Security Affairs newsletter Round 441 by Pierluigi Paganini – INTERNATIONAL EDITION
October 15, 2023
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
Cybercrime
Phishers Spoof USPS, 12 Other Natl’ Postal Services
The Art of Concealment: A New Magecart Campaign That’s Abusing 404 Pages
Spanish airline Air Europa hit by credit card system breach
New Report: Child Sexual Abuse Content and Online Risks to Children on the Rise
#StopRansomware: AvosLocker Ransomware (Update)
CDW Says It’s Investigating After LockBit Claims To Leak Data Trove
New Clues Suggest Stolen FTX Funds Went to Russia-Linked Money Launderers
Malware
Trojans All the Way Down: BADBOX and PEACHPI
IZ1H9 Campaign Enhances Its Arsenal with Scores of Exploits
The Art of Concealment: A New Magecart Campaign That’s Abusing 404 Pages
Balada Injector Targets Unpatched tagDiv Plugin, Newspaper Theme & WordPress Admins
DarkGate Opens Organizations for Attack via Skype, Teams
Hacking
X-Force uncovers global NetScaler Gateway credential harvesting campaign
HTTP/2 Rapid Reset: deconstructing the record-breaking attack
U.S. Cybersecurity Agency Warns of Actively Exploited Adobe Acrobat Reader Vulnerability
Squid games: 35 security holes still unpatched in proxy after 2 years, now public
Intelligence and Information Warfare
Threat actors represented in the 2023 Microsoft Digital Defense Report
Concern grows in Brazil over Chinese industrial espionage
#OpIsrael, #FreePalestine And #OpSaudiArabia – How Cyber-Threat Actors Coordinate PSYOPS Campaigns With Kinetic Military Actions
STAYIN’ ALIVE – TARGETED ATTACKS AGAINST TELECOMS AND GOVERNMENT MINISTRIES IN ASIA
BlueShell Used in APT Attacks Against Korean and Thai Targets
CVE-2023-38831 Exploited by Pro-Russia Hacking Groups in RU-UA Conflict Zone for Credential Harvesting Operations
Assessed Cyber Structure and Alignments of North Korea in 2023
Cyberattacks Targeting Israel Are Rising After Hamas Assault
Cybersecurity
Coordinated Disclosure: 1-Click RCE on GNOME (CVE-2023-43641)
Exposed security cameras in Israel and Palestine posing significant risks
Google mitigated the largest DDoS attack to date, peaking above 398 million rps
THE OCTOBER 2023 SECURITY UPDATE REVIEW
Hamas Attacks, Israel Bombs Gaza and Misinformation Surges Online
Ransomware Vulnerability Warning Pilot updates: Now a One-stop Resource for Known Exploited Vulnerabilities and Misconfigurations Linked to Ransomware
AI Images Detectors Are Being Used to Discredit the Real Horrors of War
SEC Investigating Progress Software Over MOVEit Hack
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)