Pierluigi Paganini March 10, 2024

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cybercrime

BlackCat Ransomware Affiliate TTPs 

American Express credit cards EXPOSED in third-party vendor data breach – account numbers and names among details accessed in hack  

LockBit 3.0’S Bungled Comeback Highlights The Undying Risk Of Torrent-Based Data Leakage  

Hackers Behind the Change Healthcare Ransomware Attack Just Received a $22 Million Payment

On-Device Fraud on the rise: exposing a recent Copybara fraud campaign 

2023 FBI Internet Crime Report

Hacker attack on Xplain: National Cyber Security Centre publishes data analysis report  

Stormous ransomware gang takes credit for attack on Belgian brewer Duvel

Malware

US: Spyware ruling a welcome step towards accountability for those targeted with NSO spyware  

The Art of Domain Deception: Bifrost’s New Tactic to Deceive Users  

GTPDOOR – A novel backdoor tailored for covert access over the roaming exchange  

GhostSec’s joint ransomware operation and evolution of their arsenal

Spinning YARN – A New Linux Malware Campaign Targets Docker, Apache Hadoop, Redis and Confluence

Unboxing Snake – Python Infostealer Lurking Through Messaging Services  

Hunting for Fortinet CVE-2024-21762: Vulnerability Research for Detection Engineering  

Hacking  

These Video Doorbells Have Terrible Security. Amazon Sells Them Anyway  

CryptoChameleon: New Phishing Tactics Exhibited in FCC-Targeted Attack

How recent cyberattacks revealed America’s infrastructure weaknesses

Taiwan Military Says Hackers Sold Telecom Giant’s Data on Web      

CVE-2024-27198 and CVE-2024-27199: JetBrains TeamCity Multiple Authentication Bypass Vulnerabilities (FIXED)  

CryptoChameleon: New Phishing Tactics Exhibited in FCC-Targeted Attack 

CISA forced to take two systems offline last month after Ivanti compromise  

Intelligence and Information Warfare 

How the Chinese civilian and military intelligence agencies confronting CIA and the Pentagon 

German defense chat overheard by Russian eavesdroppers on Cisco’s WebEx

Software, ciphers, secret documents — cyber specialists of the State Security Service hacked the Russian Ministry of Defense  

Moldova warns of Russian ‘hybrid attacks’ ahead of presidential election  

Update on Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard  

Cybersecurity          

Court orders maker of Pegasus spyware to hand over code to WhatsApp  

There is no clear cybersecurity policy  

Companies Are Already Not Complying With The New SEC Cybersecurity Incident Disclosure Rules  

Treasury Sanctions Members of the Intellexa Commercial Spyware Consortium

AI tools put companies at risk of data exfiltration

Millions Of Google, WhatsApp, Facebook 2FA Security Codes Leak Online

Spyware makers express concern after US sanctions spyware veteran        

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)