Security Affairs newsletter Round 444 by Pierluigi Paganini – INTERNATIONAL EDITION

Pierluigi Paganini November 05, 2023

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Kinsing threat actors probed the Looney Tunables flaws in recent attacks
ZDI discloses four zero-day flaws in Microsoft Exchange
Okta customer support system breach impacted 134 customers
Multiple WhatsApp mods spotted containing the CanesSpy Spyware
Russian FSB arrested Russian hackers who supported Ukrainian cyber operations
MuddyWater has been spotted targeting two Israeli entities
Clop group obtained access to the email addresses of about 632,000 US federal employees
Okta discloses a new data breach after a third-party vendor was hacked
Suspected exploitation of Apache ActiveMQ flaw CVE-2023-46604 to install HelloKitty ransomware
Boeing confirmed its services division suffered a cyberattack
Resecurity: Insecurity of 3rd-parties leads to Aadhaar data leaks in India
Who is behind the Mozi Botnet kill switch?
CISA adds two F5 BIG-IP flaws to its Known Exploited Vulnerabilities catalog
Threat actors actively exploit F5 BIG-IP flaws CVE-2023-46747 and CVE-2023-46748
Pro-Hamas hacktivist group targets Israel with BiBi-Linux wiper
British Library suffers major outage due to cyberattack
Critical Atlassian Confluence flaw can lead to significant data loss
WiHD leak exposes details of all torrent users
Experts released PoC exploit code for Cisco IOS XE flaw CVE-2023-20198
Canada bans WeChat and Kaspersky apps on government-issued mobile devices
Florida man sentenced to prison for SIM Swapping conspiracy that led to theft of $1M in cryptocurrency
Wiki-Slack attack allows redirecting business professionals to malicious websites
HackerOne awarded over $300 million bug hunters
StripedFly, a complex malware that infected one million devices without being noticed
IT Army of Ukraine disrupted internet providers in territories occupied by Russia


New Hunters International ransomware possible rebrand of Hive

Hacker Sentenced to 30 Months for SIM Swapping Conspiracy Resulting in Theft of Nearly $1 Million in Cryptocurrency

Boeing Says Its Services Division Was Hit by Cyberattack   

Hackers Accessed 632,000 Email Addresses at US Justice, Defense Departments   

Dutch hacker jailed for extortion, selling stolen data on RaidForums

US Harbors Prolific Malicious Link Shortening Service

‘Corrupt’ cop jailed for tipping off pal to EncroChat dragnet 


Ukrainian hackers disrupt internet providers in Russia-occupied territories 

BiBi-Linux: A New Wiper Dropped By Pro-Hamas Hacktivist Group  

Who killed Mozi? Finally putting the IoT zombie botnet in its grave  

AridViper, an intrusion set allegedly associated with Hamas  

WhatsApp spy mod spreads through Telegram, attacks Arabic-speaking users  

Elastic catches DPRK passing out KANDYKORN  


The Wiki-Slack Attack  

Refresh: Compromising F5 BIG-IP With Request Smuggling | CVE-2023-46747  

Suspected Exploitation of Apache ActiveMQ CVE-2023-46604  

Unauthorized Access to Okta’s Support Case Management System: Root Cause and Remediation  

Looney Tunables Vulnerability Exploited by Kinsing  

A cascade of compromise: unveiling Lazarus’ new campaign  

Oldham Council facing 10,000 cyber attacks a day, report says

Russian Reshipping Service ‘SWAT USA Drop’ Exposed

Intelligence and Information Warfare

Fifth-Generation Warfare: AI in the Election Cycle

Minister Anand announces a ban on the use of WeChat and Kaspersky suite of applications on government mobile devices      

MuddyWater eN-Able spear-phishing with new TTPs

Russian TA499 Targets North American and European Countries     

Hackers are under investigation  



7th Annual Hacker Powered Security Report  

Your iPhone has a fatal security flaw — how to fix it immediately  

Internet access in Gaza partially restored after blackout

The Race to Save Our Secrets From the Computers of the Future

ODNI, Pentagon reveal FY23 intelligence budget at nearly $100 billion      

Is state intervention needed for cyber insurance?   

PSA: Your chat and call apps may leak your IP address  

German government reports risk of cyber threats higher than ever  

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

you might also like

leave a comment