• Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
MUST READ

Russia-linked APT28 use Signal chats to target Ukraine official with malware

 | 

China-linked APT Salt Typhoon targets Canadian Telecom companies

 | 

U.S. warns of incoming cyber threats following Iran airstrikes

 | 

McLaren Health Care data breach impacted over 743,000 people

 | 

American steel giant Nucor confirms data breach in May attack

 | 

The financial impact of Marks & Spencer and Co-op cyberattacks could reach £440M

 | 

Iran-Linked Threat Actors Cyber Fattah Leak Visitors and Athletes' Data from Saudi Games

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 50

 | 

Security Affairs newsletter Round 529 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Iran confirmed it shut down internet to protect the country against cyberattacks

 | 

Godfather Android trojan uses virtualization to hijack banking and crypto apps

 | 

Cloudflare blocked record-breaking 7.3 Tbps DDoS attack against a hosting provider

 | 

Linux flaws chain allows Root access across major distributions

 | 

A ransomware attack pushed the German napkin firm Fasana into insolvency

 | 

Researchers discovered the largest data breach ever, exposing 16 billion login credentials

 | 

China-linked group Salt Typhoon breached satellite firm Viasat

 | 

Iran experienced a near-total national internet blackout

 | 

Malicious Minecraft mods distributed by the Stargazers DaaS target Minecraft gamers

 | 

Healthcare services company Episource data breach impacts 5.4 Million people

 | 

Watch out, Veeam fixed a new critical bug in Backup & Replication product

 | 
  • Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
  • Home
  • Breaking News
  • Security
  • Security Affairs newsletter Round 495 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs newsletter Round 495 by Pierluigi Paganini – INTERNATIONAL EDITION

Pierluigi Paganini October 27, 2024

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Chinese cyber spies targeted phones used by Trump and Vance
Irish Data Protection Commission fined LinkedIn €310M for GDPR infringement
Change Healthcare data breach impacted over 100 million people
OnePoint Patient Care data breach impacted 795916 individuals
From Risk Assessment to Action: Improving Your DLP Response
U.S. CISA adds Cisco ASA and FTD, and RoundCube Webmail bugs to its Known Exploited Vulnerabilities catalog
Pwn2Own Ireland 2024 Day 2: participants demonstrated an exploit against Samsung Galaxy S24
Cisco fixed tens of vulnerabilities, including an actively exploited one
FortiJump flaw CVE-2024-47575 has been exploited in zero-day attacks since June 2024
U.S. CISA adds Fortinet FortiManager flaw to its Known Exploited Vulnerabilities catalog
Digital Echo Chambers and Erosion of Trust – Key Threats to the US Elections
U.S. CISA adds Microsoft SharePoint flaw to its Known Exploited Vulnerabilities catalog
Crooks are targeting Docker API servers to deploy SRBMiner
Why DSPM is Essential for Achieving Data Privacy in 2024
SEC fined 4 companies for misleading disclosures about the impact of the SolarWinds attack
Samsung zero-day flaw actively exploited in the wild
Experts warn of a new wave of Bumblebee malware attacks
U.S. CISA adds ScienceLogic SL1 flaw to its Known Exploited Vulnerabilities catalog
VMware failed to fully address vCenter Server RCE flaw CVE-2024-38812
Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment
Internet Archive was breached twice in a month
Unknown threat actors exploit Roundcube Webmail flaw in phishing campaign
F5 fixed a high-severity elevation of privilege vulnerability in BIG-IP

International Press – Newsletter

Cybercrime  

Cisco Confirms Security Incident After Hacker Offers to Sell Data

Using gRPC and HTTP/2 for Cryptominer Deployment: An Unconventional Approach

Threat actor abuses Gophish to deliver new PowerRAT and DCRAT

Researchers link Polyfill supply chain attack to huge network of copycat gambling sites

Fake LockBit, Real Damage: Ransomware Samples Abuse AWS S3 to Steal Data 

Illicit Uses for Deepfake Technology

Largest Retail Breach in History: 350 Million “Hot Topic” Customers’ Personal & Payment Data Exposed — As a Result of Infostealer Infection          

Landmark, an administrator for insurance firms, says 800,000 affected by data breach

Voice-enabled AI agents can automate everything, even your phone scams

UnitedHealth says Change Healthcare hack affects over 100 million, the largest-ever US healthcare data breach  

