSC: Citrix NetScaler zero-day breaches critical orgs

QUICK LINKS

Security Affairs newsletter Round 438 by Pierluigi Paganini – International edition

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

you might also like

Charon Ransomware targets Middle East with APT attack methods

Hackers leak 2.8M sensitive records from Allianz Life in Salesforce data breach

leave a comment

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Charon Ransomware targets Middle East with APT attack methods

Hackers leak 2.8M sensitive records from Allianz Life in Salesforce data breach

SAP fixed 26 flaws in August 2025 Update, including 4 Critical

August 2025 Patch Tuesday fixes a Windows Kerberos Zero-Day

Dutch NCSC: Citrix NetScaler zero-day breaches critical orgs

Subscribe to my email list and stay
up-to-date!