A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. WordPress LiteSpeed Cache plugin flaw could allow site takeover Apple iOS 18.0.1 and iPadOS 18.0.1 fix media session […] A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. WordPress LiteSpeed Cache plugin flaw could allow site takeoverApple iOS 18.0.1 and iPadOS 18.0.1 fix media session and passwords bugsGoogle removed Kaspersky’s security apps from the Play StoreNew Perfctl Malware targets Linux servers in cryptomining campaignMicrosoft and DOJ seized the attack infrastructure used by Russia-linked Callisto GroupDutch police breached by a state actorThousands of Adobe Commerce e-stores hacked by exploiting the CosmicSting bugCloudflare mitigated new record-breaking DDoS attack of 3.8 TbpsTelegram revealed it shared U.S. user data with law enforcementU.S. CISA adds Ivanti Endpoint Manager (EPM) flaw to its Known Exploited Vulnerabilities catalog14 New DrayTek routers’ flaws impacts over 700,000 devices in 168 countriesRhadamanthys information stealer introduces AI-driven capabilitiesCritical Zimbra Postjournal flaw CVE-2024-45519 actively exploited in the wild. Patch it now!Police arrested four new individuals linked to the LockBit ransomware operationUMC Health System diverted patients following a ransomware attackU.S. CISA adds D-Link DIR-820 Router, DrayTek Multiple Vigor Router, Motion Spell GPAC, SAP Commerce Cloud bugs to its Known Exploited Vulnerabilities catalogNews agency AFP hit by cyberattack, client services impactedNorth Korea-linked APT Kimsuky targeted German defense firm Diehl DefencePatelco Credit Union data breach impacted over 1 million peopleCommunity Clinic of Maui discloses a data breach following May Lockbit ransomware attackA British national has been charged for his execution of a hack-to-trade schemeCritical NVIDIA Container Toolkit flaw could allow access to the underlying hostIsrael army hacked the communication network of the Beirut Airport control tower International Press Newsletter Cybercrime U.K. National Charged with Multimillion-Dollar Hack-to-Trade Fraud Scheme Crooked Cops, Stolen Laptops & the Ghost of UGNazi Investigating Infrastructure and Tactics of Phishing-as-a-Service Platform Sniper Dz Police arrest four suspects linked to LockBit ransomware gang How the FBI and Mandiant caught a ‘serial hacker’ who tried to fake his own death FIN7 hosting honeypot domains with malicious AI DeepNude Generators New Silent Push research Arrests in international operation targeting cybercriminals in West Africa A Single Cloud Compromise Can Feed an Army of AI Sex Bots Pig Butchering Alert: Fraudulent Trading App targeted iOS and Android users Fraudsters imprisoned for scamming Apple out of 6,000 iPhones Malware Rhadamanthys Stealer Adds Innovative AI Feature in Version 0.7.0 Threat Actors leverage Docker Swarm and Kubernetes to mine cryptocurrency at scale Crypto-Stealing Code Lurking in Python Package Dependencies Fake browser updates spread updated WarmCookie malware Hacking Demystifying Physical Memory Primitive Exploitation on Windows Trojan cars: Why the US fears Chinese cyberattacks on electric vehicles Wiz Research Finds Critical NVIDIA AI Vulnerability Affecting Containers Using NVIDIA GPUs, Including Over 35% of Cloud Environments Zimbra – Remote Command Execution (CVE-2024-45519) Critical Zimbra Vulnerability Exploited One Day After PoC Release Zero-Day Breach at Rackspace Sparks Vendor Blame Game Thousands of Adobe Commerce stores hacked in competing CosmicSting campaigns Unauthenticated Stored XSS Vulnerability in LiteSpeed Cache Plugin Affecting 6+ Million Sites Intelligence and Information Warfare Israel reportedly hacks Beirut airport control tower, warns Iranian plane not to land Army to close active information operations command as it moves those ops to smaller specialized units FSB Center for Special Technologies (TsST): Crafting Russia’s Cyber Weapons for Information Warfare North Korean hackers targeted arms company Diehl The Silent Battlefield Above: Unraveling Russia’s Cyber Operations Against Military Satellites and Space Assets Chinese Military Exploring Wasy to Win in Intelligent Warfare Amidst Change & Constancy North Korean Hackers Using New VeilShell Backdoor in Stealthy Cyber Attacks Dutch government blames a ‘state actor’ for hacking a police network Justice Department Disrupts Russian Intelligence Spear-Phishing Efforts Deep Dive into North Korea’s Ongoing Campaign Against Southeast Asia Separating the bee from the panda: CeranaKeeper making a beeline for Thailand Cybersecurity Endpoint Prevention and Response (EPR) Test findings Critical Flaws in Tank Gauge Systems Expose Gas Stations to Remote Attacks Media giant AFP hit by cyberattack impacting news delivery services SecurityCracking the Cloud: The Persistent Threat of Credential-Based Attacks Dray:Break Fake memories, persistent threats: When AI remembers what isn’t true Telegram Confirms it Gave U.S. User Data to the Cops First Ai-iD Kit toolkit built to empower and educate everyone about deepfakes How Cloudflare auto-mitigated world record 3.8 Tbps DDoS attack Protecting Democratic Institutions from Cyber Threats Finding a needle in a haystack: Machine learning at the forefront of threat hunting research German-French recommendations for the use of AI programming assistants Pixel’s Proactive Approach to Security: Addressing Vulnerabilities in Cellular Modems Subscribe to the newsletter for free here: https://www.linkedin.com/build-relation/newsletter-follow?entityUrn=7093942975545667584 Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini (SecurityAffairs hacking, newsletter)
Published: 2024-10-06T12:05:37