Security Affairs newsletter Round 455 by Pierluigi Paganini – INTERNATIONAL EDITION

Pierluigi Paganini January 21, 2024

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Admin of the BreachForums hacking forum sentenced to 20 years supervised release
Russia-linked Midnight Blizzard APT hacked Microsoft corporate emails
VF Corp December data breach impacts 35 million customers
China-linked APT UNC3886 exploits VMware zero-day since 2021
Ransomware attacks break records in 2023: the number of victims rose by 128%
U.S. CISA warns of actively exploited Ivanti EPMM flaw CVE-2023-35082
The Quantum Computing Cryptopocalypse – I’ll Know It When I See It
Kansas State University suffered a serious cybersecurity incident
CISA adds Chrome and Citrix NetScaler to its Known Exploited Vulnerabilities catalog
Google TAG warns that Russian COLDRIVER APT is using a custom backdoor
PixieFail: Nine flaws in UEFI open-source reference implementation could have severe impacts
iShutdown lightweight method allows to discover spyware infections on iPhones
Pro-Russia group hit Swiss govt sites after Zelensky visit in Davos
Github rotated credentials after the discovery of a vulnerability
FBI, CISA warn of AndroxGh0st botnet for victim identification and exploitation
Citrix warns admins to immediately patch NetScaler for actively exploited zero-days
Google fixed the first actively exploited Chrome zero-day of 2024
Atlassian fixed critical RCE in older Confluence versions
VMware fixed a critical flaw in Aria Automation. Patch it now!
Experts warn of mass exploitation of Ivanti Connect Secure VPN flaws
Experts warn of a vulnerability affecting Bosch BCC100 Thermostat
Over 178,000 SonicWall next-generation firewalls (NGFW) online exposed to hack
Phemedrone info stealer campaign exploits Windows smartScreen bypass
Balada Injector continues to infect thousands of WordPress sites
Attackers target Apache Hadoop and Flink to deliver cryptominers
Apple fixed a bug in Magic Keyboard that allows to monitor Bluetooth traffic
Attacks against Denmark ‘s energy sector were not carried out by Russia-linked APT
Mastermind behind 1.8 million cryptojacking scheme arrested in Ukraine

Cybercrime

Cryptojacker arrested in Ukraine over EUR 1.8 million mining scheme  

  

  

  

Malware

      

  

  

  

  

Hacking

  

  

  

  

  

   

    

 

Intelligence and Information Warfare 

    

 

Russian threat group COLDRIVER expands its targeting of Western officials to include the use of malware

  

Cybersecurity

Analysis of Android settings during a forensic investigation  

Rotating credentials for GitHub.com and new GHES patches  

      

  

Follow me on Twitter:  and  and Mastodon

(SecurityAffairs – hacking, newsletter)



you might also like

leave a comment