A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.
If you want to also receive for free the newsletter with the international press subscribe here.
NCA infiltrates the cybercriminal underground with fake DDoS-for-hire sitesPwn2Own Vancouver 2023 awarded $1,035,000 and a Tesla for 27 0-daysCISA announced the Pre-Ransomware Notifications initiativeChina-linked hackers target telecommunication providers in the Middle EastCity of Toronto is one of the victims hacked by Clop gang using GoAnywhere zero-dayCritical flaw in WooCommerce Payments plugin allows site takeoverPwn2Own Vancouver 2023 Day 2: Microsoft Teams, Oracle VirtualBox, and Tesla hackedExperts published PoC exploit code for Veeam Backup & Replication bugCisco fixed multiple severe vulnerabilities in its IOS and IOS XE softwareNexus, an emerging Android banking Trojan targets 450 financial appsDole discloses data breach after February ransomware attackPwn2Own Vancouver 2023 Day 1: Windows 11 and Tesla hackedLionsgate streaming platform with 37m subscribers leaks user dataRogue ChatGPT extension FakeGPT hijacked Facebook accountsExperts released PoC exploits for severe flaws in Netgear Orbi routersENISA: Ransomware became a prominent threat against the transport sector in 2022BreachForums current Admin Baphomet shuts down BreachForumsIndependent Living Systems data breach impacts more than 4M individualsNew Bad Magic APT used CommonMagic framework in the area of Russo-Ukrainian conflictNew ShellBot bot targets poorly managed Linux SSH Servers2022 Zero-Day exploitation continues at a worrisome paceFerrari confirms data breach after receiving a ransom demand from an unnamed extortion groupCrooks stole more than $1.5M worth of Bitcoin from General Bytes ATMsAcropalypse flaw in Google Pixel’s Markup tool allowed the recovery of edited imagesThreat actors abuse Adobe Acrobat Sign to distribute RedLine info-stealerEmotet is back after a three-month hiatusPlay ransomware gang hit Dutch shipping firm Royal DirkzwagerLowe’s Market chain leaves client data up for grabsNBA is warning fans of a data breach after a third-party newsletter service hackInternational Press
Cybercrime
[Developing] BreachForums’ Alleged Admin Pompompurin Arrested, Dark Web ReactsLargest telecom in Guam starts restoring services after cyberattack
Dole Says Employee Information Compromised in Ransomware Attack
NCA infiltrates cyber crime market with disguised DDoS sites
DOJ says ‘millions’ of US citizens victimized by BreachForums administrator
FBI, CISA investigating cyberattack on Puerto Rico’s water authority
Hacking
(Ab)using Adobe Acrobat Sign to distribute malware
Exploiting aCropalypse: Recovering Truncated PNGs
External Trusts Are Evil
Vulnerability Spotlight: Netgear Orbi router vulnerable to arbitrary command execution
MojoBox: Yet-Another Not-So-SmartLock
PWN2OWN VANCOUVER 2023 – DAY THREE RESULTS
Malware
Emotet adopts Microsoft OneNote attachments
ShellBot Malware Being Distributed to Linux SSH Servers
“FakeGPT” #2: Open-Source Turned Malicious in Another Variant of the Facebook Account-Stealer Chrome Extension
Nexus: a new Android botnet?
Building a Custom Mach-O Memory Loader for macOS – Part 1
Intelligence and Information Warfare
Bad magic: new APT found in the area of Russo-Ukrainian conflict
German and South Korean Agencies Warn of Kimsuky’s Expanding Cyber Attack Tactics
Notorious SideCopy APT group sets sights on India’s DRDO
Operation Tainted Love | Chinese APTs Target Telcos in New Attacks
Cybersecurity
Move, Patch, Get Out the Way: 2022 Zero-Day Exploitation Continues at an Elevated Pace
UK issues strategy to protect National Health Service from cyberattacks
Understanding Cyber Threats in Transport
Lineup set for House talks on Section 702 surveillance law
Veeam Backup and Replication CVE-2023-27532 Deep Dive
Critical Vulnerability Discovered in WooCommerce Payments
Getting Ahead of the Ransomware Epidemic: CISA’s Pre-Ransomware Notifications Help Organizations Stop Attacks Before Damage Occurs
Russia’s Rostec allegedly can de-anonymize Telegram users
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, Moshen Dragon)
The post Security Affairs newsletter Round 412 by Pierluigi Paganini – International edition appeared first on Security Affairs.