Security Affairs newsletter Round 483 by Pierluigi Paganini – INTERNATIONAL EDITION

Pierluigi Paganini August 04, 2024

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

US sued TikTok and ByteDance for violating children’s privacy laws
Russia-linked APT used a car for sale as a phishing lure to target diplomats with HeadLace malware
Investors sued CrowdStrike over false claims about its Falcon platform
Avtech camera vulnerability actively exploited in the wild, CISA warns
Over 20,000 internet-exposed VMware ESXi instances vulnerable to CVE-2024-37085
Pharma Giant Cencora confirmed the theft of personal and health information
Apple fixed dozens of vulnerabilities in iOS and macOS
Phishing campaigns target SMBs in Poland, Romania, and Italy with multiple malware families
A Fortune 50 company paid a record-breaking $75 million ransom
CISA adds VMware ESXi bug to its Known Exploited Vulnerabilities catalog
Mandrake Android spyware found in five apps in Google Play with over 32,000 downloads since 2022
SideWinder phishing campaign targets maritime facilities in multiple countries
A crafty phishing campaign targets Microsoft OneDrive users
Ransomware gangs exploit recently patched VMware ESXi bug CVE-2024-37085
Acronis Cyber Infrastructure bug actively exploited in the wild
Fake Falcon crash reporter installer used to target German Crowdstrike users
Belarus-linked APT Ghostwriter targeted Ukraine with PicassoLoader malware
French authorities launch disinfection operation to eradicate PlugX malware from infected hosts

International Press – Newsletter

Cybercrime  

      

     

   

 

Malware

Unplugging PlugX: Sinkholing the PlugX USB worm botnet  

  

  

BITS and Bytes: Analyzing BITSLOTH, a newly identified backdoor

Hacking

SeleniumGreed: Threat actors exploit exposed Selenium Grid services for Cryptomining  

 

 

“EchoSpoofing” — A Massive Phishing Campaign Exploiting Proofpoint’s Email Protection to Dispatch Millions of Perfectly Spoofed Emails 

     

 

  

 

  

Intelligence and Information Warfare 

  

 

  

Cybersecurity

  

  

UK calls out China state-affiliated actors for malicious cyber targeting of UK democratic institutions and parliamentarians        

     

  

Follow me on Twitter:  and  and Mastodon

(SecurityAffairs – hacking, newsletter)



you might also like

leave a comment