Security Affairs newsletter Round 438 by Pierluigi Paganini – International edition
September 24, 2023
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
Cybercrime
Russian cyber thieves linked to personal data breach at North Carolina hospitals
International operation closes down Piilopuoti dark web marketplace
THE CITY OF DALLAS RANSOMWARE INCIDENT: MAY 2023
Nigerian National Pleads Guilty To His Role In A Business Email Compromise Scheme
Malware
Bumblebee Loader Resurfaces in New Campaign
Earth Lusca Employs New Linux Backdoor, Uses Cobalt Strike for Lateral Movement
Stealth Falcon preying over Middle Eastern skies with Deadglyph
Inside the Code of a New XWorm Variant
Who’s Behind the 8Base Ransomware Website?
Cado Security Labs Researchers Witness a 600X Increase in P2Pinfect Traffic
Hacking
Retool attack – When MFA isn’t actually MFA
Fileless Remote Code Execution on Juniper Firewalls
Arbitrary code execution vulnerability in Trend Micro endpoint products’ ability to uninstall third-party security products
The outage at the airports really came from a computer attack
Russia linked to cyberattack on government services
Intelligence and Information Warfare
How the Lazarus Group is stepping up crypto hacks and changing its tactics
Lazarus Group’s Web3 Rampage
German spy chief warns of cyberattacks targeting liquefied natural gas terminals
New ShroudedSnooper actor targets telecommunications firms in the Middle East with novel Implants
Sandman APT | A Mystery Group Targeting Telcos with a LuaJIT Toolkit
Is That a Spy in Your Car?
0-days exploited by commercial surveillance vendor in Egypt
PREDATOR IN THE WIRES
OilRig’s Outer Space and Juicy Mix: Same ol’ rig, new drill pipes
Cybersecurity
Apple and Google Are Introducing New Ways to Defeat Cell Site Simulators, But Is it Enough?
NSA, FBI, and CISA Release Cybersecurity Information Sheet on Deepfake Threats
38TB of data accidentally exposed by Microsoft AI researchers
Clorox Blames Damaging Cyberattack for Product Shortage
MGM losing up to $8.4M per day as cyberattack paralyzes slot machines, hotels for 8th straight day: analyst
Apple emergency updates fix 3 new zero-days exploited in attacks
Cisco makes largest ever acquisition, buying cybersecurity company Splunk for $28 billion in cash
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)