Security Affairs newsletter Round 447 by Pierluigi Paganini – INTERNATIONAL EDITION

Pierluigi Paganini November 26, 2023

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Rhysida ransomware gang claimed China Energy hack
North Korea-linked APT Lazarus is using a MagicLine4NX zero-day flaw in supply chain attack
Hamas-linked APT uses Rust-based SysJoker backdoor against Israel
App used by hundreds of schools leaking children’s data
Microsoft launched its new Microsoft Defender Bounty Program
Exposed Kubernetes configuration secrets can fuel supply chain attacks
North Korea-linked Konni APT uses Russian-language weaponized documents
MALWARE
ClearFake campaign spreads macOS AMOS information stealer
Welltok data breach impacted 8.5 million patients in the U.S.
North Korea-linked APT Diamond Sleet supply chain attack relies on CyberLink software
New InfectedSlurs Mirai-based botnet exploits two zero-days
SiegedSec hacktivist group hacked Idaho National Laboratory (INL)
CISA adds Looney Tunables Linux bug to its Known Exploited Vulnerabilities catalog
Enterprise software provider TmaxSoft leaks 2TB of data
Citrix provides additional measures to address Citrix Bleed
Tor Project removed several relays associated with a suspicious cryptocurrency scheme
Experts warn of a surge in NetSupport RAT attacks against education and government sectors
Canadian government impacted by data breaches of two of its contractors
Rhysida ransomware gang is auctioning data stolen from the British Library
Russia-linked APT29 group exploited WinRAR 0day in attacks against embassies
DarkCasino joins the list of APT groups exploiting WinRAR zero-day
US teenager pleads guilty to his role in credential stuffing attack on a betting site
8Base ransomware operators use a new variant of the Phobos ransomware

Cybercrime

Illicit Financial Flows from Cyber-Enabled Fraud

   

  

   

Malware

  

 

   

   

  

  

   

Hacking

    

 

ADVANCED FUZZING UNMASKS ELUSIVE VULNERABILITIES  

      

 

           

Intelligence and Information Warfare

Europol sets up OSINT taskforce to support investigations into war crimes committed in Ukraine   

DPRK state-linked cyber actors conduct software supply chain attacks

        

  

Cybersecurity

  

Message to current and former public service employees and members of the Canadian Armed Forces and Royal Canadian Mounted Police   

   

  

iOS 15 Image Forensics Analysis and Tools Comparison – Browsers, Mail Clients, and Productivity apps  

      

  

Follow me on Twitter: and and Mastodon

(SecurityAffairs – hacking, newsletter)



you might also like

leave a comment