Security Affairs newsletter Round 470 by Pierluigi Paganini

Security Affairs newsletter Round 470 by Pierluigi Paganini – INTERNATIONAL EDITION

Pierluigi Paganini May 05, 2024

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Blackbasta gang claimed responsibility for Synlab Italia attack

LockBit published data stolen from Simone Veil hospital in Cannes

Russia-linked APT28 and crooks are still using the Moobot botnet

Dirty stream attack poses billions of Android installs at risk

ZLoader Malware adds Zeus’s anti-analysis feature

Ukrainian REvil gang member sentenced to 13 years in prison

Pro-Russia hackers target critical infrastructure in North America and Europe

HPE Aruba Networking addressed four critical ArubaOS RCE flaws

Threat actors hacked the Dropbox Sign production environment

CISA adds GitLab flaw to its Known Exploited Vulnerabilities catalog

Panda Restaurant Group disclosed a data breach

Ex-NSA employee sentenced to 262 months in prison for attempting to transfer classified documents to Russia

Cuttlefish malware targets enterprise-grade SOHO routers

A flaw in the R programming language could allow code execution

Muddling Meerkat, a mysterious DNS Operation involving China’s Great Firewall

Notorious Finnish Hacker sentenced to more than six years in prison Blackbasta gang claimed responsibility for Synlab Italia attack

CISA guidelines to protect critical infrastructure against AI-based threats

NCSC: New UK law bans default passwords on smart devices

The FCC imposes $200 million in fines on four US carriers for unlawfully sharing user location data

Google prevented 2.28 million policy-violating apps from being published on Google Play in 2023

Financial Business and Consumer Solutions (FBCS) data breach impacted 2M individuals

Cyber-Partisans hacktivists claim to have breached Belarus KGB

The Los Angeles County Department of Health Services disclosed a data breach

Multiple Brocade SANnav SAN Management SW flaws allow device compromise

ICICI Bank exposed credit card data of 17000 customers

Okta warns of unprecedented scale in credential stuffing attacks on online services

Targeted operation against Ukraine exploited 7-year-old MS Office bug

International Press – Newsletter

Cybercrime

Man Who Mass-Extorted Psychotherapy Patients Gets Six Years

Panda Restaurants discloses data breach after corporate systems hack

UnitedHealth CEO Says Hackers Lurked in Network for Nine Days Before Ransomware Strike

Sodinokibi/REvil Affiliate Sentenced for Role in $700M Ransomware Scheme

Cybersecurity consultant arrested after allegedly extorting IT firm

Cannes Simone Veil hospital center – CYBER ATTACK PRESS RELEASE

Malware

2024 Bad Bot Report

Dragos Industrial Ransomware Analysis: Q1 2024

Malware: Cuckoo Behaves Like Cross Between Infostealer and Spyware

Eight Arms To Hold You: The Cuttlefish Malware

Zloader Learns Old Tricks

Router Roulette: Cybercriminals and Nation-States Sharing Compromised Networks

Hacking

How to Block Residential Proxies using Okta

AI models inch closer to hacking on their own

Hackers use developing countries as testing ground for new ransomware attacks

Hackers claim to have infiltrated Belarus’ main security service

R-BITRARY CODE EXECUTION: VULNERABILITY IN R’S DESERIALIZATION

A recent security incident involving Dropbox Sign

DEFENDING OT OPERATIONS AGAINST ONGOING PRO-RUSSIA HACKTIVIST ACTIVITY

“Dirty stream” attack: Discovering and mitigating a common vulnerability pattern in Android apps

Intelligence and Information Warfare

Germany grapples with wave of spying threats from Russia and China

A CUNNING OPERATOR: MUDDLING MEERKAT AND CHINA’S GREAT FIREWALL

Former NSA Employee Sentenced to Over 21 Years in Prison for Attempted Espionage

Iranian state-backed cyber spies continue to impersonate media brands, think tanks

US moves to bar Huawei, other Chinese telecoms from certifying wireless equipment

Cybersecurity

Japanese police create fake support scam payment cards to warn victims

Why ICICI Bank has blocked thousands of credit cards

Discord dismantles Spy.pet site that snooped on millions of users

Assessing the Cyber Threat to the Nation’s Water Supply

Safety and Security Guidelines for Critical Infrastructure Owners and Operators

How we fought bad apps and bad actors in 2023

FCC fines carriers $196 million for selling customer location data

Smart devices: new law helps citizens to choose secure products

Semaforum with Joseph Cox: ‘I was just blown away by its audacity’

Mind-Bending Math Could Stop Quantum Hackers—but Few Understand It

2024 Data Breach Investigations Report

The PLA Navy’s Blue Team Center Games for War

NSA, cybersecurity partners issue urgent OT threat warning

Why hundreds of U.S. banks may be at risk of failure

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Pierluigi Paganini July 10, 2025

DoNot APT is expanding scope targeting European foreign ministries

Pierluigi Paganini July 09, 2025

Security Affairs newsletter Round 470 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

you might also like

DoNot APT is expanding scope targeting European foreign ministries

Nippon Steel Solutions suffered a data breach following a zero-day attack

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

DoNot APT is expanding scope targeting European foreign ministries

Nippon Steel Solutions suffered a data breach following a zero-day attack

Iranian group Pay2Key.I2P ramps Up ransomware attacks against Israel and US with incentives for affiliates

Hackers weaponize Shellter red teaming tool to spread infostealers

Microsoft Patch Tuesday security updates for July 2025 fixed a zero-day

QUICK LINKS

Security Affairs newsletter Round 470 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

you might also like

DoNot APT is expanding scope targeting European foreign ministries

Nippon Steel Solutions suffered a data breach following a zero-day attack

leave a comment

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

DoNot APT is expanding scope targeting European foreign ministries

Nippon Steel Solutions suffered a data breach following a zero-day attack

Iranian group Pay2Key.I2P ramps Up ransomware attacks against Israel and US with incentives for affiliates

Hackers weaponize Shellter red teaming tool to spread infostealers

Microsoft Patch Tuesday security updates for July 2025 fixed a zero-day

Subscribe to my email list and stay
up-to-date!