A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. A threat actor is selling access to Facebook and Instagram’s Police Portal Threat actors breached Okta […]

The post Security Affairs newsletter Round 442 by Pierluigi Paganini – INTERNATIONAL EDITION appeared first on Security Affairs.

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

A threat actor is selling access to Facebook and Instagram’s Police Portal

Threat actors breached Okta support system and stole customers’ data

US DoJ seized domains used by North Korean IT workers to defraud businesses worldwide

Alleged developer of the Ragnar Locker ransomware was arrested

CISA adds Cisco IOS XE flaw to its Known Exploited Vulnerabilities catalog

Tens of thousands Cisco IOS XE devices were hacked by exploiting CVE-2023-20198

Law enforcement operation seized Ragnar Locker group’s infrastructure

THE 11TH EDITION OF THE ENISA THREAT LANDSCAPE REPORT IS OUT!

North Korea-linked APT groups actively exploit JetBrains TeamCity flaw

Multiple APT groups exploited WinRAR flaw CVE-2023-38831

Californian IT company DNA Micro leaks private mobile phone data

Threat actors have been exploiting CVE-2023-4966 in Citrix NetScaler ADC/Gateway devices since August

A flaw in Synology DiskStation Manager allows admin account takeover

D-Link confirms data breach, but downplayed the impact

CVE-2023-20198 zero-day widely exploited to install implants on Cisco IOS XE systems

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Ransomware realities in 2023: one employee mistake can cost a company millions

Malware-laced ‘RedAlert – Rocket Alerts’ app targets Israeli users

Cisco warns of active exploitation of IOS XE zero-day

Signal denies claims of an alleged zero-day flaw in its platform

Microsoft Defender thwarted Akira ransomware attack on an industrial engineering firm

DarkGate malware campaign abuses Skype and Teams

The Alphv ransomware gang stole 5TB of data from the Morrison Community Hospital

Cybercrime

Europol knocks RagnarLocker offline in second major ransomware bust this year

The Fake Browser Update Scam Gets a Makeover

Ragnar Locker ransomware gang taken down by international police swoop      

Justice Department Announces Court-Authorized Action to Disrupt Illicit Revenue Generation Efforts of Democratic People’s Republic of Korea Information Technology Workers   

Malware

DarkGate Opens Organizations for Attack via Skype, Teams   

New paper: Nexus Android banking botnet – compromising C&C panels and dissecting mobile AppInjects

Malicious “RedAlert – Rocket Alerts” Application Targets Israeli Phone Calls, SMS, and User Information   

BlackCat Climbs the Summit With a New Tactic  

Hacking

Active exploitation of Cisco IOS XE Software Web Management User Interface vulnerability  

Widespread Cisco IOS XE Implants in the Wild  

Synology NAS DSM Account Takeover: When Random is not Secure

Remediations for Citrix NetScaler ADC and Gateway Vulnerability (CVE-2023-4966)

CVE-2023-20198 – Cisco IOS-XE ZeroDay     

Tracking Unauthorized Access to Okta’s Support System        

Intelligence and Information Warfare

Hamas Cyber Capabilities: Threats and Implications for Israel

Peculiarities of destructive cyber attacks against Ukrainian providers (CERT-UA#7627)

Government-backed actors exploiting WinRAR vulnerability  

Multiple North Korean threat actors exploiting the TeamCity CVE-2023-42793 vulnerability  

MI5 head warns of ‘epic scale’ of Chinese espionage

International Criminal Court systems breached for cyber espionage

Cybersecurity

NIST – Digital Identity Guidelines – Authentication and Lifecycle Management

Automatic disruption of human-operated attacks through containment of compromised user accounts    

Signal Debunks Zero-Day Vulnerability Reports, Finds No Evidence

Cloud and Threat Report: Top Adversary Tactics and Techniques  

ENISA Threat Landscape 2023   

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

The post Security Affairs newsletter Round 442 by Pierluigi Paganini – INTERNATIONAL EDITION appeared first on Security Affairs.

Source: SecurityAffairs
Source Link: https://securityaffairs.com/152822/breaking-news/security-affairs-newsletter-round-442-by-pierluigi-paganini-international-edition.html