A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Experts spotted a new macOS Backdoor named SpectralBlur linked to North Korea Merck settles with insurers […

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Experts spotted a new macOS Backdoor named SpectralBlur linked to North Korea

Merck settles with insurers regarding a $1.4 billion claim over NotPetya damages

Law firm Orrick data breach impacted 638,000 individuals

The source code of Zeppelin Ransomware sold on a hacking forum

Russia-linked APT Sandworm was inside Ukraine telecoms giant Kyivstar for months

Ivanti fixed a critical EPM flaw that can result in remote code execution

MyEstatePoint Property Search Android app leaks user passwords

Hacker hijacked Orange Spain RIPE account causing internet outage to company customers

HealthEC data breach impacted more than 4.5 Million people

Experts found 3 malicious packages hiding crypto miners in PyPi repository

Crooks hacked Mandiant X account to push cryptocurrency scam

Cybercriminals Implemented Artificial Intelligence (AI) for Invoice Fraud

CISA ADDS CHROME AND PERL LIBRARY FLAWS TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG

Don’t trust links with known domains: BMW affected by redirect vulnerability

Hackers stole more than $81 million worth of crypto assets from Orbit Chain

Ukraine’s SBU said that Russia’s intelligence hacked surveillance cameras to direct a missile strike on Kyiv

Researchers released a free decryptor for Black Basta ransomware

Experts warn of JinxLoader loader used to spread Formbook and XLoader

Terrapin attack allows to downgrade SSH protocol security

Multiple organizations in Iran were breached by a mysterious hacker

Top 2023 Security Affairs cybersecurity stories

Malware exploits undocumented Google OAuth endpoint to regenerate Google cookies

Cactus RANSOMWARE gang hit the Swedish retail and grocery provider Coop

Google agreed to settle a $5 billion privacy lawsuit

Cybercrime

Cybercriminals Implemented Artificial Intelligence (AI) For Invoice Fraud   

A tale of 2 casino ransomware attacks: One paid out, one did not

Victoria court recordings exposed in reported ransomware attack

Xerox Confirms Data Breach at US Subsidiary Following Ransomware Attack  

Mandiant’s X account hacked to push crypto scam  

Malware

New Black Basta decryptor exploits ransomware flaw to recover files

Compromising Google Accounts: Malwares Exploiting Undocumented OAuth2 Functionality for session hijacking  

From DarkGate to AsyncRAT: Malware Detected and Shared As Unit 42 Timely Threat Intelligence  

RANSOMWARE- Free Decryptor Released for Black Basta Ransomware  

Black Basta Buster  

Three New Malicious PyPI Packages Deploy CoinMiner on Linux Devices

100DaysofYARA – SpectralBlur  

Hacking

Mysterious hacker strikes Iran with major cyberattacks against industry leading companies

Terrapin Attack       

Cloning Fingerprints Like A Boss: 101 Edition  

Hackers hijack govt and business accounts on X for crypto scams

Intelligence and Information Warfare

Ukraine says Russia hacked web cameras to spy on targets in Kyiv  

Air Travel Is Not Ready for Electronic Warfare

Exclusive: Russian hackers were inside Ukraine telecoms giant for months

Turkish espionage campaigns in the Netherlands   

Cybersecurity

SSH Attack Surface (CVE-2023-48795): Find and Patch With CyberSecurity Asset Management Before the Grinch Arrives   

Law firm that handles data breaches was hit by data breach

Merck Settles NotPetya Insurance Claim, Leaving Cyberwar Definition Unresolved    

NASA releases Space Security Best Practices Guide for mission cybersecurity in interconnected space  

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Source: SecurityAffairs
Source Link: https://securityaffairs.com/157039/breaking-news/security-affairs-newsletter-round-453-by-pierluigi-paganini-international-edition.html