Security Affairs newsletter Round 417 by Pierluigi Paganini – International edition
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
ViperSoftX uses more sophisticated encryption and anti-analysis techniquesAtomic macOS Stealer is advertised on Telegram for $1,000 per monthCISA warns of a critical flaw affecting Illumina medical devicesOpenAI reinstates ChatGPT service in Italy after meeting Garante Privacy’s demandsCisco discloses a bug in the Prime Collaboration Deployment solutionZyxel fixed a critical RCE flaw in its firewall devices and urges customers to install the patchesUkraine cyber police arrested a man for selling data of 300M peopleGoogle obtained a temporary court order against CryptBot distributorsResearchers found the first Linux variant of the RTM lockerCrooks use PaperCut exploits to deliver Cl0p and LockBit ransomware
CryptoRom: OkCupid scam cost Florida man $480k – we followed the money to BinanceIranian Charming Kitten APT used a new BellaCiao malware in recent wave of attacksChina-linked Alloy Taurus APT uses a Linux variant of PingPull malwareA component in Huawei network appliances could be used to take down Germany’s telecoms networksThousands of publicly-exposed Apache Superset installs exposed to RCE attacksPro-Russia hacking group executed a disruptive attack against a Canadian gas pipelineSLP flaw allows DDoS attacks with an amplification factor as high as 2200 timesVMware addressed two zero-day flaws demonstrated at Pwn2Own Vancouver 2023A new Mirai botnet variant targets TP-Link Archer A21Google researchers found multiple security issues in Intel TDX
Google Authenticator App now supports Google Account synchronizationPeugeot leaks access to user information in South AmericaNorth Korea-linked BlueNoroff APT is behind the new RustBucket Mac MalwareAuKill tool uses BYOVD attack to disable EDR softwareExperts released PoC Exploit code for actively exploited PaperCut flawEvilExtractor, a new All-in-One info stealer appeared on the Dark WebRussian cybercrime group likely behind ongoing exploitation of PaperCut flawsHackers can hack organizations using data found on their discarded enterprise network equipmentHealth insurer Point32Health suffered a ransomware attackExperts spotted first-ever crypto mining campaign leveraging Kubernetes RBAC
International Press
Continuing our work to hold cybercriminal ecosystems accountable
First draft of controversial UN Cybercrime Treaty slated for June
Hacking
First-Ever Attack Leveraging Kubernetes RBAC to Backdoor Clusters
Hacker Group Names Are Now Absurdly Out of Control
Critical vulnerabilities in papercut print management software
PaperCut CVE-2023-27350 Deep Dive and Indicators of Compromise
Compromising Garmin’s Sport Watches: A Deep Dive into GarminOS and its MonkeyC Virtual Machine
Cyberattacks on Canada’s gas infrastructure left ‘no physical damage,’ Trudeau says
CVE-2023-27524: Insecure Default Configuration in Apache Superset Leads to Remote Code Execution
EvilExtractor – All-in-One Stealer
‘AuKill’ EDR killer malware abuses Process Explorer driver
Chinese Alloy Taurus Updates PingPull Malware
RTM Locker Ransomware as a Service (RaaS) Now Suits Up for Linux Architecture
Threat Actor Selling New Atomic macOS (AMOS) Stealer on Telegram
Citrix Users at Risk: AresLoader Spreading Through Disguised GitLab Repo
Intelligence and Information Warfare
BlueNoroff APT group targets macOS with ‘RustBucket’ Malware
TP-LINK WAN-SIDE VULNERABILITY CVE-2023-1389 ADDED TO THE MIRAI BOTNET ARSENAL
Leaked Pentagon Documents Reveal Secrets About Friends and Foes
How China’s Huawei spooked Germany into launching a probe
Unpacking BellaCiao: A Closer Look at Iran’s Latest Malware
Cybersecurity
Discarded, not destroyed: Old routers reveal corporate secrets
Google Authenticator now supports Google Account synchronization
Intel Trust Domain Extensions (TDX) Security Review
New high-severity vulnerability (CVE-2023-29552) discovered in the Service Location Protocol (SLP)
South Korea, US agree to cooperate on cybersecurity and combating North Korean digital heists
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Please vote for Security Affairs (https://securityaffairs.com/) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS
Vote for me in the sections:
The Teacher – Most Educational Blog
The Entertainer – Most Entertaining Blog
The Tech Whizz – Best Technical Blog
Best Social Media Account to Follow (@securityaffairs)
Please nominate Security Affairs as your favorite blog.
Nominate here: https://docs.google.com/forms/d/e/1FAIpQLSfaFMkrMlrLhOBsRPKdv56Y4HgC88Bcji4V7OCxCm_OmyPoLw/viewform
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, newsletter)
The post Security Affairs newsletter Round 417 by Pierluigi Paganini – International edition appeared first on Security Affairs.