Security Affairs newsletter Round 491 by Pierluigi Paganini – INTERNATIONAL EDITION

International Press – Newsletter

Cybercrime  

Samourai and Tornado Cash both pinning hopes on upcoming ruling  

Cyberattack on Kansas water treatment facility investigated by feds  

Modified LockBit and Conti ransomware shows up in DragonForce gang’s attacks  

Inside the Dragon: DragonForce Ransomware Group 

Two Russian Nationals Charged in Connection with Operating Billion Dollar Money Laundering Services  

Telegram’s New Rules Push Criminal Groups to Flee the Platform  

Security Brief: Actor Uses Compromised Accounts, Customized Social Engineering to Target Transport and Logistics Firms with Malware

Administrator account blamed for rail terror message hack  

OFAC and FinCEN target major Russian money laundering services including Cryptex and PM2BTC

Seizure of 7 million euros of crypto currency and 2 crypto currency exchanges offline  

Crypto scammers hack OpenAI’s press account on X     

Storm-0501: Ransomware attacks expanding to hybrid cloud environments

Kuwait Health Ministry restoring systems after cyberattack takes down hospitals, healthcare app  

Wallet Scam: A Case Study in Crypto Drainer Tactics

Malware

How the Necro Trojan infiltrated Google Play, again  

Kryptina RaaS | From Unsellable Cast-Off to Enterprise Ransomware  

Infostealer malware bypasses Chrome’s new cookie-theft defenses

AI-Generated Malware Found in the Wild

“Marko Polo” Navigates Uncharted Waters With Infostealer Empire

Octo2: European Banks Already Under Attack by New Malware Variant  

Hacking

Hacking Kia: Remotely Controlling Cars With Just a License Plate  

4 exploits, 1 bug: exploiting cve-2024-20017 4 different ways  

LLM’s New Achilles Heel: When Prompts Become Exploits  

A collection of Semgrep rules to facilitate vulnerability research

CVEs Targeting Remote Access Technologies

Hezbollah likely to launch retaliatory cyberattack on Israel, expert says          

Rethinking Red Teaming for AI: The new wave of Cybersecurity in the age of AI  

Israeli Group Claims Lebanon Water Hack as CISA Reiterates Warning on Simple ICS Attacks

Attacking UNIX Systems via CUPS, Part I     
Highly Anticipated Linux Flaw Allows Remote Code Execution, but Less Serious Than Expected 

Tosint: Open-source Telegram OSINT tool  

Intelligence and Information Warfare 

GreyNoise Reveals New Internet Noise Storm: Secret Messages and the China Connection  

-=TWELVE=- is back 

Earth Baxia Uses Spear-Phishing and GeoServer Exploit to Target APAC  

Gleaming Pisces Poisoned Python Packages Campaign Delivers PondRAT Linux and MacOS Backdoors

‘Get away from Hezbollah’: Has Israel hacked Lebanon’s telecoms networks?  

Iran linked hacker group Handala Hack Team claim pager explosions linked to Israeli battery company  

Norway starts probe into reported links to exploding pagers in Lebanon  

Thousands of Capitol Hill staffers’ info spilled across dark web, security firm says  

Cyberespionage the Gamaredon way: Analysis of toolset used to spy on Ukraine in 2022 and 2023  

China-Linked Hackers Breach U.S. Internet Providers in New ‘Salt Typhoon’ Cyberattack  

China’s satellites are dodging US eyes in space 

Unraveling Sparkling Pisces’s Tool Set: KLogEXE and FPSpy 

Sophistication of AI-backed operation targeting senator points to future of deepfake schemes 

Three IRGC Cyber Actors Indicted for ‘Hack-and-Leak’ Operation Designed to Influence the 2024 U.S. Presidential Election   

Cybersecurity

Nearly 40% of FAA air traffic control systems need urgent updates, GAO reports  

Telegram Changes Policy, Says It Will Provide User Data to Authorities  

‘Cybersecurity issue’ takes MoneyGram offline for three days – and counting

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Subscribe to the newsletter for free here:

https://www.linkedin.com/build-relation/newsletter-follow?entityUrn=7093942975545667584

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)