Security Affairs newsletter Round 489 by Pierluigi Paganini – INTERNATIONAL EDITION

Sextortion scam now use your “cheating” spouse’s name as a lure

Researchers trace massive data leak to US data broker: why should you care

Cyber-Attack on Payment Gateway Exposes 1.7 Million Credit Card Details  

Highline Public Schools closes schools following cyberattack

In Wake of Durov Arrest, Some Cybercriminals Ditch Telegram  

Six Persons To Be Charged For Offences In Relation To Illegal Cyber Activities  

UK arrests teen linked to Transport for London cyber attack

Fortinet suffers third-party data breach affecting Asia-Pacific customers  

Malware

Mythical Beasts and Where to Find Them: Mapping the Global Spyware Market and its Threats to National Security and Human Rights  

Malware’s Shared Secrets: Code Similarity Insights for Ransomware Gangs Activities Tracking      

Mallox ransomware: in-depth analysis and evolution  

A glimpse into the Quad7 operators’ next moves and associated botnets  

Ajina attacks Central Asia: Story of an Uzbek Android Pandemic      

Void captures over a million Android TV boxes

Hacking

Watch the Typo: Our PoC Exploit for Typosquatting in GitHub Actions

Threat Actors Exploit GeoServer Vulnerability CVE-2024-36401      

YubiKeys are vulnerable to cloning attacks thanks to newly discovered side channel 

Once and Forever: WhatsApp’s View Once Functionality is Broken  

PIXHELL Attack: Leaking Sensitive Information from Air-Gap Computers via `Singing Pixels’

Critical SonicWall SSLVPN bug exploited in ransomware attacks

Flipper Zero releases Firmware 1.0 after three years of development

DragonRank, a Chinese-speaking SEO manipulator service provider 

CVE-2024-29847 Deep Dive: Ivanti Endpoint Manager AgentPortal Deserialization of Untrusted Data Remote Code Execution Vulnerability

Living off the land, GPO style      

Intelligence and Information Warfare 

DeFied Expectations — Examining Web3 Heists         

Australian links revealed in global defence company scandal involving China, Russia and Iran  

TIDRONE Targets Military and Satellite Industries in Taiwan  

MI6 and CIA warn of ‘reckless campaign of sabotage across Europe’ being waged by Russia

Earth Preta Evolves its Attacks with New Malware and Strategies

Chinese APT Abuses VSCode to Target Government in Asia  

Poland neutralises sabotage group linked to Belarus and Russia  

Fake recruiter coding tests target devs with malicious Python packages

Cybersecurity

25 Ways to Make the SOC More Efficient and Avoid Team Burnout  

An Open door

The September 2024 Security Update Review  

The rise of fake influencers  

Bug Left Some Windows PCs Dangerously Unpatched 

YARA Rule Crafting: A Deep Dive into Signature-Based Threat Hunting Strategies  

WordPress.org to require 2FA for plugin developers by October

Data Protection Commission launches inquiry into Google AI model

Building a Cybersecurity and Privacy Learning Program

UK Data Centers Gain Critical Infrastructure Status, Raising Green Belt Controversy

Record $65 Million Settlement Reached Between Saltz Mongeluzzi Bendesky and LVHN on Behalf of Cancer Patients Whose Nude Photos Were Hacked

Facebook scrapes photos of kids from Australian user profiles to train its AI      

Global Cybersecurity Index