Pierluigi Paganini December 22, 2024

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

International Press – Newsletter

Cybercrime  

New Investment Scam Leverages AI, Social Media Ads to Target Victims Worldwide

Texas Tech University Data Breach Impacts 1.4 Million People 

Hacker Leaks Cisco Data

New fake Ledger data breach emails try to steal crypto wallets  

How to Lose a Fortune with Just One Bad Click  

Effective Phishing Campaign Targeting European Companies and Institutions  

Ukrainian National Sentenced to Federal Prison in “Raccoon Infostealer” Cybercrime Case  

Romanian National Sentenced to 20 Years in Prison in Connection with NetWalker Ransomware Attacks Resulting in the Payment of Millions of Dollars in Ransoms  

United States Charges Dual Russian and Israeli National as Developer of LockBit Ransomware Group  

ACE Shutters One of the Largest Live Sports Piracy Rings in the World  

Malware

Vishing via Microsoft Teams Facilitates DarkGate Malware Intrusion  

Spyware distributed through Amazon Appstore  

BADBOX Botnet Is Back  

Supply Chain Attack on Rspack npm Packages Injects Cryptojacking Malware  

Hacking

Researchers find security flaws in Skoda cars that may let hackers remotely track them  

Exploit attempts inspired by recent Struts2 File Upload Vulnerability (CVE-2024-53677, CVE-2023-50164)

Hackers Can Jailbreak Digital License Plates to Make Others Pay Their Tolls and Tickets  

Not All Roads Lead to PWN2OWN: Firmware Reverse Engineering (Part 2)  

Current State of SonicWall Exposure: Firmware Decryption Unlocks New Insights  

Investigating Malicious Hardware with Industrial CT  

Fortinet FortiWLM Deep-Dive, IOCs, and the Almost Story of the “Forti Forty”  

Intelligence and Information Warfare 

Glutton: A New Zero-Detection PHP Backdoor from Winnti Targets Cybercrimals 

“A Digital Prison”: Surveillance and the suppression of civil society in Serbia  

The SBU and the National Police detained minors in Kharkiv who were spying for the FSB under the guise of a quest game  

Hidden in Plain Sight: TA397’s New Attack Chain Delivers Espionage RATs  

Analyzing FLUX#CONSOLE: Using Tax-Themed Lures, Threat Actors Exploit Windows Management Console to Deliver Backdoor Payloads 

Trump administration wants to go on cyber offensive against China

Earth Koshchei Coopts Red Team Tools in Complex RDP Attacks  

Cyberattack UAC-0125 using the theme “Army+” (CERT-UA#12559)  

Cybersecurity

ESET Threat Report H2 2024 

OpenAI whistleblower found dead in San Francisco

Irish Data Protection Commission fines Meta €251 Million  

Foreign hackers need to face real consequences, Mike Waltz says  

US considers ban on China’s TP-Link over security concerns, WSJ reports 

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)