Security Affairs newsletter Round 485 by Pierluigi Paganini – INTERNATIONAL EDITION


Security Affairs newsletter Round 485 by Pierluigi Paganini – INTERNATIONAL EDITION

Pierluigi Paganini
August 18, 2024

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

International Press – Newsletter

Cybercrime  

Hackers leak 2.7 billion data records with Social Security numbers

Disrupting Russian Cybercrime: WWH-Club Admins Arrested  

International Investigation Leads to Shutdown of Ransomware Group  

Six ransomware gangs behind over 50% of 2024 attacks

Kootenai Health Data Breach

Unconfirmed Hack of 2.9 Billion Records at National Public Data Sparks Media Frenzy Amid Lawsuits 

Suspected head of prolific cybercrime groups arrested and extradited  

Texas firm says it lost $60M in a bank wire transfer scam  

Russian Citizen Sentenced to 40 Months for Selling Stolen Financial Information on the Criminal Internet Marketplace Slilpp  

Ransomware attack on Flint affecting city services as FBI investigates incident  

Inside the “3 Billion People” National Public Data Breach  

NationalPublicData.com Hack Exposes a Nation’s Data

Leaked Environment Variables Allow Large-Scale Extortion Operation of Cloud Environments      

Malware

Deciphering the Brain Cipher Ransomware  

Ideal typosquat ‘solana-py’ steals your crypto wallet keys  

Ransomware attackers introduce new EDR killer to their arsenal

A Deep Dive into a New ValleyRAT Campaign Targeting Chinese Speakers

Tusk: unraveling a complex infostealer campaign      

Hacking

Chained for attack: OpenVPN vulnerabilities discovered leading to RCE and LPE 

Musk’s interview with Trump marred by technical glitches 

GhostWrite Attack    

Massive cyberattack rocks Central Bank of Iran, computer system paralyzed – report

Ongoing Social Engineering Campaign Refreshes Payloads  

Threat Actor Tools Found that Bypass Antivirus, Delete Backups, Disable Systems   

Want to Win a Bike Race? Hack Your Rival’s Wireless Shifters 

Zero-Click Exploit Concerns Drive Urgent Patching of Windows TCP/IP Flaw 

iVerify Discovers Android Vulnerability Impacting Millions of Pixel Devices Around the World  

CVE-2024-38213: Copy2Pwn Exploit Evades Windows Web Protections  

Unicoin hints at potential data meddling after G-Suite compromise

Intelligence and Information Warfare 

We received internal Trump documents from ‘Robert.’ Then the campaign confirmed it was hacked

EastWind Campaign: New CloudSorcerer Attacks on Russian Government Organizations

Justice Department Disrupts North Korean Remote IT Worker Fraud Schemes Through Charges and Arrest of Nashville Facilitator

UAC-0198: Widespread Distribution of ANONVNC (MESHAGENT) Among Ukrainian Government Organizations

A Dive into Earth Baku’s Latest Campaign  

Pentagon to Conduct Massive Experiment for Connect-Everything Initiative 

Iranian backed group steps up phishing campaigns against Israel, U.S.      

NATO must recognize the potential of open-source intelligence  

Disrupting a covert Iranian influence operation 

Trump campaign hack-and-leak appears like a rerun of 2016. This time, media outlets are responding differently  

Cybersecurity

OpenSSH pre-authentication async signal safety issue  

THE AUGUST 2024 SECURITY UPDATE REVIEW  

NIST finalizes trio of post-quantum encryption standards

German Cyber Agency Wants Changes in Microsoft, CrowdStrike Products After Tech Outage  

Inside the FBI’s Dashboard for Wiretapping the World  

Quantum Computers Will Kill Digital Security. These Algorithms Could Stop Them  

An A.I.-powered version of Mr. Musk has appeared in thousands of inauthentic ads, contributing to billions in fraud   

After nearly 3B personal records leak online, Florida data broker confirms it was ransacked by cyber-thieves

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)







Source link