Security Affairs newsletter Round 455 by Pierluigi Paganini – INTERNATIONAL EDITION

Pierluigi Paganini January 21, 2024

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Admin of the BreachForums hacking forum sentenced to 20 years supervised release
Russia-linked Midnight Blizzard APT hacked Microsoft corporate emails
VF Corp December data breach impacts 35 million customers
China-linked APT UNC3886 exploits VMware zero-day since 2021
Ransomware attacks break records in 2023: the number of victims rose by 128%
U.S. CISA warns of actively exploited Ivanti EPMM flaw CVE-2023-35082
The Quantum Computing Cryptopocalypse – I’ll Know It When I See It
Kansas State University suffered a serious cybersecurity incident
CISA adds Chrome and Citrix NetScaler to its Known Exploited Vulnerabilities catalog
Google TAG warns that Russian COLDRIVER APT is using a custom backdoor
PixieFail: Nine flaws in UEFI open-source reference implementation could have severe impacts
iShutdown lightweight method allows to discover spyware infections on iPhones
Pro-Russia group hit Swiss govt sites after Zelensky visit in Davos
Github rotated credentials after the discovery of a vulnerability
FBI, CISA warn of AndroxGh0st botnet for victim identification and exploitation
Citrix warns admins to immediately patch NetScaler for actively exploited zero-days
Google fixed the first actively exploited Chrome zero-day of 2024
Atlassian fixed critical RCE in older Confluence versions
VMware fixed a critical flaw in Aria Automation. Patch it now!
Experts warn of mass exploitation of Ivanti Connect Secure VPN flaws
Experts warn of a vulnerability affecting Bosch BCC100 Thermostat
Over 178,000 SonicWall next-generation firewalls (NGFW) online exposed to hack
Phemedrone info stealer campaign exploits Windows smartScreen bypass
Balada Injector continues to infect thousands of WordPress sites
Attackers target Apache Hadoop and Flink to deliver cryptominers
Apple fixed a bug in Magic Keyboard that allows to monitor Bluetooth traffic
Attacks against Denmark ‘s energy sector were not carried out by Russia-linked APT
Mastermind behind 1.8 million cryptojacking scheme arrested in Ukraine


Cryptojacker arrested in Ukraine over EUR 1.8 million mining scheme  

3 Ransomware Group Newcomers to Watch in 2024

E-Crime Rapper ‘Punchmade Dev’ Debuts Card Shop  

Ransomware landscape overview 2023  

Jailed BreachForums creator, admin sentenced to 20 years of supervised release  


Medusa Ransomware Turning Your Files into Stone      

Thousands of Sites with Popup Builder Compromised by Balada Injector

CVE-2023-36025 Exploited for Defense Evasion in Phemedrone Stealer Campaign  

Why Join The Navy If You Can Be A Pirate?  

Inferno Malware Masqueraded as Coinbase, Drained $87 Million from 137,000 Victims

CISA and FBI Release Known IOCs Associated with Androxgh0st Malware  

A lightweight method to detect potential iOS malware  


Cockpit door lock auto-unlock is no surprise  

Apache Applications Targeted by Stealthy Attacker  

It’s 2024 and Over 178,000 SonicWall Firewalls are Publicly Exploitable  

Hacking IoT & RF Devices with BürtleinaBoard™  

Vulnerabilities identified in Bosch BCC100 Thermostat  

Ivanti Connect Secure VPN Exploitation Goes Global   

Citrix warns of new Netscaler zero-days exploited in attacks

PixieFail: Nine vulnerabilities in Tianocore’s EDK II IPv6 network stack

Chinese Espionage Group UNC3886 Found Exploiting CVE-2023-34048 Since Late 2021    

Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard

How a 27-Year-Old Codebreaker Busted the Myth of Bitcoin’s Anonymity 

Intelligence and Information Warfare 

Clearing the Fog of War – A critical analysis of recent energy sector cyberattacks in Denmark and Ukraine    

From artificial intelligence to cybersecurity: how Brazil prepares for the challenge of the elections of the future

When You Roam, You’re Not Alone

Swiss Govt Websites Hit by Pro-Russia Hackers After Zelensky Visit 

Russian threat group COLDRIVER expands its targeting of Western officials to include the use of malware

Details Emerge on Alleged MI6 Spy in China  


Analysis of Android settings during a forensic investigation  

Google fixes first actively exploited Chrome zero-day of 2024

Rotating credentials for and new GHES patches  

JPMorgan Chase says hacking attempts are increasing

PSA: Anyone can tell if you are using WhatsApp on your computer      

Cyber attacks reveal fragility of financial markets  

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

you might also like

leave a comment