Pierluigi Paganini
December 01, 2024
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
International Press – Newsletter
Cybercrime
Chinese cybercrime bust in thailand, over 700 million calls using fake ’02’ numbers
Software company providing services to US and UK grocery stores says it was hit by ransomware attack
Hacker in Snowflake Extortions May Be a U.S. Soldier
Major cybercrime operation nets 1,006 suspects
UK hospital network postpones procedures after cyberattack
Tether Has Become a Massive Money Laundering Tool for Mexican Drug Traffickers, Feds Say
Rockstar 2FA: A Driving Force in Phishing-as-a-Service (PaaS)
Rockstar 2FA Phishing-as-a-Service (PaaS): Noteworthy Email Campaigns
A programmer wanted by the FBI will be tried in Kaliningrad
11 arrested in Europol shutdown of illegal IPTV streaming networks
Uganda confirms hack of central bank accounts, official downplays extent of loss
PyPI Python Library “aiocpa” Found Exfiltrating Crypto Keys via Telegram Bot
Bootkitty: Analyzing the first UEFI bootkit for Linux
Gaming Engines: An Undetected Playground for Malware Loaders
Dozens of Machines Infected: Year-Long NPM Supply Chain Attack Combines Crypto Mining and Data Theft
SpyLoan: A Global Threat Exploiting Social Engineering
Hacking
Recent Zyxel Firewall Vulnerability Exploited in Ransomware Attacks
Zyxel USG FLEX and ATP series – Upgrading your device and ALL credentials to avoid hackers’ attacks
RomCom exploits Firefox and Windows zero days in the wild
Palo Alto GlobalProtect – RCE and Privilege Escalation via Malicious VPN Server (CVE-2024-5921)
ProjectSend CVE-2024-11680 Exploited in the Wild
Are You Already In The Matrix—35 Million Devices Under Blue Pill Attack
Over Two Dozen Flaws Identified in Advantech Industrial Wi-Fi Access Points – Patch ASAP
Intelligence and Information Warfare
Russia-Aligned TAG-110 Targets Asia and Europe with HATVIBE and CHERRYSPY
Russia ready to wage cyber war on UK, minister to say
China-Nexus TAG-112 Compromises Tibetan Websites to Distribute Cobalt Strike
Unveiling the Past and Present of APT-K-47 Weapon: Asyncshell
UK seeks collaboration for security research lab to counter Russia and ‘new AI arms race’
Microsoft shares latest intelligence on North Korean and Chinese threat actors at CYBERWARCON
Game of Emperor: Unveiling Long Term Earth Estries Cyber Intrusions
An Update on Recent Cyberattacks Targeting the US Wireless Companies
“Operation Undercut” Shows Multifaceted Nature of SDA’s Influence Operations
Cybersecurity
Introducing Restore Credentials: Effortless account restoration for Android apps
Bipartisan Legislation Seeks Stronger Healthcare Cybersecurity
Generative AI Under Attack: Flowbreaking Exploits Trigger Data Leaks
GenAI Tools and Decision-Making: Beware a New Control Trap
Microsoft Hacking Warning—450 Million Windows Users Must Now Act
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, newsletter)
