A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
Russia-linked APT Gamaredon starts stealing data from victims between 30 and 50 minutes after the initial compromiseThe source code of the BlackLotus UEFI Bootkit was leaked on GitHubUS CISA warns of Rockwell Automation ControlLogix flawsIndexing Over 15 Million WordPress Websites with PWNPressNew AVrecon botnet remained under the radar for two years while targeting SOHO RoutersApple re-released Rapid Security Response to fix recently disclosed zero-dayZimbra urges customers to manually fix actively exploited zero-day reported by Google TAGChinese hackers compromised emails of U.S. Government agenciesSonicWall urges organizations to fix critical flaws in GMS/Analytics productsCitrix fixed a critical flaw in Secure Access Client for UbuntuCl0p hacker operating from Russia-Ukraine war front line – exclusiveFortinet fixed a critical flaw in FortiOS and FortiProxyMicrosoft mitigated an attack by Chinese threat actor Storm-0558Unpatched Office zero-day CVE-2023-36884 actively exploited in targeted attacksHCA Healthcare data breach impacted 11 million patientsApple issued Rapid Security Response updates to fix a zero-day but pulled them due to a Safari bugVMware warns customers of exploit available for critical vRealize RCE flaw CVE-2023-20864Cybercriminals Evolve Antidetect Tooling for Mobile OS-Based FraudExperts released PoC exploit for Ubiquiti EdgeRouter flawRomCom RAT attackers target groups supporting NATO membership of UkraineA flaw in Revolut US payments resulted in the theft of $20 MillionFrance’s government is giving the police more surveillance powerTwo spyware sending data of more than 1.5M users to China were found in Google Play StoreCybercrime
Cybercriminals Evolve Antidetect Tooling For Mobile OS-Based Fraud
Storm-0978 attacks reveal financial and espionage motives
Cl0p hacker operating from Russia-Ukraine war front line – exclusive
UK battles hacking wave as ransomware gang claims ‘biggest ever’ NHS breach
Deutsche Bank confirms provider breach exposed customer data
Malware
Two spyware tied with China found hiding on the Google Play Store
The Turkish Government Masqueraded Site Distributing Android RAT
Routers From The Underground: Exposing AVrecon
BlackLotus UEFI Bootkit Source Code Leaked on GitHub
Hacking
Report: Revolut US Payments Flaw Leads to $20 Million Theft
AWS CodeBuild + S3 == Privilege Escalation
Game Hacking 101: Unleashing the Power of Memory Manipulation
SSD ADVISORY – EDGEROUTERS AND AIRCUBE MINIUPNPD HEAP OVERFLOW
Exploit Code Published for Remote Root Flaw in VMware Logging Software
Dragos Enabled Defense Against APT Exploits for Rockwell Automation ControlLogix
Intelligence and Information Warfare
France set to allow police to spy through phones
RomCom Threat Actor Suspected of Targeting Ukraine’s NATO Membership Talks at the NATO Summit
Mitigation for China-Based Threat Actor Activity
How a Cloud Flaw Gave Chinese Spies a Key to Microsoft’s Kingdom
CISA and FBI Release Cybersecurity Advisory on Enhanced Monitoring to Detect APT Activity Targeting Outlook Online
Chinese hackers breach email of Commerce Secretary Raimondo and State Department officials
Summary information on the activities of the UAC-0010 group as of July 2023
Cybersecurity
Microsoft mitigates China-based threat actor Storm-0558 targeting of customer email
White House unveils ‘roadmap’ for national cyber strategy goals
Zimbra urges admins to manually fix zero-day exploited in attacks
CISA Releases One Industrial Control Systems Advisory
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)
The post Security Affairs newsletter Round 428 by Pierluigi Paganini – International edition appeared first on Security Affairs.