Security Affairs newsletter Round 498 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs newsletter Round 498 by Pierluigi Paganini – INTERNATIONAL EDITION

Pierluigi Paganini Pierluigi Paganini

Pierluigi Paganini

Member ENISA Ad-Hoc Working Group on Cyber Threat Landscapes - CEO CYBHORUS

发布日期: 2024年11月17日
+ 关注

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

A botnet exploits e GeoVision zero-day to compromise EoL devices

Palo Alto Networks confirmed active exploitation of recently disclosed zero-day

NSO Group used WhatsApp exploits even after Meta-owned company sued it

Glove Stealer bypasses Chrome’s App-Bound Encryption to steal cookies

Bitfinex hacker Ilya Lichtenstein was sentenced to 5 years in prison

U.S. CISA adds Palo Alto Networks Expedition?bugs to its Known Exploited Vulnerabilities catalog

Hackers target critical flaw CVE-2024-10914 in EOL D-Link NAS Devices

China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

Bitdefender released a decryptor for the ShrinkLocker ransomware

China's Volt Typhoon botnet has re-emerged

Zoom addressed two high-severity issues in its platform

Microsoft Patch Tuesday security updates for November 2024 fix two actively exploited zero-days

Ahold Delhaize experienced a cyber incident affecting several of its U.S. brands

A cyberattack on payment systems blocked cards readers across stores and gas stations in Israel

Apple indeed added a feature called "inactivity reboot" in iOS 18.1 that reboots locked devices

Ymir ransomware, a new stealthy ransomware grow in the wild

Amazon discloses employee data breach after May 2023 MOVEit attacks

A new fileless variant of Remcos RAT observed in the wild

A surge in Pro-Russia cyberattacks after decision to monitor North Korean Troops in Ukraine

U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers

International Press – Newsletter

Cybercrime ?

Amazon confirms employee data stolen after hacker claims MOVEit breach??

Bitcoin Fog Founder Sentenced to 12 Years for Cryptocurrency Money Laundering

A new way we’re helping others track frauds and scams online??

An Interview With the Target & Home Depot Hacker???

Bitfinex Hacker Sentenced in Money Laundering Conspiracy Involving Billions in Stolen Cryptocurrency??

Bitfinex Hacker Sentenced in Money Laundering Conspiracy Involving Billions in Stolen Cryptocurrency?? ??

Malware

New Campaign Uses Remcos RAT to Exploit Victims

Bengal cat lovers in Australia get psspsspss’d in Google-driven Gootloader campaign?? ???

Glove Stealer: Leveraging IElevator to Bypass App-Bound Encryption & Steal Sensitive Data??

Ymir: new stealthy ransomware in the wild??

Botnet exploits GeoVision zero-day to install Mirai malware

Hacking

Seoul accuses pro-Kremlin hackers of attacking websites over decision to monitor North Korean troops in Ukraine???

Massive MOVEit Vulnerability Breach: Hacker Leaks Employee Data from Amazon, McDonald’s, HSBC, HP, and Potentially 1000+ Other Companies??

DDoS cyberattack temporarily blocks Israeli credit card payments??? ???

GoIssue – The Tool Behind Recent GitHub Phishing Attacks

Fault Injection – Down the Rabbit Hole?? ???

Exploiting a Quarantine UAF Mitigation on a Custom Allocator Challenge???

Command Injection Vulnerability in name parameter for D-Link NAS?

PAN-OS Firewall Vulnerability Under Active Exploitation – IoCs Released

Intelligence and Information Warfare?

U.S. Agency Warns Employees About Phone Use Amid Ongoing China Hack

APT Actors Embed Malware within macOS Flutter Applications??

The Botnet is Back: SSC STRIKE Team Uncovers a Renewed Cyber Threat??

Iranian “Dream Job” Campaign 11.24??

Hamas-affiliated Threat Actor WIRTE Continues its Middle East Operations and Moves to Disruptive Activity??

CVE-2024-43451: A New Zero-Day Vulnerability Exploited in the wild??

Joint Statement from FBI and CISA on the People's Republic of China (PRC) Targeting of Commercial Telecommunications Infrastructure??

Malware Spotlight:? A Deep-Dive Analysis of WezRat

Cybersecurity

iOS 18.1 added a new ‘Inactivity Reboot’ security feature for iPhone???

The November 2024 Security Update Review??

CISA Flags Two Actively Exploited Palo Alto Flaws; New RCE Attack Confirmed

Pregnancy Tracking App ‘What to Expect’ Refuses to Fix Issue that Allows Full??

New Apple security feature reboots iPhones after 3 days, researchers confirm

NSO Group used WhatsApp exploits after the messaging app sued the spyware developer, court filing says?? ??

Insights and Current Gaps in Open-Source LLM Vulnerability Scanners: A Comparative Analysis??

Follow me on Twitter:?@securityaffairs?and?Facebook?and?Mastodon

Pierluigi?Paganini

(SecurityAffairs?–?hacking,?newsletter)

要查看或添加评论,请登录

更多精彩文章