Pierluigi Paganini December 10, 2023

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cybercrime

Opinion: Why crypto was the perfect tool for criminals and kleptocrats  

What it means — CitrixBleed ransomware group woes grow as over 60 credit unions, hospitals, financial services and more breached in US  

Paper trail ends in jail time for 1 013 money mules  

Founder and Majority Owner of Cryptocurrency Exchange Pleads Guilty to Unlicensed Money Transmitting  

ALPHV ransomware site outage rumored to be caused by law enforcement

Malware

Microsoft Warns of Malvertising Scheme Spreading CACTUS Ransomware

P2Pinfect – New Variant Targets MIPS Devices  

Curse of the Krasue: New Linux Remote Access Trojan targets Thailand  

New macOS Trojan-Proxy piggybacking on cracked software   

Hacking

POL Cyber Command has observed malicious activity against Microsoft Exchange servers  

Threat Actors Exploit Adobe ColdFusion CVE-2023-26360 for Initial Access to Government Servers

Fake Lockdown Mode: A post-exploitation tampering technique  

CISA says US government agency was hacked thanks to ‘end of life’ software  

The #PoolParty You Will Never Forget: New Process Injection Techniques Using #Windows Thread Pools

5Ghoul  : Unleashing Chaos on 5G Edge Devices  

Hackers hit Erris water in stance over Israel

Millions of patient scans and health records spilling online thanks to decades-old protocol bug  

Intelligence and Information Warfare

Microsoft Warns of Kremlin-Backed APT28 Exploiting Critical Outlook Vulnerability

The Israel-Hamas War Reveals the Fundamental Flaws of Social Media  

The Internet Enabled Mass Surveillance. A.I. Will Enable Mass Spying  

Reddit Says Leaked U.S.-U.K. Trade Documents Posted on the Site Are Linked to a Russian Information Campaign

UK exposes attempted Russian cyber interference in politics and democratic processes

Russian FSB cyber actor Star Blizzard continues worldwide spear-phishing campaigns

Star Blizzard increases sophistication and evasion in ongoing attacks           

Fighting Ursa Aka APT28: Illuminating a Covert Campaign 

AI’s ‘Fog of War’    

Russian hackers targeted US intel officers in ‘sophisticated spear phishing campaign,’ DOJ says  

Google Warns China Is Ramping Up Cyberattacks Against Taiwan

Hollywood plays unwitting Cameo in Kremlin plot to discredit Zelensky 

Cybersecurity

Google Cloud – Cybersecurity Forecast 2024 

ENISA Threat Landscape for DoS Attacks  

a16z Funded AI Platform Generated Images That “Could Be Categorized as Child Pornography,” Leaked Documents Show   

Apple says it is not aware anyone using Lockdown Mode got hacked   

Report: 2.6 billion personal records compromised by data breaches in past two years — underscoring need for end‑to‑end encryption    

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)