Security Affairs newsletter Round 489 by Pierluigi Paganini – INTERNATIONAL EDITION
September 15, 2024
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
International Press – Newsletter
Cybercrime
Russian And Kazakhstani Men Indicted For Running Dark Web Criminal Marketplaces, Forums, And Trainings
Sextortion scam now use your “cheating” spouse’s name as a lure
Researchers trace massive data leak to US data broker: why should you care
Cyber-Attack on Payment Gateway Exposes 1.7 Million Credit Card Details
Highline Public Schools closes schools following cyberattack
In Wake of Durov Arrest, Some Cybercriminals Ditch Telegram
Six Persons To Be Charged For Offences In Relation To Illegal Cyber Activities
UK arrests teen linked to Transport for London cyber attack
Fortinet suffers third-party data breach affecting Asia-Pacific customers
Malware
Mythical Beasts and Where to Find Them: Mapping the Global Spyware Market and its Threats to National Security and Human Rights
Malware’s Shared Secrets: Code Similarity Insights for Ransomware Gangs Activities Tracking
Mallox ransomware: in-depth analysis and evolution
A glimpse into the Quad7 operators’ next moves and associated botnets
Ajina attacks Central Asia: Story of an Uzbek Android Pandemic
Void captures over a million Android TV boxes
Hacking
Watch the Typo: Our PoC Exploit for Typosquatting in GitHub Actions
Threat Actors Exploit GeoServer Vulnerability CVE-2024-36401
YubiKeys are vulnerable to cloning attacks thanks to newly discovered side channel
Once and Forever: WhatsApp’s View Once Functionality is Broken
PIXHELL Attack: Leaking Sensitive Information from Air-Gap Computers via `Singing Pixels’
Critical SonicWall SSLVPN bug exploited in ransomware attacks
Flipper Zero releases Firmware 1.0 after three years of development
DragonRank, a Chinese-speaking SEO manipulator service provider
CVE-2024-29847 Deep Dive: Ivanti Endpoint Manager AgentPortal Deserialization of Untrusted Data Remote Code Execution Vulnerability
Living off the land, GPO style
Intelligence and Information Warfare
DeFied Expectations — Examining Web3 Heists
Australian links revealed in global defence company scandal involving China, Russia and Iran
TIDRONE Targets Military and Satellite Industries in Taiwan
MI6 and CIA warn of ‘reckless campaign of sabotage across Europe’ being waged by Russia
Earth Preta Evolves its Attacks with New Malware and Strategies
Chinese APT Abuses VSCode to Target Government in Asia
Poland neutralises sabotage group linked to Belarus and Russia
Fake recruiter coding tests target devs with malicious Python packages
Cybersecurity
25 Ways to Make the SOC More Efficient and Avoid Team Burnout
An Open door
The September 2024 Security Update Review
The rise of fake influencers
Bug Left Some Windows PCs Dangerously Unpatched
YARA Rule Crafting: A Deep Dive into Signature-Based Threat Hunting Strategies
WordPress.org to require 2FA for plugin developers by October
Data Protection Commission launches inquiry into Google AI model
Building a Cybersecurity and Privacy Learning Program
UK Data Centers Gain Critical Infrastructure Status, Raising Green Belt Controversy
Record $65 Million Settlement Reached Between Saltz Mongeluzzi Bendesky and LVHN on Behalf of Cancer Patients Whose Nude Photos Were Hacked
Facebook scrapes photos of kids from Australian user profiles to train its AI
Global Cybersecurity Index
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)