SECURITY AFFAIRS NEWSLETTER ROUND 442 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION

SECURITY AFFAIRS NEWSLETTER ROUND 442 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION

Pierluigi Paganini Pierluigi Paganini

Pierluigi Paganini

Member ENISA Ad-Hoc Working Group on Cyber Threat Landscapes - CEO CYBHORUS

发布日期: 2023年10月22日
+ 关注

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

A threat actor is selling access to Facebook and Instagram's Police Portal

Threat actors breached Okta support system and stole customers' data

US DoJ seized domains used by North Korean IT workers to defraud businesses worldwide

Alleged developer of the Ragnar Locker ransomware was arrested

CISA adds Cisco IOS XE flaw to its Known Exploited Vulnerabilities catalog

Tens of thousands Cisco IOS XE devices were hacked by exploiting CVE-2023-20198

Law enforcement operation seized Ragnar Locker group's infrastructure

THE 11TH EDITION OF THE ENISA THREAT LANDSCAPE REPORT IS OUT!

North Korea-linked APT groups actively exploit JetBrains TeamCity flaw

Multiple APT groups exploited WinRAR flaw CVE-2023-38831

Californian IT company DNA Micro leaks private mobile phone data

Threat actors have been exploiting CVE-2023-4966 in Citrix NetScaler ADC/Gateway devices since August

A flaw in Synology DiskStation Manager allows admin account takeover

D-Link confirms data breach, but downplayed the impact

CVE-2023-20198 zero-day widely exploited to install implants on Cisco IOS XE systems

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Ransomware realities in 2023: one employee mistake can cost a company millions

Malware-laced 'RedAlert - Rocket Alerts' app targets Israeli users?

Cisco warns of active exploitation of IOS XE zero-day

Signal denies claims of an alleged zero-day flaw in its platform

Microsoft Defender thwarted Akira ransomware attack on an industrial engineering firm

DarkGate malware campaign abuses Skype and Teams

The Alphv ransomware gang stole 5TB of data from the Morrison Community Hospital

International Press

Cybercrime

Europol knocks RagnarLocker offline in second major ransomware bust this year

The Fake Browser Update Scam Gets a Makeover

Ragnar Locker ransomware gang taken down by international police swoop?? ???

领英推荐

Justice Department Announces Court-Authorized Action to Disrupt Illicit Revenue Generation Efforts of Democratic People’s Republic of Korea Information Technology Workers???

Malware

DarkGate Opens Organizations for Attack via Skype, Teams???

New paper: Nexus Android banking botnet – compromising C&C panels and dissecting mobile AppInjects

Malicious “RedAlert – Rocket Alerts” Application Targets Israeli Phone Calls, SMS, and User Information???

BlackCat Climbs the Summit With a New Tactic??

Hacking

Active exploitation of Cisco IOS XE Software Web Management User Interface vulnerability??

Widespread Cisco IOS XE Implants in the Wild??

Synology NAS DSM Account Takeover: When Random is not Secure

Remediations for Citrix NetScaler ADC and Gateway Vulnerability (CVE-2023-4966)

CVE-2023-20198 – Cisco IOS-XE ZeroDay?? ??

Tracking Unauthorized Access to Okta’s Support System?? ?????

Intelligence and Information Warfare

Hamas Cyber Capabilities: Threats and Implications for Israel

Peculiarities of destructive cyber attacks against Ukrainian providers (CERT-UA#7627)

Government-backed actors exploiting WinRAR vulnerability??

Multiple North Korean threat actors exploiting the TeamCity CVE-2023-42793 vulnerability??

MI5 head warns of ‘epic scale’ of Chinese espionage

International Criminal Court systems breached for cyber espionage

Cybersecurity

NIST – Digital Identity Guidelines – Authentication and Lifecycle Management

Automatic disruption of human-operated attacks through containment of compromised user accounts????

Signal Debunks Zero-Day Vulnerability Reports, Finds No Evidence

Cloud and Threat Report: Top Adversary Tactics and Techniques??

ENISA Threat Landscape 2023???

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi?Paganini

(SecurityAffairs?–?hacking,?newsletter)

要查看或添加评论,请登录

更多精彩文章

社区洞察

其他会员也浏览了