A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
Abandoned Eval PHP WordPress plugin abused to backdoor websitesCISA adds MinIO, PaperCut, and Chrome bugs to its Known Exploited Vulnerabilities catalogAt least 2 critical infrastructure orgs breached by North Korea-linked hackers behind 3CX attackAmerican Bar Association (ABA) suffered a data breach,1.4 million members impactedPro-Russia hackers launched a massive attack against the EUROCONTROL agencyCisco fixed critical flaws in the Industrial Network Director and Modeling Labs solutionsIntro to phishing: simulating attacks to build resiliencyMultinational ICICI Bank leaks passports and credit card numbersVMware fixed a critical flaw in vRealize that allows executing arbitrary code as rootLazarus APT group employed Linux Malware in recent attacks and was linked to 3CX supply chain attackExperts disclosed two critical flaws in Alibaba cloud database servicesGoogle TAG warns of Russia-linked APT groups targeting UkraineTrigona Ransomware targets Microsoft SQL serversRussian national sentenced to time served for committing money laundering for the Ryuk ransomware operationGoogle fixed the second actively exploited Chrome zero-day of 2023US and UK agencies warn of Russia-linked APT28 exploiting Cisco router flawsIran-linked Mint Sandstorm APT targeted US critical infrastructurePWNYOURHOME, FINDMYPWN, LATENTIMAGE: 3 iOS Zero-Click exploits used by NSO Group in 2022Experts temporarily disrupted the RedLine Stealer operationsCISA adds bugs in Chrome and macOS to its Known Exploited Vulnerabilities catalogThe intricate relationships between the FIN7 group and members of the Conti ransomware gangIsraeli surveillance firm QuaDream is shutting down amidst spyware accusationsNew QBot campaign delivered hijacking business correspondenceChina-linked APT41 group spotted using open-source red teaming tool GC2Vice Society gang is using a custom PowerShell tool for data exfiltrationExperts warn of an emerging Python-based credential harvester named LegionExperts found the first LockBit encryptor that targets macOS systemsNCR was the victim of BlackCat/ALPHV ransomware gangRemcos RAT campaign targets US accounting and tax return preparation firmsInternational Press
Cybercrime
NCR suffers Aloha POS outage after BlackCat ransomware attack
Capita IT breach gets worse as Black Basta claims it’s now selling off stolen data
Ex-Conti and FIN7 Actors Collaborate with New Domino Backdoor
Takedown of GitHub Repositories Disrupts RedLine Malware Operations
Hacking
Legion: an AWS Credential Harvester and SMTP Hijacker
Russian Man Who Laundered Money for Ryuk Ransomware Gang Sentenced
#BrokenSesame: Accidental ‘write’ permissions to private registry allowed potential RCE to Alibaba Cloud Database Services
European air traffic control agency’s website under cyber attack from pro-Russian hackers: Report
X_Trader Supply Chain Attack Affects Critical Infrastructure Organizations in U.S. and Europe
Massive Abuse of Abandoned Eval PHP WordPress Plugin
Malware
The LockBit ransomware (kinda) comes for macOS
Vice Society: A Tale of Victim Data Exfiltration via PowerShell, aka Stealing off the Land
QBot banker delivered through business correspondence
Trigona Ransomware Attacking MS-SQL Servers
Triple Threat NSO Group’s Pegasus Spyware Returns in 2022 with a Trio of iOS 15 and iOS 16 Zero-Click Exploit Chains
Intelligence and Information Warfare
Threat Horizons April 2023 Threat Horizons Report
Online Gaming Chats Have Long Been Spy Risk for US Military
DOJ charges 34 with operating Chinese gov’t troll farm that harassed dissidents
The NTC Vulkan Files: Implications for Cybersecurity and Businesses
Nation-state threat actor Mint Sandstorm refines tradecraft to attack high-value targets
State-sponsored campaigns target global network infrastructure
APT28 Exploits Known Vulnerability to Carry Out Reconnaissance and Deploy Malware on Cisco Routers
Ukraine remains Russia’s biggest cyber focus in 2023
Linux malware strengthens links between Lazarus and the 3CX supply‑chain attack
Cybersecurity
Offensive cyber company QuaDream shutting down amidst spyware accusations
Questions and Answers: Cyber: towards stronger EU capabilities for effective operational cooperation, solidarity and resilience
Google Chrome Hit by Second Zero-Day Attack – Urgent Patch Update Released
AI security concerns in a nutshell – Practical AI Security guide
WhatsApp and Signal unite against online safety bill amid privacy concerns
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Please vote for Security Affairs (https://securityaffairs.com/) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERSVote for me in the sections:
The Teacher – Most Educational Blog
The Entertainer – Most Entertaining Blog
The Tech Whizz – Best Technical Blog
Best Social Media Account to Follow (@securityaffairs)
Please nominate Security Affairs as your favorite blog.
Nominate here: https://docs.google.com/forms/d/e/1FAIpQLSfaFMkrMlrLhOBsRPKdv56Y4HgC88Bcji4V7OCxCm_OmyPoLw/viewform
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)
The post Security Affairs newsletter Round 416 by Pierluigi Paganini – International edition appeared first on Security Affairs.