Security Affairs newsletter Round 424 by Pierluigi Paganini – International edition
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
Law enforcement shutdown a long-standing DDoS-for-hire serviceA Russian national charged for committing LockBit Ransomware attacksOil and gas giant Shell is another victim of Clop ransomware attacksProgress fixed a third flaw in MOVEit Transfer software
Unveiling the Balada injector: a malware epidemic in WordPressChina-linked APT UNC3886 used VMware ESXi Zero-DayLLM meets Malware: Starting the Era of Autonomous ThreatMicrosoft Patch Tuesday for June 2023 fixes 6 critical flawsSt. Margaret’s Health is the first hospital to cite a cyberattack as a reason for its closureA database containing data of +8.9 million Zacks users was leaked onlineFortinet urges to patch the critical RCE flaw CVE-2023-27997 in Fortigate firewallsUK communications regulator Ofcom hacked with a MOVEit file transfer zero-dayExperts released PoC exploit for MOVEit Transfer CVE-2023-34362 flawIntellihartx data breach exposed the personal and health info of 490,000 individuals
FUD Malware obfuscation engine BatCloak continues to evolveFortinet urges to patch a critical RCE flaw in Fortigate firewallsXplain data breach also impacted the national Swiss railway FSSMicrosoft warns of multi-stage AiTM phishing and BEC attacksPro-Ukraine Cyber Anarchy Squad claims the hack of the Russian telecom provider Infotel JSCUpdated Android spyware GravityRAT steals WhatsApp BackupsBarracuda ESG zero-day exploited by China-linked APTRussia-linked APT Gamaredon update TTPs in recent attacks against UkraineCybersecurity agencies published a joint LockBit ransomware advisoryMicrosoft links Cadet Blizzard APT to Russia’s military intelligence GRUCritical flaw found in WooCommerce Stripe Gateway Plugin used by +900K sites
Cybercrime
Oil and gas giant Shell confirms it was impacted by Clop ransomware attacks
DETAINED FOR DDOS ATTACKS AS PART OF THE NEXT EDITION OF THE INTERNATIONAL “POWER OFF” OPERATION
Malware
Android GravityRAT goes after WhatsApp backups
LLM meets Malware: Starting the Era of Autonomous Threat
Reverse Engineering Terminator aka Zemana AntiMalware/AntiLogger Driver
Understanding Ransomware Threat Actors: LockBit
Hacking
Two XSS Vulnerabilities in Azure with Embedded postMessage IFrames
Intelligence and Information Warfare
Spy agencies acquire commercial data with little coordination and few controls
Cadet Blizzard emerges as a novel and distinct Russian threat actor
Shuckworm: Inside Russia’s Relentless Cyber Campaign Against Ukraine
Cybersecurity
An Illinois hospital is the first health care facility to link its closing to a ransomware attack
The June 2023 Security Update Review
Unauthenticated IDOR to PII Disclosure in WooCommerce Stripe Gateway Plugin
MEPs ready to negotiate first-ever rules for safe and transparent AI
CISA Instructs Federal Agencies to Secure Internet-Exposed Devices
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, newsletter)
The post Security Affairs newsletter Round 424 by Pierluigi Paganini – International edition appeared first on Security Affairs.