Security Affairs newsletter Round 457 by Pierluigi Paganini

Security Affairs newsletter Round 457 by Pierluigi Paganini – INTERNATIONAL EDITION

Pierluigi Paganini February 04, 2024

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Clorox estimates the costs of the August cyberattack will exceed $49 Million

Mastodon fixed a flaw that can allow the takeover of any account

Iranian hackers breached Albania’s Institute of Statistics (INSTAT)

Operation Synergia led to the arrest of 31 individuals

Ex CIA employee Joshua Adam Schulte sentenced to 40 years in prison

Cloudflare breached on Thanksgiving Day, but the attack was promptly contained

PurpleFox malware infected at least 2,000 computers in Ukraine

Multiple malware used in attacks exploiting Ivanti VPN flaws

Police seized 50,000 Bitcoin from operator of the now-defunct piracy site movie2k

Crooks stole around $112 million worth of XRP from Ripple’s co-founder

CISA adds Apple improper authentication bug to its Known Exploited Vulnerabilities catalog

Ivanti warns of a new actively exploited zero-day

Threat actors exploit Ivanti VPN bugs to deploy KrustyLoader Malware

Data leak at fintech giant Direct Trading Technologies

Root access vulnerability in GNU Library C (glibc) impacts many Linux distros

Italian data protection authority said that ChatGPT violated EU privacy laws

Juniper Networks released out-of-band updates to fix high-severity flaws

Hundreds of network operators’ credentials found circulating in Dark Web

Cactus ransomware gang claims the Schneider Electric hack

Mercedes-Benz accidentally exposed sensitive data, including source code

Experts detailed Microsoft Outlook flaw that can leak NTLM v2 hashed passwords

NSA buys internet browsing records from data brokers without a warrant

Ukraine’s SBU arrested a member of Pro-Russia hackers group ‘Cyber Army of Russia’

Multiple PoC exploits released for Jenkins flaw CVE-2024-23897

Medusa ransomware attack hit Kansas City Area Transportation Authority

Cybercrime

Who is Alleged Medibank Hacker Aleksandr Ermakov?

Ransomware Revenue Down As More Victims Refuse to Pay

Energy giant Schneider Electric hit by Cactus ransomware attack

Hundreds Of Network Operators’ Credentials Found Circulating In Dark Web

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Data of 750 Million Indian Mobile Subscribers Sold on Hacker Forums

Hackers steal $112 million of XRP Ripple cryptocurrency

movie2k.to: Ex-operator hands over BTC worth 2 billion euros

Portland Man Sentenced to Federal Prison for Role in SIM Swapping Identity Theft and Fraud Scheme

INTERPOL-led operation targets growing cyber threats

Malware

New Ransomware Reporting Requirements Kick in as Victims Increasingly Avoid Paying

KRUSTYLOADER – RUST MALWARE LINKED TO COMPROMISED IVANTI CONNECTSECURE

Evolution of UNC4990: Uncovering USB Malware’s Hidden Depths

China’s Hackers Have Entire Nation in Their Crosshairs, FBI Director Warns

Outsmarting Ransomware’s New Playbook

UAC-0027: DIRTYMOE (PURPLEFOX) affected more than 2000 computers in Ukraine

Hacking

Outlook Vulnerability Discovery and New Ways to Leak NTLM Hashes

Thanksgiving 2023 security incident

Exclusive: US disabled Chinese hacking network targeting critical infrastructure

Iran-linked hackers claim attack on Albania’s Institute of Statistics

Intelligence and Information Warfare

Ukraine’s security service detains member of Russian ‘Cyber Army’

Wyden Releases Documents Confirming the NSA Buys Americans’ Internet Browsing Records

The Bear and The Shell: New Campaign Against Russian Opposition

Spying From Space

Wikileaks source and former CIA worker Joshua Schulte sentenced to 40 years jail

Former Cia Officer Joshua Adam Schulte Sentenced To 40 Years In Prison For Espionage And Child Pornography Crimes

Cybersecurity

How a mistakenly published password exposed Mercedes-Benz source code

Zero-day, supply-chain attacks drove data breach high for 2023

ChatGPT violated European privacy laws, Italy tells chatbot maker OpenAI

ENISA Single Programming Document 2024 – 2026

Qualys TRU Discovers Important Vulnerabilities in GNU C Library’s syslog()

Supplemental Direction V1: ED 24-01: Mitigate Ivanti Connect Secure and Ivanti Policy Secure Vulnerabilities

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Cybercrime data breach Hacking IT Information Security malware Newsletter Pierluigi Paganini Security Affairs

Pierluigi Paganini June 27, 2025

APT42 impersonates cyber professionals to phish Israeli academics and journalists

Pierluigi Paganini June 26, 2025

Security Affairs newsletter Round 457 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

you might also like

APT42 impersonates cyber professionals to phish Israeli academics and journalists

Kai West, aka IntelBroker, indicted for cyberattacks causing $25M in damages

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

APT42 impersonates cyber professionals to phish Israeli academics and journalists

Kai West, aka IntelBroker, indicted for cyberattacks causing $25M in damages

Cisco fixed critical ISE flaws allowing Root-level remote code execution

U.S. CISA adds AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet FortiOS flaws to its Known Exploited Vulnerabilities catalog

CitrixBleed 2: The nightmare that echoes the 'CitrixBleed' flaw in Citrix NetScaler devices

QUICK LINKS

Security Affairs newsletter Round 457 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

you might also like

APT42 impersonates cyber professionals to phish Israeli academics and journalists

Kai West, aka IntelBroker, indicted for cyberattacks causing $25M in damages

leave a comment

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

APT42 impersonates cyber professionals to phish Israeli academics and journalists

Kai West, aka IntelBroker, indicted for cyberattacks causing $25M in damages

Cisco fixed critical ISE flaws allowing Root-level remote code execution

U.S. CISA adds AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet FortiOS flaws to its Known Exploited Vulnerabilities catalog

CitrixBleed 2: The nightmare that echoes the 'CitrixBleed' flaw in Citrix NetScaler devices

Subscribe to my email list and stay
up-to-date!