Security Affairs newsletter Round 477 by Pierluigi Paganini – INTERNATIONAL EDITION

Pierluigi Paganini June 23, 2024

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

US government sanctions twelve Kaspersky Lab executives
Experts found a bug in the Linux version of RansomHub ransomware
UEFICANHAZBUFFEROVERFLOW flaw in Phoenix SecureCore UEFI firmware potentially impacts hundreds of PC and server models
Russia-linked APT Nobelium targets French diplomatic entities
US bans sale of Kaspersky products due to risks to national security
Atlassian fixed six high-severity bugs in Confluence Data Center and Server
China-linked spies target Asian Telcos since at least 2021
New Rust infostealer Fickle Stealer spreads athrough various attack methods
An unpatched bug allows anyone to impersonate Microsoft corporate email accounts
Smishing Triad Is Targeting Pakistan To Defraud Banking Customers At Scale
Alleged researchers stole $3 million from Kraken exchange
Google Chrome 126 update addresses multiple high-severity flaws
Chip maker giant AMD investigates a data breach
Cryptojacking campaign targets exposed Docker APIs
VMware fixed RCE and privilege escalation bugs in vCenter Server
Meta delays training its AI using public content shared by EU users 
The Financial Dynamics Behind Ransomware Attacks
Empire Market owners charged with operating $430M dark web marketplace
China-linked Velvet Ant uses F5 BIG-IP malware in cyber espionage campaign
LA County’s Department of Public Health (DPH) data breach impacted over 200,000 individuals
Spanish police arrested an alleged member of the Scattered Spider group
Online job offers, the reshipping and money mule scams
ASUS fixed critical remote authentication bypass bug in several routers

International Press – Newsletter

Cybercrime  

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested  

L.A. DPH – Public Health Responds to Privacy Breach

Owners of “Empire Market” Charged in Chicago With Operating $430 Million Dark Web Marketplace   

Keytronic Says Personal Information Stolen in Ransomware Attack  

Smishing Triad Is Targeting Pakistan To Defraud Banking Customers At Scale  

BEYOND ILLUSIONS – Report 2024   

Malware

Attackers deploying new tactics in campaign targeting exposed Docker APIs  

LevelBlue Labs Discovers Highly Evasive, New Loader Targeting Chinese Organizations  

Fickle Stealer Distributed via Multiple Attack Chain  

A REVERSE ENGINEER’S JOURNEY WITH POWERSHELL AND XWORM

RansomHub Draws in Affiliates with Multi-OS Capability and High Commission Rates  

Hacking

Bypassing 2FA with phishing and OTP bots 

New ARM ‘TIKTAG’ attack impacts Google Chrome, Linux systems

“Researchers” exploit Kraken exchange bug, steal $3 million in crypto

Security bug allows anyone to spoof Microsoft employee emails  

Perplexity AI is susceptible to prompt injection

UEFICANHAZBUFFEROVERFLOW: WIDESPREAD IMPACT FROM VULNERABILITY IN POPULAR PC AND SERVER FIRMWARE  

SolarWinds Serv-U (CVE-2024-28995) exploitation: We see you!  

Intelligence and Information Warfare 

China-Nexus Threat Group ‘Velvet Ant’ Abuses F5 Load Balancers for Persistence 

Government and military officials fair targets of Pegasus spyware, NSO Group argues     

Sustained Campaign Using Chinese Espionage Tools Targets Telcos 

ANSSI: The Nobelium intrusion set

Top 10 Generative AI Models Mimic Russian Disinformation Claims A Third of the Time, Citing Moscow-Created Fake Local News Sites as Authoritative Sources   

Cybersecurity  

London Hospitals Knew of Cyber Vulnerabilities Years Before Hack  

Mandiant Threat Hunting Guide Snowake

Building AI Technology for Europeans in a Transparent and Responsible Way  

Biden bans US sales of Kaspersky software over Russia ties

Treasury Sanctions Kaspersky Lab Leadership in Response to Continued Cybersecurity Risks

Security Headers to prevent phishing            

Pierluigi Paganini

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

(SecurityAffairs – hacking, newsletter)



you might also like

leave a comment