Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
International Press – Newsletter
Cybercrime
Italy police arrest four over alleged illegal database access, source says
Free, France’s second-largest telecoms company, confirms being hit by cyberattack
The Crime Messenger: How Sky ECC Phones Became a Tool of the Criminal Trade
Attackers Target Crypto Wallets Using Codeless Webflow Phishing Pages
Cryptocurrency Enthusiasts Targeted in Multi-Vector Supply Chain Attack
Ex-Disney worker accused of hacking computer menus to add profanities, errors
Malware
EIW — ESET Israel Wiper — used in active attacks targeting Israeli orgs
ESET Online Scanner for Redline and META
Massive PSAUX ransomware attack targets 22,000 CyberPanel instances
Hacking
Protect AI’s October 2024 Vulnerability Report
An analysis of the Keycloak authentication system
Anthropic flags AI’s potential to ‘automate sophisticated destructive cyber attacks’
Lottie-Player Supply Chain Attack Targets Cryptocurrency Wallets
Rare Case of Privilege Escalation Patched in LiteSpeed Cache Plugin
Intelligence and Information Warfare
Tenacious Pungsan: A DPRK threat actor linked to Contagious Interview
Midnight Blizzard conducts large-scale spear-phishing campaign using RDP files
CloudScout: Evasive Panda scouting cloud services
Hidden Warfare: Iran’s Growing Dependence on Criminal Networks
New Tradecraft of Iranian Cyber Group Aria Sepehr Ayandehsazan aka Emennet Pasargad
Cybersecurity
Unchaining Blockchain Security Part 1: The Emerging Risks of Private Blockchains in Enterprises
OT security becoming a mainstream concern
OpenAI’s new ChatGPT Search Chrome extension feels like a search hijacker
Synology hurries out patches for zero-days exploited at Pwn2Own
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, newsletter)