Security Affairs newsletter Round 477 by Pierluigi Paganini

Security Affairs newsletter Round 477 by Pierluigi Paganini – INTERNATIONAL EDITION

Pierluigi Paganini June 23, 2024

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

US government sanctions twelve Kaspersky Lab executives

Experts found a bug in the Linux version of RansomHub ransomware

UEFICANHAZBUFFEROVERFLOW flaw in Phoenix SecureCore UEFI firmware potentially impacts hundreds of PC and server models

Russia-linked APT Nobelium targets French diplomatic entities

US bans sale of Kaspersky products due to risks to national security

Atlassian fixed six high-severity bugs in Confluence Data Center and Server

China-linked spies target Asian Telcos since at least 2021

New Rust infostealer Fickle Stealer spreads athrough various attack methods

An unpatched bug allows anyone to impersonate Microsoft corporate email accounts

Smishing Triad Is Targeting Pakistan To Defraud Banking Customers At Scale

Alleged researchers stole $3 million from Kraken exchange

Google Chrome 126 update addresses multiple high-severity flaws

Chip maker giant AMD investigates a data breach

Cryptojacking campaign targets exposed Docker APIs

VMware fixed RCE and privilege escalation bugs in vCenter Server

Meta delays training its AI using public content shared by EU users

The Financial Dynamics Behind Ransomware Attacks

Empire Market owners charged with operating $430M dark web marketplace

China-linked Velvet Ant uses F5 BIG-IP malware in cyber espionage campaign

LA County’s Department of Public Health (DPH) data breach impacted over 200,000 individuals

Spanish police arrested an alleged member of the Scattered Spider group

Online job offers, the reshipping and money mule scams

ASUS fixed critical remote authentication bypass bug in several routers

International Press – Newsletter

Cybercrime

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

L.A. DPH – Public Health Responds to Privacy Breach

Owners of “Empire Market” Charged in Chicago With Operating $430 Million Dark Web Marketplace

Keytronic Says Personal Information Stolen in Ransomware Attack

Smishing Triad Is Targeting Pakistan To Defraud Banking Customers At Scale

BEYOND ILLUSIONS – Report 2024

Malware

Attackers deploying new tactics in campaign targeting exposed Docker APIs

LevelBlue Labs Discovers Highly Evasive, New Loader Targeting Chinese Organizations

Fickle Stealer Distributed via Multiple Attack Chain

A REVERSE ENGINEER’S JOURNEY WITH POWERSHELL AND XWORM

RansomHub Draws in Affiliates with Multi-OS Capability and High Commission Rates

Hacking

Bypassing 2FA with phishing and OTP bots

New ARM ‘TIKTAG’ attack impacts Google Chrome, Linux systems

“Researchers” exploit Kraken exchange bug, steal $3 million in crypto

Security bug allows anyone to spoof Microsoft employee emails

Perplexity AI is susceptible to prompt injection

UEFICANHAZBUFFEROVERFLOW: WIDESPREAD IMPACT FROM VULNERABILITY IN POPULAR PC AND SERVER FIRMWARE

SolarWinds Serv-U (CVE-2024-28995) exploitation: We see you!

Intelligence and Information Warfare

China-Nexus Threat Group ‘Velvet Ant’ Abuses F5 Load Balancers for Persistence

Government and military officials fair targets of Pegasus spyware, NSO Group argues

Sustained Campaign Using Chinese Espionage Tools Targets Telcos

ANSSI: The Nobelium intrusion set

Top 10 Generative AI Models Mimic Russian Disinformation Claims A Third of the Time, Citing Moscow-Created Fake Local News Sites as Authoritative Sources

Cybersecurity

London Hospitals Knew of Cyber Vulnerabilities Years Before Hack

Mandiant Threat Hunting Guide Snowake

Building AI Technology for Europeans in a Transparent and Responsible Way

Biden bans US sales of Kaspersky software over Russia ties

Treasury Sanctions Kaspersky Lab Leadership in Response to Continued Cybersecurity Risks

Security Headers to prevent phishing

Pierluigi Paganini

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

(SecurityAffairs – hacking, newsletter)

Pierluigi Paganini July 15, 2025

North Korea-linked actors spread XORIndex malware via 67 malicious npm packages

Pierluigi Paganini July 15, 2025

Security Affairs newsletter Round 477 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.

you might also like

North Korea-linked actors spread XORIndex malware via 67 malicious npm packages

FBI seized multiple piracy sites distributing pirated video games

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

North Korea-linked actors spread XORIndex malware via 67 malicious npm packages

FBI seized multiple piracy sites distributing pirated video games

An attacker using a $500 radio setup could potentially trigger train brake failures or derailments from a distance

Interlock ransomware group deploys new PHP-based RAT via FileFix

Global Louis Vuitton data breach impacts UK, South Korea, and Turkey

QUICK LINKS

Security Affairs newsletter Round 477 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.

you might also like

North Korea-linked actors spread XORIndex malware via 67 malicious npm packages

FBI seized multiple piracy sites distributing pirated video games

leave a comment

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

North Korea-linked actors spread XORIndex malware via 67 malicious npm packages

FBI seized multiple piracy sites distributing pirated video games

An attacker using a $500 radio setup could potentially trigger train brake failures or derailments from a distance

Interlock ransomware group deploys new PHP-based RAT via FileFix

Global Louis Vuitton data breach impacts UK, South Korea, and Turkey

Subscribe to my email list and stay
up-to-date!