Security Affairs newsletter Round 424 by Pierluigi Paganini – International edition

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Law enforcement shutdown a long-standing DDoS-for-hire serviceA Russian national charged for committing LockBit Ransomware attacksOil and gas giant Shell is another victim of Clop ransomware attacksProgress fixed a third flaw in MOVEit Transfer softwareUnveiling the Balada injector: a malware epidemic in WordPressChina-linked APT UNC3886 used VMware ESXi Zero-DayLLM meets Malware: Starting the Era of Autonomous ThreatMicrosoft Patch Tuesday for June 2023 fixes 6 critical flawsSt. Margaret’s Health is the first hospital to cite a cyberattack as a reason for its closureA database containing data of +8.9 million Zacks users was leaked onlineFortinet urges to patch the critical RCE flaw CVE-2023-27997 in Fortigate firewallsUK communications regulator Ofcom hacked with a MOVEit file transfer zero-dayExperts released PoC exploit for MOVEit Transfer CVE-2023-34362 flawIntellihartx data breach exposed the personal and health info of 490,000 individualsFUD Malware obfuscation engine BatCloak continues to evolveFortinet urges to patch a critical RCE flaw in Fortigate firewallsXplain data breach also impacted the national Swiss railway FSSMicrosoft warns of multi-stage AiTM phishing and BEC attacksPro-Ukraine Cyber Anarchy Squad claims the hack of the Russian telecom provider Infotel JSCUpdated Android spyware GravityRAT steals WhatsApp BackupsBarracuda ESG zero-day exploited by China-linked APTRussia-linked APT Gamaredon update TTPs in recent attacks against UkraineCybersecurity agencies published a joint LockBit ransomware advisoryMicrosoft links Cadet Blizzard APT to Russia’s military intelligence GRUCritical flaw found in WooCommerce Stripe Gateway Plugin used by +900K sitesCybercrime

Oil and gas giant Shell confirms it was impacted by Clop ransomware attacks  

Russian National Arrested and Charged with Conspiring to Commit LockBit Ransomware Attacks Against U.S. and Foreign Businesses  



Android GravityRAT goes after WhatsApp backups

LLM meets Malware: Starting the Era of Autonomous Threat

Reverse Engineering Terminator aka Zemana AntiMalware/AntiLogger Driver         

Understanding Ransomware Threat Actors: LockBit  


Two XSS Vulnerabilities in Azure with Embedded postMessage IFrames   

Intelligence and Information Warfare

Hackers hacked the websites of a Moscow provider and a number of Russian companies: they wish the Armed Forces of Ukraine success    

VMware ESXi Zero-Day Used by Chinese Espionage Actor to Perform Privileged Guest Operations on Compromised Hypervisors   

Spy agencies acquire commercial data with little coordination and few controls  

Cadet Blizzard emerges as a novel and distinct Russian threat actor  

Shuckworm: Inside Russia’s Relentless Cyber Campaign Against Ukraine

Barracuda ESG Zero-Day Vulnerability (CVE-2023-2868) Exploited Globally by Aggressive and Skilled Actor, Suspected Links to China        


An Illinois hospital is the first health care facility to link its closing to a ransomware attack  

The June 2023 Security Update Review    

Unauthenticated IDOR to PII Disclosure in WooCommerce Stripe Gateway Plugin  

MEPs ready to negotiate first-ever rules for safe and transparent AI  

CISA Instructs Federal Agencies to Secure Internet-Exposed Devices

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

The post Security Affairs newsletter Round 424 by Pierluigi Paganini – International edition appeared first on Security Affairs.