A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Hacktivists hacked an Irish water utility and interrupted the water supply 5Ghoul flaws impact hundreds of […

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Hacktivists hacked an Irish water utility and interrupted the water supply

5Ghoul flaws impact hundreds of 5G devices with Qualcomm, MediaTek chips

Norton Healthcare disclosed a data breach after a ransomware attack

Bypassing major EDRs using Pool Party process injection techniques

Founder of Bitzlato exchange has pleaded for unlicensed money transmitting

Android barcode scanner app exposes user passwords

Russia-linked APT8 exploited Outlook zero-day to target European NATO members

UK and US expose Russia Callisto Group’s activity and sanction members

A cyber attack hit Nissan Oceania

New Krasue Linux RAT targets telecom companies in Thailand

Atlassian addressed four new RCE flaws in its products

CISA adds Qualcomm flaws to its Known Exploited Vulnerabilities catalog

Experts demonstrate a post-exploitation tampering technique to display Fake Lockdown mode

GST Invoice Billing Inventory exposes sensitive data to threat actors

Threat actors breached US govt systems by exploiting Adobe ColdFusion flaw

ENISA published the ENISA Threat Landscape for DoS Attacks Report

Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts

Google fixed critical zero-click RCE in Android

New P2PInfect bot targets routers and IoT devices

Malvertising attacks rely on DanaBot Trojan to spread CACTUS Ransomware

LockBit on a Roll – ICBC Ransomware Attack Strikes at the Heart of the Global Financial Order

Zyxel fixed tens of flaws in Firewalls, Access Points, and NAS devices

New Agent Raccoon malware targets the Middle East, Africa and the US

Cybercrime

Opinion: Why crypto was the perfect tool for criminals and kleptocrats  

What it means — CitrixBleed ransomware group woes grow as over 60 credit unions, hospitals, financial services and more breached in US  

Paper trail ends in jail time for 1 013 money mules  

Founder and Majority Owner of Cryptocurrency Exchange Pleads Guilty to Unlicensed Money Transmitting  

ALPHV ransomware site outage rumored to be caused by law enforcement

Malware

Microsoft Warns of Malvertising Scheme Spreading CACTUS Ransomware

P2Pinfect – New Variant Targets MIPS Devices  

Curse of the Krasue: New Linux Remote Access Trojan targets Thailand  

New macOS Trojan-Proxy piggybacking on cracked software   

Hacking

POL Cyber Command has observed malicious activity against Microsoft Exchange servers  

Threat Actors Exploit Adobe ColdFusion CVE-2023-26360 for Initial Access to Government Servers

Fake Lockdown Mode: A post-exploitation tampering technique  

CISA says US government agency was hacked thanks to ‘end of life’ software  

The #PoolParty You Will Never Forget: New Process Injection Techniques Using #Windows Thread Pools

5Ghoul  : Unleashing Chaos on 5G Edge Devices  

Hackers hit Erris water in stance over Israel

Millions of patient scans and health records spilling online thanks to decades-old protocol bug  

Intelligence and Information Warfare

Microsoft Warns of Kremlin-Backed APT28 Exploiting Critical Outlook Vulnerability

The Israel-Hamas War Reveals the Fundamental Flaws of Social Media  

The Internet Enabled Mass Surveillance. A.I. Will Enable Mass Spying  

Reddit Says Leaked U.S.-U.K. Trade Documents Posted on the Site Are Linked to a Russian Information Campaign

UK exposes attempted Russian cyber interference in politics and democratic processes

Russian FSB cyber actor Star Blizzard continues worldwide spear-phishing campaigns

Star Blizzard increases sophistication and evasion in ongoing attacks           

Fighting Ursa Aka APT28: Illuminating a Covert Campaign 

AI’s ‘Fog of War’    

Russian hackers targeted US intel officers in ‘sophisticated spear phishing campaign,’ DOJ says  

Google Warns China Is Ramping Up Cyberattacks Against Taiwan

Hollywood plays unwitting Cameo in Kremlin plot to discredit Zelensky 

Cybersecurity

Google Cloud – Cybersecurity Forecast 2024 

ENISA Threat Landscape for DoS Attacks  

a16z Funded AI Platform Generated Images That “Could Be Categorized as Child Pornography,” Leaked Documents Show   

Apple says it is not aware anyone using Lockdown Mode got hacked   

Report: 2.6 billion personal records compromised by data breaches in past two years — underscoring need for end‑to‑end encryption    

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Source: SecurityAffairs
Source Link: https://securityaffairs.com/155564/breaking-news/security-affairs-newsletter-round-449-by-pierluigi-paganini-international-edition.html