Security Affairs newsletter Round 424 by Pierluigi Paganini – International edition

   June 18, 2023  Posted in Securityaffairs


A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Law enforcement shutdown a long-standing DDoS-for-hire service
A Russian national charged for committing LockBit Ransomware attacks
Oil and gas giant Shell is another victim of Clop ransomware attacks
Progress fixed a third flaw in MOVEit Transfer software
Unveiling the Balada injector: a malware epidemic in WordPress
China-linked APT UNC3886 used VMware ESXi Zero-Day
LLM meets Malware: Starting the Era of Autonomous Threat
Microsoft Patch Tuesday for June 2023 fixes 6 critical flaws
St. Margaret’s Health is the first hospital to cite a cyberattack as a reason for its closure
A database containing data of +8.9 million Zacks users was leaked online
Fortinet urges to patch the critical RCE flaw CVE-2023-27997 in Fortigate firewalls
UK communications regulator Ofcom hacked with a MOVEit file transfer zero-day
Experts released PoC exploit for MOVEit Transfer CVE-2023-34362 flaw
Intellihartx data breach exposed the personal and health info of 490,000 individuals
FUD Malware obfuscation engine BatCloak continues to evolve
Fortinet urges to patch a critical RCE flaw in Fortigate firewalls
Xplain data breach also impacted the national Swiss railway FSS
Microsoft warns of multi-stage AiTM phishing and BEC attacks
Pro-Ukraine Cyber Anarchy Squad claims the hack of the Russian telecom provider Infotel JSC
Updated Android spyware GravityRAT steals WhatsApp Backups
Barracuda ESG zero-day exploited by China-linked APT
Russia-linked APT Gamaredon update TTPs in recent attacks against Ukraine
Cybersecurity agencies published a joint LockBit ransomware advisory
Microsoft links Cadet Blizzard APT to Russia’s military intelligence GRU
Critical flaw found in WooCommerce Stripe Gateway Plugin used by +900K sites

Cybercrime

Oil and gas giant Shell confirms it was impacted by Clop ransomware attacks

Russian National Arrested and Charged with Conspiring to Commit LockBit Ransomware Attacks Against U.S. and Foreign Businesses

DETAINED FOR DDOS ATTACKS AS PART OF THE NEXT EDITION OF THE INTERNATIONAL “POWER OFF” OPERATION

Malware

Android GravityRAT goes after WhatsApp backups

LLM meets Malware: Starting the Era of Autonomous Threat

Reverse Engineering Terminator aka Zemana AntiMalware/AntiLogger Driver

Understanding Ransomware Threat Actors: LockBit

Hacking

Two XSS Vulnerabilities in Azure with Embedded postMessage IFrames

Intelligence and Information Warfare

Hackers hacked the websites of a Moscow provider and a number of Russian companies: they wish the Armed Forces of Ukraine success

VMware ESXi Zero-Day Used by Chinese Espionage Actor to Perform Privileged Guest Operations on Compromised Hypervisors

Spy agencies acquire commercial data with little coordination and few controls

Cadet Blizzard emerges as a novel and distinct Russian threat actor

Shuckworm: Inside Russia’s Relentless Cyber Campaign Against Ukraine

Barracuda ESG Zero-Day Vulnerability (CVE-2023-2868) Exploited Globally by Aggressive and Skilled Actor, Suspected Links to China

Cybersecurity

An Illinois hospital is the first health care facility to link its closing to a ransomware attack

The June 2023 Security Update Review

Unauthenticated IDOR to PII Disclosure in WooCommerce Stripe Gateway Plugin

MEPs ready to negotiate first-ever rules for safe and transparent AI

CISA Instructs Federal Agencies to Secure Internet-Exposed Devices

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

The post Security Affairs newsletter Round 424 by Pierluigi Paganini – International edition appeared first on Security Affairs.





Source link