Security Affairs newsletter Round 446 by Pierluigi Paganini

Security Affairs newsletter Round 446 by Pierluigi Paganini – INTERNATIONAL EDITION

Pierluigi Paganini November 19, 2023

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Israeli man sentenced to 80 months in prison for providing hacker-for-hire services

Russian APT Gamaredon uses USB worm LitterDrifter against Ukraine

The board of directors of OpenAI fired Sam Altman

Medusa ransomware gang claims the hack of Toyota Financial Services

CISA adds Sophos Web Appliance bug to its Known Exploited Vulnerabilities catalog

A critical OS command injection flaw affects Fortinet FortiSIEM

Zimbra zero-day exploited to steal government emails by four groups

Vietnam Post exposes 1.2TB of data, including email addresses

Samsung suffered a new data breach

FBI and CISA warn of attacks by Rhysida ransomware gang

Critical flaw fixed in SAP Business One product

Law enforcement agencies dismantled the illegal botnet proxy service IPStorm

Gamblers’ data compromised after casino giant Strendus fails to set password

VMware disclosed a critical and unpatched authentication bypass flaw in VMware Cloud Director Appliance

Microsoft Patch Tuesday security updates fixed 3 actively exploited flaws

Danish critical infrastructure hit by the largest cyber attack in Denmark’s history

Major Australian ports blocked after a cyber attack on DP World

Nuclear and Oil & Gas are Major Targets of Ransomware Groups in 2024

CISA adds five vulnerabilities in Juniper devices to its Known Exploited Vulnerabilities catalog

LockBit ransomware gang leaked data stolen from Boeing

North Korea-linked APT Sapphire Sleet targets IT job seekers with bogus skills assessment portals

The Lorenz ransomware group hit Texas-based Cogdell Memorial Hospital

The State of Maine disclosed a data breach that impacted 1.3M people

Cybercrime

Maine gov data breach: MOVEit Global Security Incident

Ransomware Attacks Against The Energy Sector On The Rise – Nuclear And Oil & Gas Are Major Targets In 2024

Russian and Moldovan National Pleads Guilty to Operating Illegal Botnet Proxy Service that Infected Tens of Thousands of Internet-Connected Devices Around the World

Hackers Use Online Casinos to Gamble Mountains of Cash They Steal from Victims

Israeli Hacker-For-Hire Sentenced To 80 Months In Prison For Involvement In Massive Spearphishing Campaign

Malware

StopRansomware: Rhysida Ransomware

MALWARE SPOTLIGHT – INTO THE TRASH: ANALYZING LITTERDRIFTER

A deep dive into Phobos ransomware, recently deployed by 8Base group

Hacking

The attack against Danish, critical infrastructure

Novel backdoor persists even after critical Confluence vulnerability is patched

CacheWarp Attack: New Vulnerability in AMD SEV Exposes Encrypted VMs

LLM RED TEAMING GPT’S: PROMPT LEAKAGE, API LEAKAGE, DOCUMENTS LEAKAGE

Elephant Hunting | Inside an Indian Hack-For-Hire Group

Intelligence and Information Warfare

Microsoft Warns of Fake Skills Assessment Portals Targeting IT Job Seekers

Unraveling the Kremlin’s Strategy: Russian Influence Operations and the Israel-Hamas Conflict

Zimbra 0-day used to target international government organizations

How an Indian startup hacked the world

Cybersecurity

THE NOVEMBER 2023 SECURITY UPDATE REVIEW

Addressing the State of AI’s Impact on Cyber Disinformation/Misinformation

What I learned about identity theft protection after my identity was stolen at the airport

Running Signal Will Soon Cost $50 Million a Year

Sam Altman fired as CEO of OpenAI

FCC Adopts Rules to Protect Consumers’ Cell Phone Accounts

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Pierluigi Paganini June 27, 2025

Taking over millions of developers exploiting an Open VSX Registry flaw

Pierluigi Paganini June 27, 2025

Security Affairs newsletter Round 446 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

you might also like

Taking over millions of developers exploiting an Open VSX Registry flaw

OneClik APT campaign targets energy sector with stealthy backdoors

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Taking over millions of developers exploiting an Open VSX Registry flaw

OneClik APT campaign targets energy sector with stealthy backdoors

APT42 impersonates cyber professionals to phish Israeli academics and journalists

Kai West, aka IntelBroker, indicted for cyberattacks causing $25M in damages

Cisco fixed critical ISE flaws allowing Root-level remote code execution

QUICK LINKS

Security Affairs newsletter Round 446 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

you might also like

Taking over millions of developers exploiting an Open VSX Registry flaw

OneClik APT campaign targets energy sector with stealthy backdoors

leave a comment

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Taking over millions of developers exploiting an Open VSX Registry flaw

OneClik APT campaign targets energy sector with stealthy backdoors

APT42 impersonates cyber professionals to phish Israeli academics and journalists

Kai West, aka IntelBroker, indicted for cyberattacks causing $25M in damages

Cisco fixed critical ISE flaws allowing Root-level remote code execution

Subscribe to my email list and stay
up-to-date!