Security Affairs newsletter Round 442 by Pierluigi Paganini – INTERNATIONAL EDITION

Pierluigi Paganini October 22, 2023

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

A threat actor is selling access to Facebook and Instagram’s Police Portal
Threat actors breached Okta support system and stole customers’ data
US DoJ seized domains used by North Korean IT workers to defraud businesses worldwide
Alleged developer of the Ragnar Locker ransomware was arrested
CISA adds Cisco IOS XE flaw to its Known Exploited Vulnerabilities catalog
Tens of thousands Cisco IOS XE devices were hacked by exploiting CVE-2023-20198
Law enforcement operation seized Ragnar Locker group’s infrastructure
North Korea-linked APT groups actively exploit JetBrains TeamCity flaw
Multiple APT groups exploited WinRAR flaw CVE-2023-38831
Californian IT company DNA Micro leaks private mobile phone data
Threat actors have been exploiting CVE-2023-4966 in Citrix NetScaler ADC/Gateway devices since August
A flaw in Synology DiskStation Manager allows admin account takeover
D-Link confirms data breach, but downplayed the impact
CVE-2023-20198 zero-day widely exploited to install implants on Cisco IOS XE systems
Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers
Ransomware realities in 2023: one employee mistake can cost a company millions
Malware-laced ‘RedAlert – Rocket Alerts’ app targets Israeli users 
Cisco warns of active exploitation of IOS XE zero-day
Signal denies claims of an alleged zero-day flaw in its platform
Microsoft Defender thwarted Akira ransomware attack on an industrial engineering firm
DarkGate malware campaign abuses Skype and Teams
The Alphv ransomware gang stole 5TB of data from the Morrison Community Hospital


Europol knocks RagnarLocker offline in second major ransomware bust this year

The Fake Browser Update Scam Gets a Makeover

Ragnar Locker ransomware gang taken down by international police swoop      

Justice Department Announces Court-Authorized Action to Disrupt Illicit Revenue Generation Efforts of Democratic People’s Republic of Korea Information Technology Workers   


DarkGate Opens Organizations for Attack via Skype, Teams   

New paper: Nexus Android banking botnet – compromising C&C panels and dissecting mobile AppInjects

Malicious “RedAlert – Rocket Alerts” Application Targets Israeli Phone Calls, SMS, and User Information   

BlackCat Climbs the Summit With a New Tactic  


Active exploitation of Cisco IOS XE Software Web Management User Interface vulnerability  

Widespread Cisco IOS XE Implants in the Wild  

Synology NAS DSM Account Takeover: When Random is not Secure

Remediations for Citrix NetScaler ADC and Gateway Vulnerability (CVE-2023-4966)

CVE-2023-20198 – Cisco IOS-XE ZeroDay     

Tracking Unauthorized Access to Okta’s Support System        

Intelligence and Information Warfare

Hamas Cyber Capabilities: Threats and Implications for Israel

Peculiarities of destructive cyber attacks against Ukrainian providers (CERT-UA#7627)

Government-backed actors exploiting WinRAR vulnerability  

Multiple North Korean threat actors exploiting the TeamCity CVE-2023-42793 vulnerability  

MI5 head warns of ‘epic scale’ of Chinese espionage

International Criminal Court systems breached for cyber espionage


NIST – Digital Identity Guidelines – Authentication and Lifecycle Management

Automatic disruption of human-operated attacks through containment of compromised user accounts    

Signal Debunks Zero-Day Vulnerability Reports, Finds No Evidence

Cloud and Threat Report: Top Adversary Tactics and Techniques  

ENISA Threat Landscape 2023   

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

you might also like

leave a comment