Security Affairs newsletter Round 428 by Pierluigi Paganini – International edition

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Russia-linked APT Gamaredon starts stealing data from victims between 30 and 50 minutes after the initial compromiseThe source code of the BlackLotus UEFI Bootkit was leaked on GitHubUS CISA warns of Rockwell Automation ControlLogix flawsIndexing Over 15 Million WordPress Websites with PWNPressNew AVrecon botnet remained under the radar for two years while targeting SOHO RoutersApple re-released Rapid Security Response to fix recently disclosed zero-dayZimbra urges customers to manually fix actively exploited zero-day reported by Google TAGChinese hackers compromised emails of U.S. Government agenciesSonicWall urges organizations to fix critical flaws in GMS/Analytics productsCitrix fixed a critical flaw in Secure Access Client for UbuntuCl0p hacker operating from Russia-Ukraine war front line – exclusiveFortinet fixed a critical flaw in FortiOS and FortiProxyMicrosoft mitigated an attack by Chinese threat actor Storm-0558Unpatched Office zero-day CVE-2023-36884 actively exploited in targeted attacksHCA Healthcare data breach impacted 11 million patientsApple issued Rapid Security Response updates to fix a zero-day but pulled them due to a Safari bugVMware warns customers of exploit available for critical vRealize RCE flaw CVE-2023-20864Cybercriminals Evolve Antidetect Tooling for Mobile OS-Based FraudExperts released PoC exploit for Ubiquiti EdgeRouter flawRomCom RAT attackers target groups supporting NATO membership of UkraineA flaw in Revolut US payments resulted in the theft of $20 MillionFrance’s government is giving the police more surveillance powerTwo spyware sending data of more than 1.5M users to China were found in Google Play StoreCybercrime

Cybercriminals Evolve Antidetect Tooling For Mobile OS-Based Fraud  

Storm-0978 attacks reveal financial and espionage motives  

Cl0p hacker operating from Russia-Ukraine war front line – exclusive  

UK battles hacking wave as ransomware gang claims ‘biggest ever’ NHS breach

Deutsche Bank confirms provider breach exposed customer data


Two spyware tied with China found hiding on the Google Play Store  

The Turkish Government Masqueraded Site Distributing Android RAT 

Routers From The Underground: Exposing AVrecon  

BlackLotus UEFI Bootkit Source Code Leaked on GitHub


Report: Revolut US Payments Flaw Leads to $20 Million Theft

AWS CodeBuild + S3 == Privilege Escalation

Game Hacking 101: Unleashing the Power of Memory Manipulation  


Exploit Code Published for Remote Root Flaw in VMware Logging Software    

Dragos Enabled Defense Against APT Exploits for Rockwell Automation ControlLogix

         Intelligence and Information Warfare

France set to allow police to spy through phones

RomCom Threat Actor Suspected of Targeting Ukraine’s NATO Membership Talks at the NATO Summit   

Mitigation for China-Based Threat Actor Activity   

How a Cloud Flaw Gave Chinese Spies a Key to Microsoft’s Kingdom 

CISA and FBI Release Cybersecurity Advisory on Enhanced Monitoring to Detect APT Activity Targeting Outlook Online

Chinese hackers breach email of Commerce Secretary Raimondo and State Department officials       

Summary information on the activities of the UAC-0010 group as of July 2023  


Microsoft mitigates China-based threat actor Storm-0558 targeting of customer email   

White House unveils ‘roadmap’ for national cyber strategy goals   

Zimbra urges admins to manually fix zero-day exploited in attacks

CISA Releases One Industrial Control Systems Advisory  

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

The post Security Affairs newsletter Round 428 by Pierluigi Paganini – International edition appeared first on Security Affairs.