Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
International Press – Newsletter
Cybercrime
Ransomware operators exploit ESXi hypervisor vulnerability for mass encryption
Dark Angels ransomware receives record-breaking $75 million ransom
UNC4393 Goes Gently into the SILENTNIGHT
Ransomware Attack Hits OneBlood Blood Bank, Disrupts Medical Operations
Unplugging PlugX: Sinkholing the PlugX USB worm botnet
Mandrake spyware sneaks onto Google Play again, flying under the radar for two years
Phishing targeting Polish SMBs continues via ModiLoader
BingoMod: The new android RAT that steals money and wipes data
BITS and Bytes: Analyzing BITSLOTH, a newly identified backdoor
Hacking
SeleniumGreed: Threat actors exploit exposed Selenium Grid services for Cryptomining
Acronis Product Vulnerability Exploited in the Wild
OneDrive Pastejacking: The crafty phishing and downloader campaign
Windows AppLocker Driver LPE Vulnerability – CVE-2024-21338
StackExchange Abused to Spread Malicious Python Package That Drains Victims Crypto Wallets
WHO KNEW? DOMAIN HIJACKING IS SO EASY
Social Media Malvertising Campaign Promotes Fake AI Editor Website for Credential Theft
A $500 Open Source Tool Lets Anyone Hack Computer Chips With Lasers
Israeli hacktivist group brags it took down Iran’s internet
Intelligence and Information Warfare
U.S. Trades Cybercriminals to Russia in Prisoner Swap
Fighting Ursa Luring Targets With Car for Sale
Cybersecurity
When Cyberattacks Are Inevitable, Focus on Cyber Resilience
IBM: Cost of a breach reaches nearly $5 million, with healthcare being hit the hardest
Google Chrome adds app-bound encryption to block infostealer malware
Hackers Steal Personal Information From Pharma Giant Cencora
CrowdStrike sued by shareholders over global outage
Using Threat Intelligence to Predict Potential Ransomware Attacks
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, newsletter)