A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. A cyber attack hit Iranian government sites and nuclear facilities Ransomware operators exploited Veeam Backup & Replication flaw […] A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. A cyber attack hit Iranian government sites and nuclear facilitiesRansomware operators exploited Veeam Backup & Replication flaw CVE-2024-40711 in recent attacksGitLab fixed a critical flaw that could allow arbitrary CI/CD pipeline executionIran and China-linked actors used ChatGPT for preparing attacksInternet Archive data breach impacted 31M usersE-skimming campaign uses Unicode obfuscation to hide the Mongolian SkimmerU.S. CISA adds Ivanti CSA and Fortinet bugs to its Known Exploited Vulnerabilities catalogMozilla issued an urgent Firefox update to fix an actively exploited flawPalo Alto fixed critical flaws in PAN-OS firewalls that allow for full compromise of the devicesCybercriminals Are Targeting AI Conversational PlatformsAwaken Likho APT group targets Russian government with a new implantU.S. CISA adds Windows and Qualcomm bugs to its Known Exploited Vulnerabilities catalogThree new Ivanti CSA zero-day actively exploited in attacksUkrainian national pleads guilty in U.S. court for operating the Raccoon InfostealerQualcomm fixed a zero-day exploited limited, targeted attacksMoneyGram discloses data breach following September cyberattackAmerican Water shut down some of its systems following a cyberattackUniversal Music data breach impacted 680 individualsCyber warfareKyiv’s hackers launched an unprecedented cyber attack on Russian state media VGTRK on Putin’s birthdayFBCS data breach impacted 238,000 Comcast customersCritical Apache Avro SDK RCE flaw impacts Java applicationsMan pleads guilty to stealing over $37 Million worth of cryptocurrencyU.S. CISA adds Synacor Zimbra Collaboration flaw to its Known Exploited Vulnerabilities catalogChina-linked group Salt Typhoon hacked US broadband providers and breached wiretap systemsGoogle Pixel 9 supports new security features to mitigate baseband attacks International Press Newsletter Cybercrime Indiana Man Pleads Guilty to Conspiracies Involving Cyber Intrusion and $37 Million Cryptocurrency Theft Recognition Tech onto Meta’s Smart Glasses to Instantly Dox Strangers MoneyGram says hackers stole customers’ personal information and transaction data Ukrainian National Pleads Guilty to “Raccoon Infostealer” Cybercrime Not All Fun and Games: Lua Malware Targets Educational Sector and Student Gaming Engines Lamborghini Carjackers Lured by $243M Cyberheist 69,000 Bitcoins Are Headed for the US Treasury While the Agent Who Seized Them Is in Jail Timeshare Owner? The Mexican Drug Cartels Want You Casio: Notice of Partial Service Outage and Information Leak Caused by Ransomware Attack He founded a “startup” to access sanctioned Russian websites: the cyber police of Khmelnytskyi region exposed the hacker Hacked ‘AI Girlfriend’ Data Shows Prompts Describing Child Sexual Abuse Malware Over 300,000! GorillaBot: The New King of DDoS Attacks Hidden cryptocurrency mining and theft campaign affected over 28,000 users The Mongolian Skimmer: different clothes, equally dangerous Ransomware Report: Unveiling Trends in Attack Payouts and Negotiations Hacking Qualcomm Urges OEMs to Patch Critical DSP and WLAN Flaws Amid Active Exploits Zero-Day Alert: Three Critical Ivanti CSA Vulnerabilities Actively Exploited Mozilla fixes Firefox zero-day actively exploited in attacks Palo Alto Expedition: From N-Day to Full Compromise LLM attacks take just 42 seconds on average, 20% of jailbreaks succeed Twitter Bot Network The Internet Archive is under attack, with a breach revealing info for 31 million accounts Intelligence and Information Warfare U.S. Wiretap Systems Targeted in China-Linked Hack Hacker attack disrupts Russian state media on Putin’s birthday Awaken Likho is awake: new techniques of an APT group Mind the (air) gap: GoldenJackal gooses government guardrails Contagious Interview: DPRK Threat Actors Lure Tech Industry Job Seekers to Install New Variants of BeaverTail and InvisibleFerret Malware Navigating the Shadows: An In-Depth Analysis of Iranian APTs and Their Evolving Threat Landscape in 2024 OpenAI Report: Influence and cyber operations: an update NSA cyber chief: Espionage is now Russia’s focus for cyberattacks on Ukraine Iran Hit By ‘Heavy Cyberattacks’ Targeting Its Nuclear Facilities Amid Middle East Tensions Update on SVR Cyber Operations and Vulnerability Exploitation Cybersecurity America’s allies are shifting: Cyberspace is about persistence, not deterrenceGlobal State of CPS Security report About a quarter million Comcast subscribers had their data stolen from debt collector Vulnerable APIs and Bot Attacks Costing Businesses Up to $186 Billion Annually American Water shuts down online services after cyberattack Rise of the robots: AI to shape UK defense review Managing Cybersecurity in the Age of Artificial Intelligence New Ponemon Report Shows Awareness of Cyber Risks to Healthcare Organizations is not Always Translating to Adequate Protections Best Practices to Configure BIG-IP LTM Systems to Encrypt HTTP Persistence Cookies Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini (SecurityAffairs hacking, newsletter)
Published: 2024-10-13T13:03:10