Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
International Press – Newsletter
Cybercrime
Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested
L.A. DPH – Public Health Responds to Privacy Breach
Owners of “Empire Market” Charged in Chicago With Operating $430 Million Dark Web Marketplace
Keytronic Says Personal Information Stolen in Ransomware Attack
Smishing Triad Is Targeting Pakistan To Defraud Banking Customers At Scale
BEYOND ILLUSIONS – Report 2024
Malware
Attackers deploying new tactics in campaign targeting exposed Docker APIs
LevelBlue Labs Discovers Highly Evasive, New Loader Targeting Chinese Organizations
Fickle Stealer Distributed via Multiple Attack Chain
A REVERSE ENGINEER’S JOURNEY WITH POWERSHELL AND XWORM
RansomHub Draws in Affiliates with Multi-OS Capability and High Commission Rates
Hacking
Bypassing 2FA with phishing and OTP bots
New ARM ‘TIKTAG’ attack impacts Google Chrome, Linux systems
“Researchers” exploit Kraken exchange bug, steal $3 million in crypto
Security bug allows anyone to spoof Microsoft employee emails
Perplexity AI is susceptible to prompt injection
UEFICANHAZBUFFEROVERFLOW: WIDESPREAD IMPACT FROM VULNERABILITY IN POPULAR PC AND SERVER FIRMWARE
SolarWinds Serv-U (CVE-2024-28995) exploitation: We see you!
Intelligence and Information Warfare
China-Nexus Threat Group ‘Velvet Ant’ Abuses F5 Load Balancers for Persistence
Government and military officials fair targets of Pegasus spyware, NSO Group argues
Sustained Campaign Using Chinese Espionage Tools Targets Telcos
ANSSI: The Nobelium intrusion set
Cybersecurity
London Hospitals Knew of Cyber Vulnerabilities Years Before Hack
Mandiant Threat Hunting Guide Snowake
Building AI Technology for Europeans in a Transparent and Responsible Way
Biden bans US sales of Kaspersky software over Russia ties
Treasury Sanctions Kaspersky Lab Leadership in Response to Continued Cybersecurity Risks
Security Headers to prevent phishing
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, newsletter)