Pierluigi Paganini January 19, 2025

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

International Press – Newsletter

Cybercrime  

Taking legal action to protect the public from abusive AI-generated content 

Justice Department and FBI Conduct International Operation to Delete Malware Used by China-Backed Hackers  

Huione: the company behind the largest ever illicit online marketplace has launched a stablecoin 

Unknown group releases Fortinet config files and VPN passwords to the darknet  

NHS Cyberattack in UK Inflicted Long-Term Harm on Patient Health

Clop ransomware gang names dozens of victims hit by Cleo mass-hack, but several firms dispute breaches  

Sneaky 2FA: exposing a new AiTM Phishing-as-a-Service 

How victims of PowerSchool’s data breach helped each other investigate ‘massive’ hack

Chinese Innovations Spawn Wave of Toll Phishing Via SMS    

Gravy Analytics breached (to be confirmed)

Hackers Claim Massive Breach of Location Data Giant, Threaten to Leak Data      

Malware

Stealthy Credit Card Skimmer Targets WordPress Checkout Pages via Database Injection  

Abusing AWS Native Services: Ransomware Encrypting S3 Buckets with SSE-C

Python-Based Malware Powers RansomHub Ransomware to Exploit Network Flaws

One Mikro Typo: How a simple DNS misconfiguration enables malware delivery by a Russian botnet  

Hacking

Backdooring Your Backdoors – Another $20 Domain, More Governments

Analyzing CVE-2024-44243, a macOS System Integrity Protection bypass through kernel extensions     

Wiz Research Identifies Exploitation in the Wild of Aviatrix Controller RCE (CVE-2024-50603)

Console Chaos: A Campaign Targeting Publicly Exposed Management Interfaces on Fortinet FortiGate Firewalls

From arbitrary pointer dereference to arbitrary read/write in latest Windows 11 

Under the cloak of UEFI Secure Boot: Introducing CVE-2024-7344  

Karmada Security Audit  

Intelligence and Information Warfare 

Double-Tap Campaign: Russia-nexus APT possibly related to APT28 conducts cyber espionage on Central Asia and Kazakhstan diplomatic relations  

How Barcelona became an unlikely hub for spyware startups  

Secret Phone Surveillance Tech Was Likely Deployed at 2024 DNC  

New Star Blizzard spear-phishing campaign targets WhatsApp accounts  

Treasury Sanctions Company Associated with Salt Typhoon and Hacker Associated with Treasury Compromise  

Treasury Targets IT Worker Network Generating Revenue for DPRK Weapons Programs  

FBI Warns iPhone, Android, Windows Users—Do Not Install These Apps  

Cybersecurity

2025 cybersecurity trends: deepfakes, AI and quantum computing  

The State of IT Security in Germany 2024  

Global Cybersecurity Outlook 2025  

Ministers consider ban on all UK public bodies making ransomware payments 

The January 2025 Security Update Review  

Governments call for spyware regulations in UN Security Council meeting 

2024 US Healthcare Data Breaches: 585 Incidents, 180 Million Compromised User Records 

TikTok, AliExpress, SHEIN & Co surrender Europeans’ data to authoritarian China  

Mad at Meta? Don’t Let Them Collect and Monetize Your Personal Data  

CISA unveils ‘Secure by Demand’ guidelines to bolster OT security  

Opening the AI Black Box: Scientists use math to peek inside how artificial intelligence makes decisions

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)