Security Affairs newsletter Round 453 by Pierluigi Paganini

Security Affairs newsletter Round 453 by Pierluigi Paganini – INTERNATIONAL EDITION

Pierluigi Paganini January 07, 2024

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Experts spotted a new macOS Backdoor named SpectralBlur linked to North Korea

Merck settles with insurers regarding a $1.4 billion claim over NotPetya damages

Law firm Orrick data breach impacted 638,000 individuals

The source code of Zeppelin Ransomware sold on a hacking forum

Russia-linked APT Sandworm was inside Ukraine telecoms giant Kyivstar for months

Ivanti fixed a critical EPM flaw that can result in remote code execution

MyEstatePoint Property Search Android app leaks user passwords

Hacker hijacked Orange Spain RIPE account causing internet outage to company customers

HealthEC data breach impacted more than 4.5 Million people

Experts found 3 malicious packages hiding crypto miners in PyPi repository

Crooks hacked Mandiant X account to push cryptocurrency scam

Cybercriminals Implemented Artificial Intelligence (AI) for Invoice Fraud

CISA ADDS CHROME AND PERL LIBRARY FLAWS TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG

Don’t trust links with known domains: BMW affected by redirect vulnerability

Hackers stole more than $81 million worth of crypto assets from Orbit Chain

Ukraine’s SBU said that Russia’s intelligence hacked surveillance cameras to direct a missile strike on Kyiv

Researchers released a free decryptor for Black Basta ransomware

Experts warn of JinxLoader loader used to spread Formbook and XLoader

Terrapin attack allows to downgrade SSH protocol security

Multiple organizations in Iran were breached by a mysterious hacker

Top 2023 Security Affairs cybersecurity stories

Malware exploits undocumented Google OAuth endpoint to regenerate Google cookies

Cactus RANSOMWARE gang hit the Swedish retail and grocery provider Coop

Google agreed to settle a $5 billion privacy lawsuit

Cybercrime

Cybercriminals Implemented Artificial Intelligence (AI) For Invoice Fraud

A tale of 2 casino ransomware attacks: One paid out, one did not

Victoria court recordings exposed in reported ransomware attack

Xerox Confirms Data Breach at US Subsidiary Following Ransomware Attack

Mandiant’s X account hacked to push crypto scam

Malware

New Black Basta decryptor exploits ransomware flaw to recover files

Compromising Google Accounts: Malwares Exploiting Undocumented OAuth2 Functionality for session hijacking

From DarkGate to AsyncRAT: Malware Detected and Shared As Unit 42 Timely Threat Intelligence

RANSOMWARE- Free Decryptor Released for Black Basta Ransomware

Black Basta Buster

Three New Malicious PyPI Packages Deploy CoinMiner on Linux Devices

100DaysofYARA – SpectralBlur

Hacking

Mysterious hacker strikes Iran with major cyberattacks against industry leading companies

Terrapin Attack

Cloning Fingerprints Like A Boss: 101 Edition

Hackers hijack govt and business accounts on X for crypto scams

Intelligence and Information Warfare

Ukraine says Russia hacked web cameras to spy on targets in Kyiv

Air Travel Is Not Ready for Electronic Warfare

Exclusive: Russian hackers were inside Ukraine telecoms giant for months

Turkish espionage campaigns in the Netherlands

Cybersecurity

SSH Attack Surface (CVE-2023-48795): Find and Patch With CyberSecurity Asset Management Before the Grinch Arrives

Law firm that handles data breaches was hit by data breach

Merck Settles NotPetya Insurance Claim, Leaving Cyberwar Definition Unresolved

NASA releases Space Security Best Practices Guide for mission cybersecurity in interconnected space

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Pierluigi Paganini June 25, 2025

Hackers deploy fake SonicWall VPN App to steal corporate credentials

Pierluigi Paganini June 25, 2025

Security Affairs newsletter Round 453 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

you might also like

Hackers deploy fake SonicWall VPN App to steal corporate credentials

Mainline Health Systems data breach impacted over 100,000 individuals

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Hackers deploy fake SonicWall VPN App to steal corporate credentials

Mainline Health Systems data breach impacted over 100,000 individuals

Disrupting the operations of cryptocurrency mining botnets

Prometei botnet activity has surged since March 2025

The U.S. House banned WhatsApp on government devices due to security concerns

QUICK LINKS

Security Affairs newsletter Round 453 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

you might also like

Hackers deploy fake SonicWall VPN App to steal corporate credentials

Mainline Health Systems data breach impacted over 100,000 individuals

leave a comment

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Hackers deploy fake SonicWall VPN App to steal corporate credentials

Mainline Health Systems data breach impacted over 100,000 individuals

Disrupting the operations of cryptocurrency mining botnets

Prometei botnet activity has surged since March 2025

The U.S. House banned WhatsApp on government devices due to security concerns

Subscribe to my email list and stay
up-to-date!