Security Affairs newsletter Round 435 by Pierluigi Paganini – International edition
September 03, 2023
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
Cybercrime
Unpacking the MOVEit Breach: Statistics and Analysis
Cl0p Ups The Ante With Massive MOVEit Transfer Supply-Chain Exploit
FBI, Partners Dismantle Qakbot Infrastructure in Multinational Cyber Takedown
U.S. Hacks QakBot, Quietly Removes Botnet Infections
Under Siege: Rapid7-Observed Exploitation of Cisco ASA SSL VPNs
Why is .US Being Used to Phish So Many of Us?
Cybercrime to cost Germany 206 billion euros in 2023, survey finds
Malware
Lockbit leak, research opportunities on tools leaked from TAs
Updated Kmsdx Binary Shows KmsdBot Is Targeting the IoT Landscape
SMOKE LOADER DROPS WHIFFY RECON WI-FI SCANNING AND GEOLOCATION MALWARE
Unleashing the Power of YARA: The Definitive Guide to Advanced Malware Hunting Beyond Hash-based Identifiers
How the FBI nuked Qakbot malware from infected Windows PCs
Agent Tesla – Building an effective decryptor
BadBazaar espionage tool targets Android users via trojanized Signal and Telegram apps
Under the shellcode of the ‘Operation Duck Hunt’. Analysis of the FBI’s ducks killer
CISA and International Partners Release Malware Analysis Report on Infamous Chisel Mobile Malware
Decrypting Key Group Ransomware: Emerging Financially Motivated Cyber Crime Gang
SapphireStealer: Open-source information stealer enables credential and data theft
Hacking
The Cheap Radio Hack That Disrupted Poland’s Railway System
CVE-2023-36844 And Friends: RCE In Juniper Devices
Hackers Can Silently Grab Your IP Through Skype. Microsoft Is In No Rush to Fix It
MalDoc in PDF – Detection bypass by embedding a malicious Word file into a PDF file
Hacktivists Breach Iranian Surveillance System
A Brazilian phone spyware was hacked and victims’ devices ‘deleted’ from server
Contain Yourself: Staying Undetected Using the Windows Container Isolation Framework
VMConnect supply chain attack continues, evidence points to North Korea
Okta Warns of Social Engineering Attacks Targeting Super Administrator Privileges
Hacktivists Breach Iranian Surveillance System
Intelligence and Information Warfare
Poland investigates cyber-attack on rail network
Japan’s cyber security agency suffers months-long breach
Diving Deep into UNC4841 Operations Following Barracuda ESG Zero-Day Remediation (CVE-2023-2868)
It Costs Just $400 to Build an AI Disinformation Machine
UK and allies support Ukraine calling out Russia’s GRU for new malware campaign
Cybersecurity
Europe is Cracking Down on Big Tech. This Is What Will Change When You Sign On
Growing use of AI in cybersecurity reveals new possibilities
Are Software Updates Useless Against Advanced Persistent Threats?
AI needs ‘human control’ to avoid being weaponized, says Microsoft’s president
Credentials of NASA, Tesla, DoJ, Verizon, and 2K others leaked by workplace safety organization
NYC Subway Will Disable ‘Feature’ That Leaked Trip History After 404 Media Investigation
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)