A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
| QakBot threat actors are still operational after the August takedown |
| Ransomware attack on MGM Resorts costs $110 Million |
| Cybersecurity, why a hotline number could be important? |
| Multiple experts released exploits for Linux local privilege escalation flaw Looney Tunables |
| Cisco Emergency Responder is affected by a critical Static Credentials bug. Fix it immediately! |
| Belgian intelligence service VSSE accused Alibaba of ‘possible espionage’ at European hub in Liege |
| A WhatsApp zero-day exploit can cost several million dollars |
| CISA adds JetBrains TeamCity and Windows flaws to its Known Exploited Vulnerabilities catalog |
| NATO is investigating a new cyber attack claimed by the SiegedSec group |
| Global CRM Provider Exposed Millions of Clients’ Files Online |
| Sony sent data breach notifications to about 6,800 individuals |
| Apple fixed the 17th zero-day flaw exploited in attacks |
| Atlassian Confluence zero-day CVE-2023-22515 actively exploited in attacks |
| A cyberattack disrupted Lyca Mobile services |
| Chipmaker Qualcomm warns of three actively exploited zero-days |
| DRM Report Q2 2023 – Ransomware threat landscape |
| Phishing campaign targeted US executives exploiting a flaw in Indeed job search platform |
| San Francisco’s transport agency Metropolitan Transportation Commission (MTC) exposes drivers’ plate numbers and addresses |
| BunnyLoader, a new Malware-as-a-Service advertised in cybercrime forums |
| Exclusive: Lighting the Exfiltration Infrastructure of a LockBit Affiliate (and more) |
| Two hacker groups are back in the news, LockBit 3.0 Black and BlackCat/AlphV |
| European Telecommunications Standards Institute (ETSI) suffered a data breach |
| WS_FTP flaw CVE-2023-40044 actively exploited in the wild |
| National Logistics Portal (NLP) data leak: seaports in India were left vulnerable to takeover by hackers |
| North Korea-linked Lazarus targeted a Spanish aerospace company |
| Ransomware attack on Johnson Controls may have exposed sensitive DHS data |
| BlackCat gang claims they stole data of 2.5 million patients of McLaren Health Care |
Cybercrime
A Closer Look at the Snatch Data Ransom Group
Meet LostTrust ransomware — A likely rebrand of the MetaEncryptor gang
Exclusive: DHS investigating whether floor plans and other security information were exposed in ransomware attack on contractor
Lighting the Exfiltration Infrastructure of a LockBit Affiliate (and more)
Malware
BunnyLoader, the newest Malware-as-a-Service
Qakbot-affiliated actors distribute Ransom Knight malware despite infrastructure takedown
The evolutionary tale of a persistent Python threat
Analyzing Lu0Bot: A Node.js Malware with Near-Unlimited Capabilities
Hacking
RCE in Progress WS_FTP Ad Hoc via IIS HTTP Modules (CVE-2023-40044)
ETSI faced a cyberattack
EvilProxy Phishing Attack Strikes Indeed
Statement from Lyca Mobile on cyberattack
Apple emergency update fixes new zero-day used to hack iPhones
NATO investigating breach, leak of internal documents
Zero-days for hacking WhatsApp are now worth millions of dollars
CVE-2023-4911: Looney Tunables – Local Privilege Escalation in the glibc’s ld.so
Intelligence and Information Warfare
Lazarus luring employees with trojanized coding challenges: The case of a Spanish aerospace company
Belgian VSSE INTELLIGENCE REPORT
Espionage fuels global cyberattacks
Belgium’s security services are monitoring Alibaba for possible spying
Record $7 billion in crypto laundered through cross-chain services
Operation Jacana: Foundling hobbits in Guyana
Cybersecurity
Researchers Extract Sounds From Still Images on Smartphone Cameras
Rising OT/ICS cybersecurity incidents reveal alarming trend
Critical Vulnerabilities in WS_FTP Server
Qualcomm Patches 3 Zero-Days Reported by Google
CVE-2023-22515: Zero-Day Privilege Escalation in Confluence Server and Data Center
MGM Resorts Says Ransomware Hack Cost $110 Million
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)
The post Security Affairs newsletter Round 440 by Pierluigi Paganini – International edition appeared first on Security Affairs.