Pierluigi Paganini June 02, 2024

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

International Press – Newsletter

Cybercrime  

Into the Lion’s Den Inside the Growing Risk of Gift Card Fraud  

Phishing with Cloudflare Workers: Transparent Phishing and HTML Smuggling  

Christie’s Confirms Data Breach After Ransomware Group Claims Attack  

Breach Forums Return to Clearnet and Dark Web Despite FBI Seizure

Treasury Sanctions a Cybercrime Network Associated with the 911 S5 Botnet  

911 S5 Botnet Dismantled and Its Administrator Arrested in Coordinated International Operation  

Largest ever operation against botnets hits dropper malware ecosystem   

Hackers steal $305M from DMM Bitcoin crypto exchange 

Ticketmaster confirms data hack which could affect 560m globally

How a Nigerian influencer, North Korean hacker and Canadian scammer committed fraud worldwide        

Malware

New ATM Malware Threatens European Banking Security   

Server Side Credit Card Skimmer Lodged in Obscure Plugin   

LightSpy: Implant for macOS  

The Pumpkin Eclipse  

Hacking 

Remote Command Execution on TP-Link Archer C5400X 

CVE-2024-23108: Fortinet FortiSIEM 2nd Order Command Injection Deep-Dive   

Important Security Update – Stay Protected Against VPN Information Disclosure (CVE-2024-24919)

Detecting Cross-Origin Authentication Credential Stuffing Attacks     

Recent ‘MFA Bombing’ Attacks Targeting Apple Users

Intelligence and Information Warfare 

NATO holds first meeting of Critical Undersea Infrastructure Network  

CERT-UA warns: Ukrainian finances targeted with SmokeLoader malware  

How the DOJ is using a Civil War-era law to enforce corporate cybersecurity  

LilacSquid: The stealthy trilogy of PurpleInk, InkBox and InkLoader  

GRU’s BlueDelta Targets Key Networks in Europe with Multi-Phase Espionage Campaigns  

OpenAI models used in nation-state influence campaigns, company says  

Cybersecurity  

Stop Using “SLA” When Discussing Vulnerabilities  

How to Identify and Remove VPN Applications That Contain 911 S5 Back Doors  

Multiple botnets dismantled in largest international ransomware operation ever  

HUGE Google Search document leak reveals inner workings of ranking algorithm       

NIST Getting Outside Help for National Vulnerability Database

Cybersecurity Education Maturity Assessment  

‘It’s putting patients’ lives in danger’: Nurses say ransomware attack is stressing hospital operations   

Could the Next War Begin in Cyberspace?   

OpenAI’s Altman Sidesteps Questions About Governance, Johansson at UN AI Summit

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)