Pierluigi Paganini April 21, 2024

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

International Press Newsletter

Cybercrime    

SoCal Man Arrested on Federal Charges Alleging He Schemed to Advertise and Sell ‘Hive’ Computer Intrusion Malware

AFP traps alleged RAT developer      

Ransomware Group Claims Theft of Data From Chipmaker Nexperia  

International investigation disrupts phishing-as-a-service platform LabHost   

Threat Group FIN7 Targets the U.S. Automotive Industry  

Chinese Organized Crime’s Latest U.S. Target: Gift Cards

Ransomware Victims Who Pay a Ransom Drops to Record Low  

840-bed hospital in France postpones procedures after cyberattack  

Malware

Unpacking the Blackjack Group’s Fuxnet Malware  

LightSpy Returns: Renewed Espionage Campaign Targets Southern Asia, Possibly India  

Cerber Ransomware: Dissecting the three heads  

Kapeka: A novel backdoor spotted in Eastern Europe  

OfflRouter virus causes Ukrainian users to upload confidential documents to VirusTotal 

Hacking 

Hacker claims Giant Tiger data breach, leaks 2.8M records online

Zero-Day Exploitation of Unauthenticated Remote Code Execution Vulnerability in GlobalProtect (CVE-2024-3400)

PuTTY vulnerability vuln-p521-bias

Palo Alto – Putting The Protecc In GlobalProtect (CVE-2024-3400)     

Large-scale brute-force activity targeting VPNs, SSH services with commonly used login credentials  

Cisco discloses root escalation flaw with public exploit code

SteganoAmor campaign: TA558 mass-attacking companies and public institutions all around the world  

CrushFTP Virtual Filesystem Escape Vulnerability in the Wild   

Intelligence and Information Warfare 

Threat Brief: Operation MidnightEclipse, Post-Exploitation Activity Related to CVE-2024-3400 

Misinformation And Hacktivist Campaigns Target The Philippines Amidst Rising Tensions With China 

FBI says Chinese hackers preparing to attack US infrastructure  

Russia-linked hacking group suspected of carrying out cyberattack on Texas water facility, cybersecurity firm says

Cybersecurity   

United Nations Agency Investigating Ransomware Attack Involving Data Theft

House passes bill banning Uncle Sam from snooping on citizens via data brokers

UNDP Investigates Cyber-Security Incident  

GT exclusive: Volt Typhoon false narrative a collusion among US politicians, intelligence community and companies to cheat funding, defame China: report 

ICS Network Controllers Open to Remote Exploit, No Patches Available     

Advanced Cyber Threats Impact Even the Most Prepared

Government Releases Guidance on Securing Election Infrastructure     

Warrantless spying powers extended to 2026 with Biden’s signature  

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)