Security Affairs newsletter Round 438 by Pierluigi Paganini


Security Affairs newsletter Round 438 by Pierluigi Paganini – International edition

Pierluigi Paganini
September 24, 2023

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cybercrime

Russian cyber thieves linked to personal data breach at North Carolina hospitals 

International operation closes down Piilopuoti dark web marketplace   

THE CITY OF DALLAS RANSOMWARE INCIDENT: MAY 2023

Nigerian National Pleads Guilty To His Role In A Business Email Compromise Scheme  

Malware

Bumblebee Loader Resurfaces in New Campaign  

Earth Lusca Employs New Linux Backdoor, Uses Cobalt Strike for Lateral Movement  

Stealth Falcon preying over Middle Eastern skies with Deadglyph  

Inside the Code of a New XWorm Variant

Who’s Behind the 8Base Ransomware Website?  

Cado Security Labs Researchers Witness a 600X Increase in P2Pinfect Traffic  

Hacking

Retool attack – When MFA isn’t actually MFA

Fileless Remote Code Execution on Juniper Firewalls  

Arbitrary code execution vulnerability in Trend Micro endpoint products’ ability to uninstall third-party security products  

The outage at the airports really came from a computer attack  

Russia linked to cyberattack on government services 

Intelligence and Information Warfare

How the Lazarus Group is stepping up crypto hacks and changing its tactics

Lazarus Group’s Web3 Rampage      

German spy chief warns of cyberattacks targeting liquefied natural gas terminals  

New ShroudedSnooper actor targets telecommunications firms in the Middle East with novel Implants  

Sandman APT | A Mystery Group Targeting Telcos with a LuaJIT Toolkit 

Is That a Spy in Your Car?

0-days exploited by commercial surveillance vendor in Egypt

PREDATOR IN THE WIRES        

OilRig’s Outer Space and Juicy Mix: Same ol’ rig, new drill pipes 

Cybersecurity

Apple and Google Are Introducing New Ways to Defeat Cell Site Simulators, But Is it Enough?  

NSA, FBI, and CISA Release Cybersecurity Information Sheet on Deepfake Threats  

38TB of data accidentally exposed by Microsoft AI researchers   

Clorox Blames Damaging Cyberattack for Product Shortage  

MGM losing up to $8.4M per day as cyberattack paralyzes slot machines, hotels for 8th straight day: analyst  

Apple emergency updates fix 3 new zero-days exploited in attacks

Cisco makes largest ever acquisition, buying cybersecurity company Splunk for $28 billion in cash  

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)







Source link