Security Affairs newsletter Round 507 by Pierluigi Paganini – INTERNATIONAL EDITION
January 19, 2025
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
International Press – Newsletter
Cybercrime
Taking legal action to protect the public from abusive AI-generated content
Justice Department and FBI Conduct International Operation to Delete Malware Used by China-Backed Hackers
Huione: the company behind the largest ever illicit online marketplace has launched a stablecoin
Unknown group releases Fortinet config files and VPN passwords to the darknet
NHS Cyberattack in UK Inflicted Long-Term Harm on Patient Health
Clop ransomware gang names dozens of victims hit by Cleo mass-hack, but several firms dispute breaches
Sneaky 2FA: exposing a new AiTM Phishing-as-a-Service
How victims of PowerSchool’s data breach helped each other investigate ‘massive’ hack
Chinese Innovations Spawn Wave of Toll Phishing Via SMS
Gravy Analytics breached (to be confirmed)
Hackers Claim Massive Breach of Location Data Giant, Threaten to Leak Data
Malware
Stealthy Credit Card Skimmer Targets WordPress Checkout Pages via Database Injection
Abusing AWS Native Services: Ransomware Encrypting S3 Buckets with SSE-C
Python-Based Malware Powers RansomHub Ransomware to Exploit Network Flaws
One Mikro Typo: How a simple DNS misconfiguration enables malware delivery by a Russian botnet
Hacking
Backdooring Your Backdoors – Another $20 Domain, More Governments
Analyzing CVE-2024-44243, a macOS System Integrity Protection bypass through kernel extensions
Wiz Research Identifies Exploitation in the Wild of Aviatrix Controller RCE (CVE-2024-50603)
Console Chaos: A Campaign Targeting Publicly Exposed Management Interfaces on Fortinet FortiGate Firewalls
From arbitrary pointer dereference to arbitrary read/write in latest Windows 11
Under the cloak of UEFI Secure Boot: Introducing CVE-2024-7344
Karmada Security Audit
Intelligence and Information Warfare
Double-Tap Campaign: Russia-nexus APT possibly related to APT28 conducts cyber espionage on Central Asia and Kazakhstan diplomatic relations
How Barcelona became an unlikely hub for spyware startups
Secret Phone Surveillance Tech Was Likely Deployed at 2024 DNC
New Star Blizzard spear-phishing campaign targets WhatsApp accounts
Treasury Sanctions Company Associated with Salt Typhoon and Hacker Associated with Treasury Compromise
Treasury Targets IT Worker Network Generating Revenue for DPRK Weapons Programs
FBI Warns iPhone, Android, Windows Users—Do Not Install These Apps
Cybersecurity
2025 cybersecurity trends: deepfakes, AI and quantum computing
The State of IT Security in Germany 2024
Global Cybersecurity Outlook 2025
Ministers consider ban on all UK public bodies making ransomware payments
The January 2025 Security Update Review
Governments call for spyware regulations in UN Security Council meeting
2024 US Healthcare Data Breaches: 585 Incidents, 180 Million Compromised User Records
TikTok, AliExpress, SHEIN & Co surrender Europeans’ data to authoritarian China
Mad at Meta? Don’t Let Them Collect and Monetize Your Personal Data
CISA unveils ‘Secure by Demand’ guidelines to bolster OT security
Opening the AI Black Box: Scientists use math to peek inside how artificial intelligence makes decisions
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)