Security Affairs newsletter Round 499 by Pierluigi Paganini

Security Affairs newsletter Round 499 by Pierluigi Paganini – INTERNATIONAL EDITION

Pierluigi Paganini November 24, 2024

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

A cyberattack on gambling giant IGT disrupted portions of its IT systems

China-linked APT Gelsemium uses a new Linux backdoor dubbed WolfsBane

Microsoft seized 240 sites used by the ONNX phishing service

U.S. CISA adds Apple, Oracle Agile PLM bugs to its Known Exploited Vulnerabilities catalog

More than 2,000 Palo Alto Networks firewalls hacked exploiting recently patched zero-days

Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office

US DoJ charges five alleged members of the Scattered Spider cybercrime gang

Threat actor sells data of over 750,000 patients from a French hospital

Decade-old local privilege escalation bugs impacts Ubuntu needrestart package

Ford data breach involved a third-party supplier

Hacker obtained documents tied to lawsuit over Matt Gaetz’s sexual misconduct allegations

Apple addressed two actively exploited zero-day vulnerabilities

Unsecured JupyterLab and Jupyter Notebooks servers abused for illegal streaming of Sports events

Russian Phobos ransomware operator faces cybercrime charges

China-linked actor’s malware DeepData exploits FortiClient VPN zero-day

U.S. CISA adds Progress Kemp LoadMaster, Palo Alto Networks PAN-OS and Expedition bugs to its Known Exploited Vulnerabilities catalog

Great Plains Regional Medical Center ransomware attack impacted 133,000 individuals

Recently disclosed VMware vCenter Server bugs are actively exploited in attacks

Foreign adversary hacked email communications of the Library of Congress says

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Increased GDPR Enforcement Highlights the Need for Data Security

Critical Really Simple Security plugin flaw impacts 4M+ WordPress sites

A botnet exploits e GeoVision zero-day to compromise EoL devices

International Press – Newsletter

Cybercrime

Ransomware Attack on Oklahoma Medical Center Impacts 133,000

Inside Intelligence Center: Financially Motivated Chinese Threat Actor SilkSpecter Targeting Black Friday Shoppers

Phobos Ransomware Administrator Extradited from South Korea to Face Cybercrime Charges

Ransomware gang Akira leaks unprecedented number of victims’ data in one day

Ford investigates alleged breach following customer data leak

5 Defendants Charged Federally with Running Scheme that Targeted Victim Companies via Phishing Text Messages

Targeting the Cybercrime Supply Chain

Cyberattack Disrupts Systems of Gambling Giant IGT

Justice Department Seizes Cybercrime Website and Charges Its Administrators

Malware

Fake AI video generators infect Windows, macOS with infostealers

How Italy became an unexpected spyware hub

Babble Babble Babble Babble Babble Babble BabbleLoader

One Sock Fits All: The use and abuse of the NSOCKS botnet

StopRansomware: BianLian Data Extortion Group

Hacking

4,000,000 WordPress Sites Using Really Simple Security Free and Pro Versions Affected by Critical Authentication Bypass Vulnerability

Threat Actors Hijack Misconfigured Servers for Live Sports Streaming

Apple Releases Urgent Updates to Patch Actively Exploited Zero-Day Vulnerabilities

Hacker Is Said to Have Gained Access to File With Damaging Testimony About Gaetz

Qualys TRU Uncovers Five Local Privilege Escalation Vulnerabilities in needrestart

Threat Brief: Operation Lunar Peek, Activity Related to CVE-2024-0012 and CVE-2024-9474 (Updated Nov. 20)

The Dark Side of Trust: Authority Citation-Driven Jailbreak Attacks on Large Language Models

Intelligence and Information Warfare

T-Mobile Hacked in Massive Chinese Breach of Telecom Networks

Library of Congress emails hacked by ‘adversary’

BrazenBamboo Weaponizes FortiClient Vulnerability to Steal VPN Credentials via DEEPDATA

Unveiling WolfsBane: Gelsemium’s Linux counterpart to Gelsevirine

DPRK IT Workers | A Network of Active Front Companies and Their Links to China

The Nearest Neighbor Attack: How A Russian APT Weaponized Nearby Wi-Fi Networks for Covert Access

Cybersecurity

CISA Director Jen Easterly to depart on Inauguration Day

The Silent AI Leader Nobody is Talking About

The AI Illusion: Navigating the Reality of Machine Learning in Cybersecurity

Roles and Responsibilities Framework for Artificial Intelligence in Critical Infrastructure

CWE Top 25 Most Dangerous Software Weaknesses

Navigating cybersecurity investments in the time of NIS 2

Vulnerabilities in VPNs Paper presented at the Privacy Enhancing Technologies Symposium 2024

China’s Surveillance State Is Selling Citizen Data as a Side Hustle

Anyone Can Buy Data Tracking US Soldiers and Spies to Nuclear Vaults and Brothels in Germany

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Pierluigi Paganini June 27, 2025

OneClik APT campaign targets energy sector with stealthy backdoors

Pierluigi Paganini June 27, 2025

Security Affairs newsletter Round 499 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.

you might also like

OneClik APT campaign targets energy sector with stealthy backdoors

APT42 impersonates cyber professionals to phish Israeli academics and journalists

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

OneClik APT campaign targets energy sector with stealthy backdoors

APT42 impersonates cyber professionals to phish Israeli academics and journalists

Kai West, aka IntelBroker, indicted for cyberattacks causing $25M in damages

Cisco fixed critical ISE flaws allowing Root-level remote code execution

U.S. CISA adds AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet FortiOS flaws to its Known Exploited Vulnerabilities catalog

QUICK LINKS

Security Affairs newsletter Round 499 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.

you might also like

OneClik APT campaign targets energy sector with stealthy backdoors

APT42 impersonates cyber professionals to phish Israeli academics and journalists

leave a comment

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

OneClik APT campaign targets energy sector with stealthy backdoors

APT42 impersonates cyber professionals to phish Israeli academics and journalists

Kai West, aka IntelBroker, indicted for cyberattacks causing $25M in damages

Cisco fixed critical ISE flaws allowing Root-level remote code execution

U.S. CISA adds AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet FortiOS flaws to its Known Exploited Vulnerabilities catalog

Subscribe to my email list and stay
up-to-date!