Four REvil Ransomware Members Sentenced in Rare Russian Cybercrime Convictions

Malware

New Bumblebee Loader Infection Chain Signals Possible Resurgence   

Threat Actors Push ClickFix Fake Browser Updates Using Stolen Credentials  

ReliaQuest Uncovers New Black Basta Social Engineering Technique  

Unmasking Lumma Stealer: Analyzing Deceptive Tactics with Fake CAPTCHA  

TeamTNT’s Docker Gatling Gun Campaign

From cyber attacks to sabotage: How Israel’s covert operations are targeting Iran’s vital assets  

Hacking

Fake attachment. Roundcube mail server attacks exploit CVE-2024-37383 vulnerability   

“Hey ESET, Wait for the Leak”: Dissecting the “OctoberSeventh” Wiper targeting ESET customers in Israel

Internet Archive breached again through stolen access tokens   

End-to-End Encrypted Cloud Storage in the Wild A Broken Ecosystem  

CVE-2024-44068: Samsung m2m1shot_scaler0 device driver page use-after-free in Android  

Fortinet warns of new critical FortiManager flaw used in zero-day attacks

Investigating FortiManager Zero-Day Exploitation (CVE-2024-47575)  

Cisco Patches Vulnerability Exploited in Large-Scale Brute-Force Campaign 

Pwn2Own Ireland 2024: Day Three Results

An Update on Windows Downdate   

Threat Actors Are Exploiting Vulnerabilities Faster Than Ever  

Intelligence and Information Warfare 

“Hey ESET, Wait for the Leak”: Dissecting the “OctoberSeventh” Wiper targeting ESET customers in Israel  

The Crypto Game of Lazarus APT: Investors vs. Zero-days

Iranian hacker group aims at US election websites and media before vote, Microsoft says      

Burning Zero Days: FortiJump FortiManager vulnerability used by nation state in espionage via MSPs  

Amazon identified internet domains abused by APT29     

RDP configuration files as a means of obtaining remote access to a computer or “Rogue RDP” (CERT-UA#11690)

Joint Statement by FBI and CISA on PRC Activity Targeting Telecommunications

Chinese hackers targeted Trump and Vance’s phone data       

Cybersecurity

SEC Charges Four Companies With Misleading Cyber Disclosures   

Digital Echo Chambers and Erosion of Trust – Key Threats to the US Elections  

Apple will pay security researchers up to $1 million to hack its private AI cloud

The Global Surveillance Free-for-All in Mobile Ad Data  

Apple: Security research on Private Cloud Compute

How the ransomware attack at Change Healthcare went down: A timeline  

Irish Data Protection Commission fines LinkedIn Ireland €310 million  

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)


facebook linkedin twitter

Cybercrime data breach Hacking hacking news information security news IT Information Security malware Newsletter Pierluigi Paganini Security Affairs Security News

you might also like

Pierluigi Paganini June 24, 2025
Russia-linked APT28 use Signal chats to target Ukraine official with malware
Read more
Pierluigi Paganini June 24, 2025
China-linked APT Salt Typhoon targets Canadian Telecom companies
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

    recent articles

    Russia-linked APT28 use Signal chats to target Ukraine official with malware

    APT / June 24, 2025

    China-linked APT Salt Typhoon targets Canadian Telecom companies

    APT / June 24, 2025

    U.S. warns of incoming cyber threats following Iran airstrikes

    Cyber warfare / June 24, 2025

    McLaren Health Care data breach impacted over 743,000 people

    Data Breach / June 23, 2025

    American steel giant Nucor confirms data breach in May attack

    Data Breach / June 23, 2025

    To contact me write an email to:

    Pierluigi Paganini :
    pierluigi.paganini@securityaffairs.co

    LEARN MORE

    QUICK LINKS

    • Home
    • Cyber Crime
    • Cyber warfare
    • APT
    • Data Breach
    • Deep Web
    • Digital ID
    • Hacking
    • Hacktivism
    • Intelligence
    • Internet of Things
    • Laws and regulations
    • Malware
    • Mobile
    • Reports
    • Security
    • Social Networks
    • Terrorism
    • ICS-SCADA
    • POLICIES
    • Contact me

    Copyright@securityaffairs 2024

    We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
    Cookie SettingsAccept All
    Manage consent

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities...
    Necessary
    Always Enabled
    Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
    Non-necessary
    Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
    SAVE & ACCEPT