Security Affairs newsletter Round 504 by Pierluigi Paganini

Security Affairs newsletter Round 504 by Pierluigi Paganini – INTERNATIONAL EDITION

Pierluigi Paganini December 29, 2024

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Pro-Russia group NoName targeted the websites of Italian airports

North Korea actors use OtterCookie malware in Contagious Interview campaign

Experts warn of a surge in activity associated FICORA and Kaiten botnets

Palo Alto Networks fixed a high-severity PAN-OS flaw

Brazilian citizen charged for threatening to release data stolen from a company in 2020

A new Mirai botnet variant targets DigiEver DS-2105 Pro DVRs

A ransomware attack disrupted services at Pittsburgh Regional Transit

A cyber attack hit Japan Airlines delaying ticket sales for flights

Apache fixed a critical SQL Injection in Apache Traffic Control

BellaCPP, Charming Kitten’s BellaCiao variant written in C++

DMM Bitcoin $308M Bitcoin heist linked to North Korea

Adobe is aware that ColdFusion bug CVE-2024-53961 has a known PoC exploit code

Apache Foundation fixed a severe Tomcat vulnerability

Italy’s data protection watchdog fined OpenAI €15 million over ChatGPT’s data management violations

U.S. CISA adds Acclaim Systems USAHERDS flaw to its Known Exploited Vulnerabilities catalog

U.S. Court rules against NSO Group in WhatsApp spyware Lawsuit

Lazarus APT targeted employees at an unnamed nuclear-related organization

US charged Dual Russian and Israeli National as LockBit Ransomware developer

International Press – Newsletter

Cybercrime

Phishing platform Rockstar 2FA trips, and “FlowerStorm” picks up the pieces

Pittsburgh Regional Transit attributes recent service disruptions to ransomware attack

Brazilian Man Charged With Making Extortionate Threats To Publicize Stolen Data Obtained By Unlawful Computer Intrusion

Malware

Now You See Me, Now You Don’t: Using LLMs to Obfuscate Malicious JavaScript

Analyzing Malicious Intent in Python Code: A Case Study

DigiEver Fix That IoT Thing!

Hacking

The Insecure IoT Cloud Strikes Again: RCE on Ruijie Cloud-Connected Devices

Cybersecurity firm’s Chrome extension hijacked to steal users’ data

Japan Airlines was hit by a cyberattack, delaying flights during the year-end holiday season

Hackers exploit DoS flaw to disable Palo Alto Networks firewalls

Intelligence and Information Warfare

Ukraine’s state registers hit with one of Russia’s largest cyberattacks, officials say

Lazarus group evolves its infection chain with old and new malware

FBI, DC3, and NPA Identification of North Korean Cyber Actors, Tracked as TraderTraitor, Responsible for Theft of $308 Million USD from Bitcoin.DMM.com

BellaCPP: Discovering a new BellaCiao variant written in C++

OtterCookie, a new malware used by Contagious Interview

Recent Cases of Watering Hole Attacks, Part 2

Cybersecurity

U.S. Judge Rules Against NSO Group in WhatsApp Pegasus Spyware Case

Italy fines OpenAI over ChatGPT privacy rules breach

Adobe Patches ColdFusion Flaw at High Risk of Exploitation

The Intersection of AI and OSINT: Advanced Threats On The Horizon

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Pierluigi Paganini June 26, 2025

Kai West, aka IntelBroker, indicted for cyberattacks causing $25M in damages

Pierluigi Paganini June 26, 2025

Security Affairs newsletter Round 504 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.

you might also like

Kai West, aka IntelBroker, indicted for cyberattacks causing $25M in damages

Cisco fixed critical ISE flaws allowing Root-level remote code execution

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Kai West, aka IntelBroker, indicted for cyberattacks causing $25M in damages

Cisco fixed critical ISE flaws allowing Root-level remote code execution

U.S. CISA adds AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet FortiOS flaws to its Known Exploited Vulnerabilities catalog

CitrixBleed 2: The nightmare that echoes the 'CitrixBleed' flaw in Citrix NetScaler devices

Hackers deploy fake SonicWall VPN App to steal corporate credentials

QUICK LINKS

Security Affairs newsletter Round 504 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.

you might also like

Kai West, aka IntelBroker, indicted for cyberattacks causing $25M in damages

Cisco fixed critical ISE flaws allowing Root-level remote code execution

leave a comment

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Kai West, aka IntelBroker, indicted for cyberattacks causing $25M in damages

Cisco fixed critical ISE flaws allowing Root-level remote code execution

U.S. CISA adds AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet FortiOS flaws to its Known Exploited Vulnerabilities catalog

CitrixBleed 2: The nightmare that echoes the 'CitrixBleed' flaw in Citrix NetScaler devices

Hackers deploy fake SonicWall VPN App to steal corporate credentials

Subscribe to my email list and stay
up-to-date!