Security Affairs newsletter Round 501 by Pierluigi Paganini – INTERNATIONAL EDITION

International Press – Newsletter

Cybercrime  

INTERPOL financial crime operation makes record 5,500 arrests, seizures worth over USD 400 million  

Hackers Stole $1.49 Billion in Cryptocurrency to Date in 2024

US government contractor ENGlobal says operations are ‘limited’ following cyberattack      

Administrator of the largest German-speaking trading platform for illegal goods and services arrested  

British telecoms giant BT confirms attempted cyberattack after ransomware gang claims hack  

Criminals Use Generative Artificial Intelligence to Facilitate Financial Fraud  

Why Hackers Want Your Health Information

Operation Destabilise: NCA disrupts $multi-billion Russian money laundering networks with links to, drugs, ransomware and espionage, resulting in 84 arrests  

Why Phishers Love New TLDs Like .shop, .top and .xyz   

Criminals Use Generative Artificial Intelligence to Facilitate Financial Fraud 

Cyberattack targets Port of Rijeka, data stolen  

Malware

SmokeLoader Attack Targets Companies in Taiwan

LogoFAIL Exploited to Deploy Bootkitty, the first UEFI bootkit for Linux      

RedLine, A License to Steal: The Rudometov Story & Operation Magnus

Unveiling RevC2 and Venom Loader  

Meeten Malware: A Cross-Platform Threat to Crypto Wallets on macOS and Windows  

Quack now, pay later  

Hacking

Cybercriminals Use NFC Relay to Turn Stolen Credit Cards into Cash without a PIN  

What It Costs to Hire a Hacker on the Dark Web   

Cisco Warns of Attacks Exploiting Decade-Old ASA Vulnerability 

Progress WhatsUp Gold NmAPI.exe Registry Overwrite Unauthenticated RCE

Cloudflare’s pages.dev and workers.dev Domains Increasingly Abused for Phishing

Snowblind: The Invisible Hand of Secret Blizzard      

Windows Sockets: From Registered I/O to SYSTEM Privileges  

BlueAlpha Abuses Cloudflare Tunneling Service for GammaDrop Staging Infrastructure

Deloitte Hacked – Brain Cipher Ransomware Group Allegedly Stolen 1 TB of Data  

Supply Chain Attack Detected in Solana’s web3.js Library  

Intelligence and Information Warfare 

Former Polish spy chief arrested to testify before parliament in spyware probe 

Analysis of Threat Actor Kim Soo-ki’s Email Phishing Campaign 

Enhanced Visibility and Hardening Guidance for Communications Infrastructure  

Senators say US military is failing to secure its phones from foreign spies  

He Got Banned From X. Now He Wants to Help You Escape, Too 

Dozens of Countries Hit in Chinese Telecom Hacking Campaign, Top U.S. Official Says

Guess Who’s Back – The Return of ANEL in the Recent Earth Kasha Spear-phishing Campaign in 2024      

Frequent freeloader part I: Secret Blizzard compromising Storm-0156 infrastructure for espionage  

Romania was target of ‘aggressive hybrid Russian attacks’ during elections, security council says  

Something to Remember Us By Device Confiscated by Russian Authorities Returned with Monokle-Type Spyware Installed

MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur’s Multi-Platform Attacks

Cybersecurity

Mechanized minds: AI’s hidden impact on human thought  

Google Confirms New Gmail Security Surprise—And It’s So Simple 

Tor in Russia: A call for more WebTunnel bridges  

US agency proposes new rule blocking data brokers from selling Americans’ sensitive personal data  

Treasury Exposes Money Laundering Network Using Digital Assets to Evade Sanctions

EU’s first ever report on the state of cybersecurity in the Union

U.S. officials urge Americans to use encrypted apps amid unprecedented cyberattack      

The Great Pokémon Go Spy Panic  

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)