Security Affairs newsletter Round 445 by Pierluigi Paganini – INTERNATIONAL EDITION

Pierluigi Paganini November 12, 2023

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Police seized BulletProftLink phishing-as-a-service (PhaaS) platform
Serbian pleads guilty to running ‘Monopoly’ dark web drug market
McLaren Health Care revealed that a data breach impacted 2.2 million people
After ChatGPT, Anonymous Sudan took down the Cloudflare website
Industrial and Commercial Bank of China (ICBC) suffered a ransomware attack
SysAid zero-day exploited by Clop ransomware group
Dolly.com pays ransom, attackers release data anyway
DDoS attack leads to significant disruption in ChatGPT services
Russian Sandworm disrupts power in Ukraine with a new OT attack
CISA adds SLP flaw to its Known Exploited Vulnerabilities catalog
The largest Russian bank Sberbank hit by a massive DDoS attack
Sumo Logic discloses security breach and recommends customers rotate credentials
FBI: Ransomware actors abuse third parties and legitimate system tools for initial access
Five Canadian Hospitals impacted by a ransomware attack on TransForm provider
Royal Mail jeopardizes users with open redirect flaw
North Korea-linked APT BlueNoroff used new macOS malware ObjCShellz
Marina Bay Sands Luxury Hotel in Singapore Suffers a Data Breach
Veeam fixed multiple flaws in Veeam ONE, including critical issues
Pro-Palestinian hackers group ‘Soldiers of Solomon’ disrupted the production cycle of the biggest flour production plant in Israel
Iranian Agonizing Serpens APT is targeting Israeli entities with destructive cyber attacks
Critical Confluence flaw exploited in ransomware attacks
QNAP fixed two critical vulnerabilities in QTS OS and apps
Attackers use Google Calendar RAT to abuse Calendar service as C2 infrastructure
Socks5Systemz proxy service delivered via PrivateLoader and Amadey
US govt sanctioned a Russian woman for laundering virtual currency on behalf of threat actors
Lazarus targets blockchain engineers with new KandyKorn macOS Malware

Cybercrime

  

   

 

How a ‘Refund Fraud’ Gang Stole $700,000 From Amazon

Info from 5.6 million patient visits among data stolen in ransomware attack on Ontario hospitals

Cyber-attacks: the apex of crime-as-a-service

    

  

  

  

IGP: Police arrest eight people in international syndicate which developed phishing templates to dupe victims [UPDATED]   

Malware

   

   

    

  

  

Hacking

  

  

OST2, Zephyr RTOS, and a bunch of CVEs 

Sberbank faced the most powerful DDoS attack about two weeks ago  

Intelligence and Information Warfare

  

        

Cybersecurity

Google eighth Threat Horizons report is released

AI Cameras Took Over One Small American Town. Now They’re Everywhere

    

  

  

Follow me on Twitter: and and Mastodon

(SecurityAffairs – hacking, newsletter)



you might also like

leave a comment