Pierluigi Paganini December 01, 2024

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

International Press – Newsletter

Cybercrime  

Chinese cybercrime bust in thailand, over 700 million calls using fake ’02’ numbers  

Software company providing services to US and UK grocery stores says it was hit by ransomware attack

Hacker in Snowflake Extortions May Be a U.S. Soldier 

Major cybercrime operation nets 1,006 suspects  

UK hospital network postpones procedures after cyberattack

Tether Has Become a Massive Money Laundering Tool for Mexican Drug Traffickers, Feds Say  

Florida Telecommunications and Information Technology Worker Sentenced for Conspiring to Act as Agent of Chinese Government   

Rockstar 2FA: A Driving Force in Phishing-as-a-Service (PaaS)

Rockstar 2FA Phishing-as-a-Service (PaaS): Noteworthy Email Campaigns     

A programmer wanted by the FBI will be tried in Kaliningrad 

11 arrested in Europol shutdown of illegal IPTV streaming networks  

Uganda confirms hack of central bank accounts, official downplays extent of loss  

Malware

PyPI Python Library “aiocpa” Found Exfiltrating Crypto Keys via Telegram Bot

Bootkitty: Analyzing the first UEFI bootkit for Linux 

Gaming Engines: An Undetected Playground for Malware Loaders

Dozens of Machines Infected: Year-Long NPM Supply Chain Attack Combines Crypto Mining and Data Theft      

SpyLoan: A Global Threat Exploiting Social Engineering  

Hacking

Recent Zyxel Firewall Vulnerability Exploited in Ransomware Attacks 

Zyxel USG FLEX and ATP series – Upgrading your device and ALL credentials to avoid hackers’ attacks  

RomCom exploits Firefox and Windows zero days in the wild

Palo Alto GlobalProtect – RCE and Privilege Escalation via Malicious VPN Server (CVE-2024-5921)  

ProjectSend CVE-2024-11680 Exploited in the Wild

Are You Already In The Matrix—35 Million Devices Under Blue Pill Attack 

Over Two Dozen Flaws Identified in Advantech Industrial Wi-Fi Access Points – Patch ASAP

Intelligence and Information Warfare 

Russia-Aligned TAG-110 Targets Asia and Europe with HATVIBE and CHERRYSPY

Russia ready to wage cyber war on UK, minister to say  

China-Nexus TAG-112 Compromises Tibetan Websites to Distribute Cobalt Strike  

Unveiling the Past and Present of APT-K-47 Weapon: Asyncshell  

UK seeks collaboration for security research lab to counter Russia and ‘new AI arms race’  

Microsoft shares latest intelligence on North Korean and Chinese threat actors at CYBERWARCON  

Game of Emperor: Unveiling Long Term Earth Estries Cyber Intrusions

An Update on Recent Cyberattacks Targeting the US Wireless Companies  

“Operation Undercut” Shows Multifaceted Nature of SDA’s Influence Operations  

Cybersecurity

Introducing Restore Credentials: Effortless account restoration for Android apps  

Bipartisan Legislation Seeks Stronger Healthcare Cybersecurity    

Generative AI Under Attack: Flowbreaking Exploits Trigger Data Leaks  

GenAI Tools and Decision-Making: Beware a New Control Trap  

Microsoft Hacking Warning—450 Million Windows Users Must Now Act  

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)