Security Affairs newsletter Round 442 by Pierluigi Paganini

Security Affairs newsletter Round 442 by Pierluigi Paganini – INTERNATIONAL EDITION

Pierluigi Paganini October 22, 2023

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

A threat actor is selling access to Facebook and Instagram’s Police Portal

Threat actors breached Okta support system and stole customers’ data

US DoJ seized domains used by North Korean IT workers to defraud businesses worldwide

Alleged developer of the Ragnar Locker ransomware was arrested

CISA adds Cisco IOS XE flaw to its Known Exploited Vulnerabilities catalog

Tens of thousands Cisco IOS XE devices were hacked by exploiting CVE-2023-20198

Law enforcement operation seized Ragnar Locker group’s infrastructure

THE 11TH EDITION OF THE ENISA THREAT LANDSCAPE REPORT IS OUT!

North Korea-linked APT groups actively exploit JetBrains TeamCity flaw

Multiple APT groups exploited WinRAR flaw CVE-2023-38831

Californian IT company DNA Micro leaks private mobile phone data

Threat actors have been exploiting CVE-2023-4966 in Citrix NetScaler ADC/Gateway devices since August

A flaw in Synology DiskStation Manager allows admin account takeover

D-Link confirms data breach, but downplayed the impact

CVE-2023-20198 zero-day widely exploited to install implants on Cisco IOS XE systems

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Ransomware realities in 2023: one employee mistake can cost a company millions

Malware-laced ‘RedAlert – Rocket Alerts’ app targets Israeli users

Cisco warns of active exploitation of IOS XE zero-day

Signal denies claims of an alleged zero-day flaw in its platform

Microsoft Defender thwarted Akira ransomware attack on an industrial engineering firm

DarkGate malware campaign abuses Skype and Teams

The Alphv ransomware gang stole 5TB of data from the Morrison Community Hospital

Cybercrime

Europol knocks RagnarLocker offline in second major ransomware bust this year

The Fake Browser Update Scam Gets a Makeover

Ragnar Locker ransomware gang taken down by international police swoop

Justice Department Announces Court-Authorized Action to Disrupt Illicit Revenue Generation Efforts of Democratic People’s Republic of Korea Information Technology Workers

Malware

DarkGate Opens Organizations for Attack via Skype, Teams

New paper: Nexus Android banking botnet – compromising C&C panels and dissecting mobile AppInjects

Malicious “RedAlert – Rocket Alerts” Application Targets Israeli Phone Calls, SMS, and User Information

BlackCat Climbs the Summit With a New Tactic

Hacking

Active exploitation of Cisco IOS XE Software Web Management User Interface vulnerability

Widespread Cisco IOS XE Implants in the Wild

Synology NAS DSM Account Takeover: When Random is not Secure

Remediations for Citrix NetScaler ADC and Gateway Vulnerability (CVE-2023-4966)

CVE-2023-20198 – Cisco IOS-XE ZeroDay

Tracking Unauthorized Access to Okta’s Support System

Intelligence and Information Warfare

Hamas Cyber Capabilities: Threats and Implications for Israel

Peculiarities of destructive cyber attacks against Ukrainian providers (CERT-UA#7627)

Government-backed actors exploiting WinRAR vulnerability

Multiple North Korean threat actors exploiting the TeamCity CVE-2023-42793 vulnerability

MI5 head warns of ‘epic scale’ of Chinese espionage

International Criminal Court systems breached for cyber espionage

Cybersecurity

NIST – Digital Identity Guidelines – Authentication and Lifecycle Management

Automatic disruption of human-operated attacks through containment of compromised user accounts

Signal Debunks Zero-Day Vulnerability Reports, Finds No Evidence

Cloud and Threat Report: Top Adversary Tactics and Techniques

ENISA Threat Landscape 2023

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Pierluigi Paganini July 25, 2025

Operation CargoTalon targets Russia’s aerospace with EAGLET malware,

Pierluigi Paganini July 25, 2025

Security Affairs newsletter Round 442 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

you might also like

Operation CargoTalon targets Russia’s aerospace with EAGLET malware,

Unpatched flaw in EoL LG LNV5110R cameras lets hackers gain Admin access

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Operation CargoTalon targets Russia’s aerospace with EAGLET malware,

Unpatched flaw in EoL LG LNV5110R cameras lets hackers gain Admin access

Koske, a new AI-Generated Linux malware appears in the threat landscape

Mitel patches critical MiVoice MX-ONE Auth bypass flaw

Coyote malware is first-ever malware abusing Windows UI Automation

QUICK LINKS

Security Affairs newsletter Round 442 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

you might also like

Operation CargoTalon targets Russia’s aerospace with EAGLET malware,

Unpatched flaw in EoL LG LNV5110R cameras lets hackers gain Admin access

leave a comment

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Operation CargoTalon targets Russia’s aerospace with EAGLET malware,

Unpatched flaw in EoL LG LNV5110R cameras lets hackers gain Admin access

Koske, a new AI-Generated Linux malware appears in the threat landscape

Mitel patches critical MiVoice MX-ONE Auth bypass flaw

Coyote malware is first-ever malware abusing Windows UI Automation

Subscribe to my email list and stay
up-to-date!