Pierluigi Paganini September 01, 2024

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

International Press – Newsletter

Cybercrime  

Telegram messaging app CEO Durov arrested in France

Thousands of travelers, airport operations impacted by Port of Seattle cyberattack  

Hacker who stole 3 billion US data was discovered and is Brazilian

Pressure Grows in Congress to Treat Crypto Investigator Tigran Gambaryan, Jailed in Nigeria, as a Hostage     

Reward for Information: Belarusian National Volodymyr Kadariya  

Phishing in Style: Microsoft Sway Abused to Deliver Quishing Attacks  

French Authorities Charge Telegram CEO with Facilitating Criminal Activities on Platform

Scam Sites at Scale: LLMs Fueling a GenAI Criminal Revolution  

2 men from Europe charged with ‘swatting’ plot targeting former US president and members of Congress  

Malware

Unveiling “sedexp”: A Stealthy Linux Malware Exploiting udev Rules

Malware infiltrates Pidgin messenger’s official plugin repository

RansomHub ransomware-as-a-service 

StopRansomware: RansomHub Ransomware  

The Malware That Must Not Be Named: Suspected Espionage Campaign Delivers “Voldemort”

Hacking

WPML Multilingual CMS Authenticated Contributor+ Remote Code Execution (RCE) via Twig Server-Side Template Injection (SSTI)  

Identify and Exploit Vulnerabilities in Routers: An Introductory Guide & Technical Case Studies   

How to discover a major hacker’s identity with OSINT — Solution 1  

May 2024 Cyber Attacks Statistics

Beware the Unpatchable: Corona Mirai Botnet Spreads via Zero-Day

Linux Detection Engineering –  A Sequel on Persistence Mechanism

How AitM Phishing Attacks Bypass MFA and EDR—and How to Fight Back

Analysis of two arbitrary code execution vulnerabilities affecting WPS Office         

Threat Actors Target the Middle East Using Fake Palo Alto GlobalProtect Tool 

When Get-Out-The-Vote Efforts Look Like Phishing     

Bypassing airport security via SQL injection

Intelligence and Information Warfare 

New 0-Day Attacks Linked to China’s ‘Volt Typhoon’

Taking the Crossroads: The Versa Director Zero-Day Exploitation

South Korea’s “Pseudo Hunter” APT organization uses multiple domestic software vulnerabilities to attack China

Peach Sandstorm deploys new custom Tickler malware in long-running intelligence gathering operations  

Telegram Founder Was Wooed and Targeted by Governments

I Spy With My Little Eye: Uncovering an Iranian Counterintelligence Operation

Russian government hackers found using exploits made by spyware companies NSO and Intellexa      

State-backed attackers and commercial surveillance vendors repeatedly use the same exploits  

CISA and Partners Release Advisory on Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizations 

North Korean threat actor Citrine Sleet exploiting Chromium zero-day

North Korea Still Attacking Developers via npm     

Cybersecurity

FAA to issue cyber rule for newly built airplanes and equipment  

SonicWall Issues Critical Patch for Firewall Vulnerability Allowing Unauthorized Access

Dutch DPA imposes a fine of 290 million euro on Uber because of transfers of drivers’ data to the US 

Research AI model unexpectedly attempts to modify its own code to extend runtime  

Chinese broadband satellites may be Beijing’s flying spying censors, think tank warns

Signal Is More Than Encrypted Messaging. Under Meredith Whittaker, It’s Out to Prove Surveillance Capitalism Wrong  

EU investigating Telegram over user numbers  

Cryptojacking via CVE-2023-22527: Dissecting a Full-Scale Cryptomining Ecosystem  

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)