A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. U.S. CISA adds Veeam Backup and Replication flaw to its Known Exploited Vulnerabilities catalog North Korea-linked APT37 exploited IE […] A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. U.S. CISA adds Veeam Backup and Replication flaw to its Known Exploited Vulnerabilities catalogNorth Korea-linked APT37 exploited IE zero-day in a recent attackOmni Family Health data breach impacts 468,344 individualsIran-linked actors target critical infrastructure organizationsmacOS HM Surf flaw in TCC allows bypass Safari privacy settingsTwo Sudanese nationals indicted for operating the Anonymous Sudan groupRussia-linked RomCom group targeted Ukrainian government agencies since late 2023A critical flaw in Kubernetes Image Builder could allow attackers to gain root accessVMware fixes high-severity SQL injection flaw CVE-2024-38814 in HCXBrazil’s Pol cia Federal arrested the notorious hacker USDoDFinnish Customs dismantled the dark web drugs market SipulitieU.S. CISA adds Microsoft Windows Kernel, Mozilla Firefox and SolarWinds Web Help Desk bugs to its Known Exploited Vulnerabilities catalogGitHub addressed a critical vulnerability in Enterprise ServerA new Linux variant of FASTCash malware targets financial systemsWordPress Jetpack plugin critical flaw impacts 27 million sitesPokemon dev Game Freak discloses data breachU.S. CISA adds Fortinet products and Ivanti CSA bugs to its Known Exploited Vulnerabilities catalogNation-state actor exploited three Ivanti CSA zero-daysDutch police dismantled dual dark web market ‘Bohemia/Cannabia’macOS HM Surf flaw in TCC allows bypass Safari privacy settingsIran-linked actors target critical infrastructure organizationsNorth Korea-linked APT37 exploited IE zero-day in a recent attackFidelity Investments suffered a second data breach this yearRussia-linked group APT29 is targeting Zimbra and JetBrains TeamCity servers on a large scale International Press Newsletter Cybercrime How Southeast Asian Cyber Syndicates Stole Billions International action against world’s largest dark web market ‘Bohemia/Cannabia’ The FBI secretly created a coin to investigate crypto pump-and-dump schemes AI-Powered Cybercrime Cartels on the Rise in Asia Hackers Advertise Stolen Verizon Push-to-Talk ‘Call Logs’ Finnish Customs, Europol, Swedish Police and Bitdefender Cooperation Leads to Sipulitie Dark Web Marketplace Shut Down Volkswagen monitoring data dump threat from 8Base ransomware crew PF arrests hacker suspected of invading PF systems and those of other international institutions AI-Powered Cybercrime Cartels on the Rise in Asia Two Sudanese Nationals Indicted for Alleged Role in Anonymous Sudan Cyberattacks on Hospitals, Government Facilities, and Other Critical Infrastructure in Los Angeles and Around the World Alabama Man Arrested for Role in Securities and Exchange Commission X Account Hack Malware Expanding the Investigation: Deep Dive into Latest TrickMo Samples HijackLoader evolution: abusing genuine signing certificates FASTCash for Linux Encrypted Symphony: Infiltrating the Cicada3301 Ransomware-as-a-Service Group Ransomware Claims Spike: Key Insights from Coalition’s 2024 Cyber Claims Report ClickFix tactic: The Phantom Meet Hacking Pok mon video game developer confirms its systems were breached by hackers Silent Threat: Red Team Tool EDRSilencer Disrupting Endpoint Security Solutions Chinese Scientists Report Using Quantum Computer to Hack Military-grade Encryption Critical default credential bug in Kubernetes Image Builder allows SSH root access Critical Kubernetes Image Builder Vulnerability Exposes Nodes to Root Access Risk ESET partner breached to send data wipers to Israeli orgs Intelligence and Information Warfare Earth Simnavaz (aka APT34) Levies Advanced Cyberattacks Against UAE and Gulf Regions Burning Zero Days: Suspected Nation-State Adversary Targets Ivanti CSA Germany to beef up security checks amid spying fears AhnLab and NCSC Release Joint Report on Microsoft Zero-Day Browser Vulnerability (CVE-2024-38178) How Israel’s bulky pager fooled Hezbollah Iranian Cyber Actors’ Brute Force and Credential Access Activity Compromises Critical Infrastructure Organizations UAT-5647 targets Ukrainian and Polish entities with RomCom malware variants AhnLab and NCSC Release Joint Report on Microsoft Zero-Day Browser Vulnerability (CVE-2024-38178) Cybersecurity How the increasing demand for cyber insurance is changing the role of the CISO AI Models in Cybersecurity: From Misuse to Abuse Some Americans are still using Kaspersky’s antivirus despite US government ban Cybersecurity skills in the EU: A new dawn? Nearly Half of Security Professionals Agree GenAI Is One of Their Biggest Security Risks New rules to boost cybersecurity of EU’s critical entities and networks This Is Exactly How an Elon Musk-Funded PAC Is Microtargeting Muslims and Jews With Opposing Messages AI-Powered Social Media Manipulation App Promises to ‘Shape Reality’ Guidelines and Companion Guide on Securing AI Systems Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini (SecurityAffairs hacking, newsletter)
Published: 2024-10-20T12:03:09