Security Affairs newsletter Round 491 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs newsletter Round 491 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Irish Data Protection Commission fined Meta €91 million for storing passwords in readable format

A cyberattack on Kuwait Health Ministry impacted hospitals in the country

The Tor Project and Tails have merged operations

Cyber vandalism on Wi-Fi networks at UK train stations spread an anti-Islam message

CUPS flaws allow remote code execution on Linux systems under certain conditions

U.S. sanctioned virtual currency exchanges Cryptex and PM2BTC for facilitating illegal activities

Hacking Kia cars made after 2013 using just their license plate

Critical RCE vulnerability found in OpenPLC

China-linked APT group Salt Typhoon compromised some U.S. internet service providers (ISPs)

Privacy non-profit noyb claims that Firefox tracks users with privacy preserving feature

Data of 3,191 congressional staffers leaked in the dark web

New variant of Necro Trojan infected more than 11 million devices

U.S. CISA adds Ivanti Virtual Traffic Manager?flaw to its Known Exploited Vulnerabilities catalog

Arkansas City water treatment facility switched to manual operations following a cyberattack

New Android banking trojan Octo2 targets European banks

A generative artificial intelligence malware used in phishing attacks

A cyberattack on MoneyGram caused its service outage

Did Israel infiltrate Lebanese telecoms networks?

Telegram will provide user data to law enforcement in response to legal requests

ESET fixed two privilege escalation flaws in its products

North Korea-linked APT Gleaming Pisces deliver new PondRAT backdoor via malicious Python packages

Chinese APT Earth Baxia target APAC by exploiting GeoServer flaw

Hacktivist group Twelve is back and targets Russian entities

Noise Storms: Mysterious massive waves of spoofed traffic observed since 2020

International Press – Newsletter

Cybercrime ?

Samourai and Tornado Cash both pinning hopes on upcoming ruling ??

Cyberattack on Kansas water treatment facility investigated by feds ??

Modified LockBit and Conti ransomware shows up in DragonForce gang’s attacks ??

Inside the Dragon: DragonForce Ransomware Group ?

Two Russian Nationals Charged in Connection with Operating Billion Dollar Money Laundering Services ??

Telegram’s New Rules Push Criminal Groups to Flee the Platform ??

Security Brief: Actor Uses Compromised Accounts, Customized Social Engineering to Target Transport and Logistics Firms with Malware

Administrator account blamed for rail terror message hack ??

OFAC and FinCEN target major Russian money laundering services including Cryptex and PM2BTC

Seizure of 7 million euros of crypto currency and 2 crypto currency exchanges offline ??

Crypto scammers hack OpenAI’s press account on X ? ???

Storm-0501: Ransomware attacks expanding to hybrid cloud environments

Kuwait Health Ministry restoring systems after cyberattack takes down hospitals, healthcare app ??

Wallet Scam: A Case Study in Crypto Drainer Tactics

Malware

How the Necro Trojan infiltrated Google Play, again ??

Kryptina RaaS | From Unsellable Cast-Off to Enterprise Ransomware ??

Infostealer malware bypasses Chrome’s new cookie-theft defenses

AI-Generated Malware Found in the Wild

“Marko Polo” Navigates Uncharted Waters With Infostealer Empire

Octo2: European Banks Already Under Attack by New Malware Variant ??

Hacking

Hacking Kia: Remotely Controlling Cars With Just a License Plate ??

4 exploits, 1 bug: exploiting cve-2024-20017 4 different ways ??

LLM’s New Achilles Heel: When Prompts Become Exploits ??

A collection of Semgrep rules to facilitate vulnerability research

CVEs Targeting Remote Access Technologies

Hezbollah likely to launch retaliatory cyberattack on Israel, expert says ?????? ???

Rethinking Red Teaming for AI: The new wave of Cybersecurity in the age of AI ??

Israeli Group Claims Lebanon Water Hack as CISA Reiterates Warning on Simple ICS Attacks

Attacking UNIX Systems via CUPS, Part I ?? ?? Highly Anticipated Linux Flaw Allows Remote Code Execution, but Less Serious Than Expected ?

Tosint: Open-source Telegram OSINT tool ??

Intelligence and Information Warfare?

GreyNoise Reveals New Internet Noise Storm: Secret Messages and the China Connection ??

-=TWELVE=- is back ?

Earth Baxia Uses Spear-Phishing and GeoServer Exploit to Target APAC ??

Gleaming Pisces Poisoned Python Packages Campaign Delivers PondRAT Linux and MacOS Backdoors

‘Get away from Hezbollah’: Has Israel hacked Lebanon’s telecoms networks? ??

Iran linked hacker group Handala Hack Team claim pager explosions linked to Israeli battery company ??

Norway starts probe into reported links to exploding pagers in Lebanon ??

Thousands of Capitol Hill staffers’ info spilled across dark web, security firm says ??

Cyberespionage the Gamaredon way: Analysis of toolset used to spy on Ukraine in 2022 and 2023 ??

China-Linked Hackers Breach U.S. Internet Providers in New ‘Salt Typhoon’ Cyberattack ??

China's satellites are dodging US eyes in space ?

Unraveling Sparkling Pisces’s Tool Set: KLogEXE and FPSpy ?

Sophistication of AI-backed operation targeting senator points to future of deepfake schemes ?

Three IRGC Cyber Actors Indicted for ‘Hack-and-Leak’ Operation Designed to Influence the 2024 U.S. Presidential Election ??

Cybersecurity

Nearly 40% of FAA air traffic control systems need urgent updates, GAO reports ??

Telegram Changes Policy, Says It Will Provide User Data to Authorities ??

'Cybersecurity issue' takes MoneyGram offline for three days – and counting

Kaspersky deletes itself, installs UltraAV antivirus without warning

HP Wolf Security Threat Insights Report: September 2024 ?

Google & Arm - Raising The Bar on GPU Security

Increased Cybersecurity Essential For NGOs: Help Available ??

Firefox tracks you with “privacy preserving” feature ??

Cyber house of cards – Politicians’ and staffers’ personal details exposed online ?

NATO is testing out this decentralized messenger for communications between member nations ??

Kaspersky defends force-replacing its security software without users’ explicit consent ??

Threat Actors Continue to Exploit OT/ICS through Unsophisticated Means ?

Uniting for Internet Freedom: Tor Project & Tails Join Forces

Microsoft’s more secure Windows Recall feature can also be uninstalled by users

Irish Data Protection Commission fines Meta Ireland €91 million ?? ??????

Follow me on Twitter:?@securityaffairs ?and?Facebook ?and?Mastodon

Subscribe to the newsletter for free here:

https://www.dhirubhai.net/build-relation/newsletter-follow?entityUrn=7093942975545667584

Pierluigi?Paganini

(SecurityAffairs ?–?hacking,?newsletter)

要查看或添加评论,请登录

社区洞察

其他会员也浏览了