Security Affairs newsletter Round 441 by Pierluigi Paganini – INTERNATIONAL EDITION

Pierluigi Paganini October 15, 2023

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Lockbit ransomware gang demanded an 80 million ransom to CDW
CISA warns of vulnerabilities and misconfigurations exploited in ransomware attacks
Stayin’ Alive campaign targets high-profile Asian government and telecom entities. Is it linked to ToddyCat APT?
FBI and CISA published a new advisory on AvosLocker ransomware
More than 17,000 WordPress websites infected with the Balada Injector in September
Ransomlooker, a new tool to track and analyze ransomware groups’ activities
Apple releases iOS 16 update to fix CVE-2023-42824 on older devices
Phishing, the campaigns that are targeting Italy
A new Magecart campaign hides the malicious code in 404 error page
CISA adds Adobe Acrobat Reader flaw to its Known Exploited Vulnerabilities catalog
Mirai-based DDoS botnet IZ1H9 added 13 payloads to target routers
Air Europa data breach exposed customers’ credit cards
#OpIsrael, #FreePalestine & #OpSaudiArabia – How Cyber Actors Capitalize On War Actions Via Psy-Ops
Microsoft Patch Tuesday updates for October 2023 fixed three actively exploited zero-day flaws
New ‘HTTP/2 Rapid Reset’ technique behind record-breaking DDoS attacks
Exposed security cameras in Israel and Palestine pose significant risks
A flaw in libcue library impacts GNOME Linux systems
Hacktivists in Palestine and Israel after SCADA and other industrial control systems
Large-scale Citrix NetScaler Gateway credential harvesting campaign exploits CVE-2023-3519
The source code of the 2020 variant of HelloKitty ransomware was leaked on a cybercrime forum
Gaza-linked hackers and Pro-Russia groups are targeting Israel
Flagstar Bank suffered a data breach once again
Android devices shipped with backdoored firmware as part of the BADBOX network
North Korea-linked Lazarus APT laundered over $900 million through cross-chain crime


Phishers Spoof USPS, 12 Other Natl’ Postal Services  

The Art of Concealment: A New Magecart Campaign That’s Abusing 404 Pages  

Spanish airline Air Europa hit by credit card system breach  

New Report: Child Sexual Abuse Content and Online Risks to Children on the Rise

#StopRansomware: AvosLocker Ransomware (Update)

CDW Says It’s Investigating After LockBit Claims To Leak Data Trove  

New Clues Suggest Stolen FTX Funds Went to Russia-Linked Money Launderers 


Trojans All the Way Down: BADBOX and PEACHPI

IZ1H9 Campaign Enhances Its Arsenal with Scores of Exploits  

The Art of Concealment: A New Magecart Campaign That’s Abusing 404 Pages

Balada Injector Targets Unpatched tagDiv Plugin, Newspaper Theme & WordPress Admins       

DarkGate Opens Organizations for Attack via Skype, Teams  


X-Force uncovers global NetScaler Gateway credential harvesting campaign  

HTTP/2 Rapid Reset: deconstructing the record-breaking attack

U.S. Cybersecurity Agency Warns of Actively Exploited Adobe Acrobat Reader Vulnerability

Squid games: 35 security holes still unpatched in proxy after 2 years, now public

Intelligence and Information Warfare

Threat actors represented in the 2023 Microsoft Digital Defense Report

Concern grows in Brazil over Chinese industrial espionage

#OpIsrael, #FreePalestine And #OpSaudiArabia – How Cyber-Threat Actors Coordinate PSYOPS Campaigns With Kinetic Military Actions  


BlueShell Used in APT Attacks Against Korean and Thai Targets     

CVE-2023-38831 Exploited by Pro-Russia Hacking Groups in RU-UA Conflict Zone for Credential Harvesting Operations

Assessed Cyber Structure and Alignments of North Korea in 2023      

Cyberattacks Targeting Israel Are Rising After Hamas Assault   


Coordinated Disclosure: 1-Click RCE on GNOME (CVE-2023-43641)   

Exposed security cameras in Israel and Palestine posing significant risks

Google mitigated the largest DDoS attack to date, peaking above 398 million rps   


Hamas Attacks, Israel Bombs Gaza and Misinformation Surges Online  

Ransomware Vulnerability Warning Pilot updates: Now a One-stop Resource for Known Exploited Vulnerabilities and Misconfigurations Linked to Ransomware   

AI Images Detectors Are Being Used to Discredit the Real Horrors of War

SEC Investigating Progress Software Over MOVEit Hack   

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

you might also like

leave a comment