Security Affairs newsletter Round 424 by Pierluigi Paganini – International edition

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Law enforcement shutdown a long-standing DDoS-for-hire service

A Russian national charged for committing LockBit Ransomware attacks

Oil and gas giant Shell is another victim of Clop ransomware attacks

Progress fixed a third flaw in MOVEit Transfer software Unveiling the Balada injector: a malware epidemic in WordPress

China-linked APT UNC3886 used VMware ESXi Zero-Day

LLM meets Malware: Starting the Era of Autonomous Threat

Microsoft Patch Tuesday for June 2023 fixes 6 critical flaws

St. Margaret’s Health is the first hospital to cite a cyberattack as a reason for its closure

A database containing data of +8.9 million Zacks users was leaked online

Fortinet urges to patch the critical RCE flaw CVE-2023-27997 in Fortigate firewalls

UK communications regulator Ofcom hacked with a MOVEit file transfer zero-day

Experts released PoC exploit for MOVEit Transfer CVE-2023-34362 flaw

Intellihartx data breach exposed the personal and health info of 490,000 individuals FUD Malware obfuscation engine BatCloak continues to evolve

Fortinet urges to patch a critical RCE flaw in Fortigate firewalls

Xplain data breach also impacted the national Swiss railway FSS

Microsoft warns of multi-stage AiTM phishing and BEC attacks

Pro-Ukraine Cyber Anarchy Squad claims the hack of the Russian telecom provider Infotel JSC

Updated Android spyware GravityRAT steals WhatsApp Backups

Barracuda ESG zero-day exploited by China-linked APT

Russia-linked APT Gamaredon update TTPs in recent attacks against Ukraine

Cybersecurity agencies published a joint LockBit ransomware advisory

Microsoft links Cadet Blizzard APT to Russia’s military intelligence GRU

Critical flaw found in WooCommerce Stripe Gateway Plugin used by +900K sites

Cybercrime

Oil and gas giant Shell confirms it was impacted by Clop ransomware attacks

Russian National Arrested and Charged with Conspiring to Commit LockBit Ransomware Attacks Against U.S. and Foreign Businesses

DETAINED FOR DDOS ATTACKS AS PART OF THE NEXT EDITION OF THE INTERNATIONAL “POWER OFF” OPERATION

Malware

Android GravityRAT goes after WhatsApp backups

LLM meets Malware: Starting the Era of Autonomous Threat

Reverse Engineering Terminator aka Zemana AntiMalware/AntiLogger Driver

Understanding Ransomware Threat Actors: LockBit

Hacking

Two XSS Vulnerabilities in Azure with Embedded postMessage IFrames

Intelligence and Information Warfare

Hackers hacked the websites of a Moscow provider and a number of Russian companies: they wish the Armed Forces of Ukraine success

VMware ESXi Zero-Day Used by Chinese Espionage Actor to Perform Privileged Guest Operations on Compromised Hypervisors

Spy agencies acquire commercial data with little coordination and few controls

Cadet Blizzard emerges as a novel and distinct Russian threat actor

Shuckworm: Inside Russia’s Relentless Cyber Campaign Against Ukraine

Barracuda ESG Zero-Day Vulnerability (CVE-2023-2868) Exploited Globally by Aggressive and Skilled Actor, Suspected Links to China

Cybersecurity

An Illinois hospital is the first health care facility to link its closing to a ransomware attack

The June 2023 Security Update Review

Unauthenticated IDOR to PII Disclosure in WooCommerce Stripe Gateway Plugin

MEPs ready to negotiate first-ever rules for safe and transparent AI

CISA Instructs Federal Agencies to Secure Internet-Exposed Devices

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

The post Security Affairs newsletter Round 424 by Pierluigi Paganini – International edition appeared first on Security Affairs.

Source link