Security Affairs newsletter Round 475 by Pierluigi Paganini – INTERNATIONAL EDITION

International Press – Newsletter

Cybercrime  

Cybercriminals Attack Banking Customers In EU With V3B Phishing Kit      

The National Police dismantles a network that obtained more than 5,300,000 euros through the illicit distribution of audiovisual content        

London hospital services impacted by ransomware incident  

Snowflake Data Breach Impacts Ticketmaster, Other Organizations

New York Times source code stolen using exposed GitHub token

Malware

Russian Power Companies, IT Firms, and Govt Agencies Hit by Decoy Dog Trojan

RansomHub: New Ransomware has Origins in Older Knight

FBI recovers 7,000 LockBit keys, urges ransomware victims to reach out   

TargetCompany’s Linux Variant Targets ESXi Environments  

UAC-0020 (Vermin) attacks the Defense Forces of Ukraine using the SPECTR WPS in tandem with a legitimate SyncThing (“SickSync” campaign)   

Hacking 

Snowflake at centre of world’s largest data breach 

Hacking Millions of Modems (and Investigating Who Hacked My Modem)  

Molding Lies Into Reality || Exploiting CVE-2024-4358  

Five new vulnerabilities found in Zyxel NAS devices (including code execution and privilege escalation)

A Zero Day TikTok Hack Is Taking Over Celebrity And Brand Accounts    

Stealing everything you’ve ever typed or viewed on your own Windows PC is now possible with two lines of code — inside the Copilot+ Recall disaster      

2024: Old CVEs, New Targets — Active Exploitation of ThinkPHP  

Intelligence and Information Warfare 

Video Games Might Matter for Terrorist Financing  

Disrupting FlyingYeti’s campaign targeting Ukraine

GRU’s BlueDelta Targets Key Networks in Europe with Multi-Phase Espionage Campaigns      

Revealed: Russian legal foundation linked to Kremlin activities in Europe  

NSA chief says China readying destructive cyberattacks on critical infrastructure  

How Russia is trying to disrupt the 2024 Paris Olympic Games  

Cybersecurity  

Generative AI is expected to magnify the risk of deepfakes and other fraud in banking  

Cyber house of cards – Politicians’ personal details exposed online

Preventing and Waging War in the AI–CYBER Era

Google Leak Reveals Thousands of Privacy Incidents    

Coast Guard To Empower Maritime Cybersecurity  

361 million stolen accounts leaked on Telegram added to HIBP

Cisco Patches Webex Bugs Following Exposure of German Government Meetings

How to Opt Out of Instagram and Facebook Using Your Posts for AI        

How to spot a deepfake: the maker of a detection tool shares the key giveaways  

Pierluigi Paganini

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

(SecurityAffairs – hacking, newsletter)