Pierluigi Paganini October 13, 2024

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

International Press – Newsletter

Cybercrime  

Indiana Man Pleads Guilty to Conspiracies Involving Cyber Intrusion and $37 Million Cryptocurrency Theft 

Recognition Tech onto Meta’s Smart Glasses to Instantly Dox Strangers  

MoneyGram says hackers stole customers’ personal information and transaction data  

Ukrainian National Pleads Guilty to “Raccoon Infostealer” Cybercrime  

Not All Fun and Games: Lua Malware Targets Educational Sector and Student Gaming Engines

Lamborghini Carjackers Lured by $243M Cyberheist 

69,000 Bitcoins Are Headed for the US Treasury—While the Agent Who Seized Them Is in Jail  

Timeshare Owner? The Mexican Drug Cartels Want You  

Casio: Notice of Partial Service Outage and Information Leak Caused by Ransomware Attack

He founded a “startup” to access sanctioned Russian websites: the cyber police of Khmelnytskyi region exposed the hacker  

Hacked ‘AI Girlfriend’ Data Shows Prompts Describing Child Sexual Abuse  

Malware

Over 300,000! GorillaBot: The New King of DDoS Attacks

Hidden cryptocurrency mining and theft campaign affected over 28,000 users  

The Mongolian Skimmer: different clothes, equally dangerous   

Ransomware Report: Unveiling Trends in Attack Payouts and Negotiations  

Hacking

Qualcomm Urges OEMs to Patch Critical DSP and WLAN Flaws Amid Active Exploits

Zero-Day Alert: Three Critical Ivanti CSA Vulnerabilities Actively Exploited

Mozilla fixes Firefox zero-day actively exploited in attacks

Palo Alto Expedition: From N-Day to Full Compromise  

LLM attacks take just 42 seconds on average, 20% of jailbreaks succeed   

Twitter Bot Network

The Internet Archive is under attack, with a breach revealing info for 31 million accounts     

Intelligence and Information Warfare 

U.S. Wiretap Systems Targeted in China-Linked Hack       

Hacker attack disrupts Russian state media on Putin’s birthday

Awaken Likho is awake: new techniques of an APT group

Mind the (air) gap: GoldenJackal gooses government guardrails  

Contagious Interview: DPRK Threat Actors Lure Tech Industry Job Seekers to Install New Variants of BeaverTail and InvisibleFerret Malware

Navigating the Shadows: An In-Depth Analysis of Iranian APTs and Their Evolving Threat Landscape in 2024 

OpenAI Report: Influence and cyber operations: an update 

NSA cyber chief: Espionage is now Russia’s focus for cyberattacks on Ukraine 

Iran Hit By ‘Heavy Cyberattacks’ Targeting Its Nuclear Facilities Amid Middle East Tensions

Update on SVR Cyber Operations and Vulnerability Exploitation  

Cybersecurity

America’s allies are shifting: Cyberspace is about persistence, not deterrence
Global State of CPS Security report 

About a quarter million Comcast subscribers had their data stolen from debt collector

Vulnerable APIs and Bot Attacks Costing Businesses Up to $186 Billion Annually

American Water shuts down online services after cyberattack

Rise of the robots: AI to shape UK defense review 

Managing Cybersecurity in the Age of Artificial Intelligence 

New Ponemon Report Shows Awareness of Cyber Risks to Healthcare Organizations is not Always Translating to Adequate Protections

Best Practices to Configure BIG-IP LTM Systems to Encrypt HTTP Persistence Cookies       

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)