A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Symbolic Link trick lets attackers bypass FortiGate patches, Fortinet warns Attackers are exploiting recently disclosed OttoKit WordPress plugin flaw […

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Symbolic Link trick lets attackers bypass FortiGate patches, Fortinet warns

Attackers are exploiting recently disclosed OttoKit WordPress plugin flaw

Laboratory Services Cooperative data breach impacts 1.6 Million People

Palo Alto warns of brute-force login attempts on PAN-OS GlobalProtect gateways indicating possible upcoming attacks

Gamaredon targeted the military mission of a Western country based in Ukraine

U.S. CISA adds Linux Kernel flaws to its Known Exploited Vulnerabilities catalog

AkiraBot: AI-Powered spam bot evades CAPTCHA to target 80,000+ websites

An APT group exploited ESET flaw to execute malware

Oracle confirms the hack of two obsolete servers hacked. No Oracle Cloud systems or customer data were affected

National Social Security Fund of Morocco Suffers Data Breach

Critical Fortinet FortiSwitch flaw allows remote attackers to change admin passwords

The US Treasury’s OCC disclosed an undetected major email breach for over a year

U.S. CISA adds Gladinet CentreStack and ZTA Microsoft Windows Common Log File System (CLFS) Driver flaws to its Known Exploited Vulnerabilities catalog

WhatsApp fixed a spoofing flaw that could enable Remote Code Execution

Everest ransomware group’s Tor leak site offline after a defacement

Google fixed two actively exploited Android zero-days

U.S. CISA adds Ivanti Connect Secure, Policy Secure and ZTA Gateways flaw to its Known Exploited Vulnerabilities catalog

A member of the Scattered Spider cybercrime group pleads guilty

The controversial case of the threat actor EncryptHub

PoisonSeed Campaign uses stolen email credentials to spread crypto seed scams and and empty wallets

EDR-as-a-Service makes the headlines in the cybercrime landscape

Oracle privately notifies Cloud data breach to customers

Expert used ChatGPT-4o to create a replica of his passport in just 5 minutes bypassing KYC

International Press – Newsletter

Cybercrime

Unmasking EncryptHub: Help from ChatGPT & OPSEC blunders 

PoisonSeed Campaign Targets CRM and Bulk Email Providers in Supply Chain Spam Operation  

Palm Coast man linked to ‘Scattered Spider’ cybercrime gang pleads guilty to charges related to cryptocurrency theft 

Everest ransomware group’s darknet site offline following defacement 

Food giant WK Kellogg discloses data breach linked to Clop ransomware

Cybercriminals Attacked National Social Security Fund of Morocco – Millions of Digital Identities at Risk of Data Breach  

Operation Endgame follow-up leads to five detentions and interrogations as well as server takedowns 

South African telecom provider serving 7.7 million confirms data leak following cyberattack  

Malware

Lazarus Expands Malicious npm Campaign: 11 New Packages Add Malware Loaders and Bitbucket Payloads

BadBazaar: iOS and Android Surveillanceware by China’s APT15 Used to Target Tibetans and Uyghurs  

Attackers distributing a miner and the ClipBanker Trojan via SourceForge

AkiraBot | AI-Powered Bot Bypasses CAPTCHAs, Spams Websites At Scale

Lookout Mobile Threat Landscape Report – 2024 in Review    

Newly Registered Domains Distributing SpyNote Malware     

Hacking

NSA, CISA, FBI, and International Partners Release Cybersecurity Advisory on “Fast Flux,” a National Security Threat

Surge in Palo Alto Networks Scanner Activity Indicates Possible Upcoming Threats

Critical SureTriggers Plugin Vulnerability Exploited within 4 hours 

Exploitation of CLFS zero-day leads to ransomware activity  

Fortinet  – Analysis of Threat Actor Activity 

Intelligence and Information Warfare

BeaverTail and Tropidoor Malware Distributed via Recruitment Emails  

Hackers Spied on 100 US Bank Regulators’ Emails for Over a Year      

How ToddyCat tried to hide behind AV software  

Court document reveals locations of WhatsApp victims targeted by NSO spyware 

Shuckworm Targets Foreign Military Mission Based in Ukraine  

Targeted espionage activity UAC-0226 against innovation centers, government and law enforcement agencies using the GIFTEDCROOK stealer

China Admitted to Volt Typhoon Cyberattacks on US Critical Infrastructure: Report  

Cybersecurity

Alan Turing Institute: UK can’t handle a fight against AI-enabled crims

EU answer to Trump may involve data use by Big Tech, France says 

Google fixes Android zero-days exploited in attacks, 60 other flaws  

WhatsApp Vulnerability Could Facilitate Remote Code Execution

Trump orders probe of former cybersecurity chief for declaring 2020 election secure 

Cybersecurity industry falls silent as Trump turns ire on SentinelOne

Cybersecurity Community Must Not Remain Silent On Executive Order Attacking Former CISA Director 

Ransomware attack cost IKEA operator in Eastern Europe $23 million

Ex-Meta exec tells Senate Zuck dangled US citizen data in bid to enter China

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Source: SecurityAffairs
Source Link: https://securityaffairs.com/176494/breaking-news/security-affairs-newsletter-round-519-by-pierluigi-paganini-international-edition.html