Pierluigi Paganini May 12, 2024

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

International Press – Newsletter

Cybercrime    

Traficom: Android malware that steals bank information

BTC-e Operator Pleads Guilty to Money Laundering Conspiracy 

LockBit leader unmasked and sanctioned

New series of measures issued against the administrator of LockBit

Generative AI: Raising the stakes for fraud in online gambling        

Massive webshop fraud ring steals credit cards from 850,000 people

Zscaler Investigates Hacking Claims After Data Offered for Sale

Dell discloses data breach of customers’ physical addresses

Threat actor says he scraped 49M Dell customer addresses before the company found out

University System of Georgia: 800K exposed in 2023 MOVEit attack

Malware

Surge of JavaScript Malware in sites with vulnerable versions of LiteSpeed Cache Plugin   

Mal.Metrica Redirects Users to Scam Sites  

Protecting Networks from Opportunistic Ivanti Pulse Secure Vulnerability Exploitation 

StopRansomware: Black Basta  

Hacking 

French cyberwarriors ready to test their defense against hackers and malware during the Olympics 

Technical Deep Dive: Understanding the Anatomy of a Cyber Intrusion 

May 4, 2024: Over Half of Exposed Tinyproxy Instances Potentially Vulnerable to Trivial Exploit CVE-2023-49606 

TunnelVision (CVE-2024-3661): How Attackers Can Decloak Routing-Based VPNs For a Total VPN Leak  

LLM PENTEST: LEVERAGING AGENT INTEGRATION FOR RCE 

Alleged Europol Breach by IntelBroker  

Russian hackers hijack Ukrainian TV to broadcast Victory Day parade  

Von der Leyen’s campaign website hit by cyberattack  

Intelligence and Information Warfare 

The United States Condemns Malicious Cyber Activity Targeting Germany, Czechia, and Other EU Member States  

UNDERSTANDING CHINA’S TAIWAN CYBER STRATEGY  

Fighting disinformation gets harder, just when it matters most 

MoD data breach: State involvement cannot be ruled out in armed forces hack, says Grant Shapps  

APT28 campaign targeting Polish government institutions  

A (Strange) Interview With the Russian-Military-Linked Hackers Targeting US Water Utilities

Signal’s Katherine Maher Problem     

Cybersecurity   

Massive Dump Of Hacked Salvadorean Headshots And PII Highlights Growing Threat-Actor Interest In Biometric Data  

Russia’s Anti-Satellite Nuke Could Leave Lower Orbit Unusable, Test Vehicle May Already Be Deployed  

BIG VULNERABILITIES IN NEXT-GEN BIG-IP  

Chrome Zero-Day Alert — Update Your Browser to Patch New Vulnerability

European Parliament’s recruitment application compromised in data breach  

Encrypted services Apple, Proton and Wire helped Spanish police identify activist  

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)