Your hacker Blog

Security Affairs newsletter Round 427 by Pierluigi Paganini – International edition

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Google addressed 3 actively exploited flaws in AndroidIran-linked APT TA453 targets Windows and macOS systemsBangladesh government website leaked data of millions of citizensA man has been charged with a cyber attack on the Discovery Bay water treatment facilityProgress warns customers of a new critical flaw in MOVEit Transfer softwareCISA and FBI warn of Truebot infecting US and Canada based organizationsCisco warns of a flaw in Nexus 9000 series switches that allows modifying encrypted trafficStackRot, a new Linux Kernel privilege escalation vulnerabilityRansomware accounts for 54% of cyber threats in the health sectorCVE-2022-29303 flaw in SolarView product can be exploited in attacks against the energy sectorRedEnergy Stealer-as-a-Ransomware employed in attacks in the wildThe Port of Nagoya, the largest Japanese port, suffered a ransomware attackNoName(057)16’s DDoSia Project’s gets an upgradeSwedish data protection authority rules against the use of Google AnalyticsMOVEit attack on Aon exposed data of the staff at the Dublin AirportNeo_Net runs eCrime campaign targeting clients of banks globallyHackers stole millions of dollars worth of crypto assets from Poly Network platform335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997Anonymous Sudan claims to have stolen 30 million Microsoft’s customer accountsSmugX: Chinese APT uses HTML smuggling to target European Ministries and embassiesThe Impacts of Data Loss on Your OrganizationCISA adds Samsung and D-link bugs to its Known Exploited Vulnerabilities catalogNew Windows Meduza Stealer targets tens of crypto wallets and password managersExperts detected a new variant of North Korea-linked RUSTBUCKET macOS malwareWordPress sites using the Ultimate Member plugin are under attackCybercrime

Malvertising Used as Entry Vector for BlackCat, Actors Also Leverage SpyBoy Terminator  

Neo_Net | The Kingpin of Spanish eCrime  

The #Port of #Nagoya, the largest Japanese port, suffered a #ransomware attack

Tracy Resident Charged With Computer Attack On Discovery Bay Water Treatment Facility  

Malware

The DPRK strikes using a new variant of RUSTBUCKET 

Meduza Stealer: What Is It & How Does It Work? 

Ransomware Redefined: RedEnergy Stealer-as-a-Ransomware attacks  

MAR-10445155-1.v1 Truebot Activity Infects U.S. and Canada Based Networks

Hacking

CVE-2023-27997 Is Exploitable, and 69% of FortiGate Firewalls Are Vulnerable  

Dublin Airport staff pay data ‘compromised’ by criminals 

Following NoName057(16) DDoSia Project’s Targets  

Actively Exploited Industrial Control Systems Hardware – SolarView Series   

Intelligence and Information Warfare

CHINESE THREAT ACTORS TARGETING EUROPE IN SMUGX CAMPAIGN  

Welcome to New York: Exploring TA453’s Foray into LNKs and Mac Malware  

Cybersecurity

Four companies must stop using Google Analytics  

Health Threat Landscape  

Researchers Uncover New Linux Kernel ‘StackRot’ Privilege Escalation VulnerabilityBangladesh government website leaks citizens’ personal data

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

The post Security Affairs newsletter Round 427 by Pierluigi Paganini – International edition appeared first on Security Affairs.