Security Affairs newsletter Round 417 by Pierluigi Paganini – International edition

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

ViperSoftX uses more sophisticated encryption and anti-analysis techniquesAtomic macOS Stealer is advertised on Telegram for $1,000 per monthCISA warns of a critical flaw affecting Illumina medical devicesOpenAI reinstates ChatGPT service in Italy after meeting Garante Privacy’s demandsCisco discloses a bug in the Prime Collaboration Deployment solutionZyxel fixed a critical RCE flaw in its firewall devices and urges customers to install the patchesUkraine cyber police arrested a man for selling data of 300M peopleGoogle obtained a temporary court order against CryptBot distributorsResearchers found the first Linux variant of the RTM lockerCrooks use PaperCut exploits to deliver Cl0p and LockBit ransomwareCryptoRom: OkCupid scam cost Florida man $480k – we followed the money to BinanceIranian Charming Kitten APT used a new BellaCiao malware in recent wave of attacksChina-linked Alloy Taurus APT uses a Linux variant of PingPull malwareA component in Huawei network appliances could be used to take down Germany’s telecoms networksThousands of publicly-exposed Apache Superset installs exposed to RCE attacksPro-Russia hacking group executed a disruptive attack against a Canadian gas pipelineSLP flaw allows DDoS attacks with an amplification factor as high as 2200 timesVMware addressed two zero-day flaws demonstrated at Pwn2Own Vancouver 2023A new Mirai botnet variant targets TP-Link Archer A21Google researchers found multiple security issues in Intel TDXGoogle Authenticator App now supports Google Account synchronizationPeugeot leaks access to user information in South AmericaNorth Korea-linked BlueNoroff APT is behind the new RustBucket Mac MalwareAuKill tool uses BYOVD attack to disable EDR softwareExperts released PoC Exploit code for actively exploited PaperCut flawEvilExtractor, a new All-in-One info stealer appeared on the Dark WebRussian cybercrime group likely behind ongoing exploitation of PaperCut flawsHackers can hack organizations using data found on their discarded enterprise network equipmentHealth insurer Point32Health suffered a ransomware attackExperts spotted first-ever crypto mining campaign leveraging Kubernetes RBACInternational Press

Cybercrime

Continuing our work to hold cybercriminal ecosystems accountable  

First draft of controversial UN Cybercrime Treaty slated for June

The cyber police exposed an attacker in the sale of databases with personal data of citizens of Ukraine and the EU   

Hacking

First-Ever Attack Leveraging Kubernetes RBAC to Backdoor Clusters   

Hacker Group Names Are Now Absurdly Out of Control

Critical vulnerabilities in papercut print management software

PaperCut CVE-2023-27350 Deep Dive and Indicators of Compromise 

Compromising Garmin’s Sport Watches: A Deep Dive into GarminOS and its MonkeyC Virtual Machine

Cyberattacks on Canada’s gas infrastructure left ‘no physical damage,’ Trudeau says      

CVE-2023-27524: Insecure Default Configuration in Apache Superset Leads to Remote Code Execution   

Malware

EvilExtractor – All-in-One Stealer

‘AuKill’ EDR killer malware abuses Process Explorer driver   

Chinese Alloy Taurus Updates PingPull Malware   

RTM Locker Ransomware as a Service (RaaS) Now Suits Up for Linux Architecture

Threat Actor Selling New Atomic macOS (AMOS) Stealer on Telegram

Citrix Users at Risk: AresLoader Spreading Through Disguised GitLab Repo       

Intelligence and Information Warfare

BlueNoroff APT group targets macOS with ‘RustBucket’ Malware

TP-LINK WAN-SIDE VULNERABILITY CVE-2023-1389 ADDED TO THE MIRAI BOTNET ARSENAL   

Leaked Pentagon Documents Reveal Secrets About Friends and Foes

How China’s Huawei spooked Germany into launching a probe      

Unpacking BellaCiao: A Closer Look at Iran’s Latest Malware   

Cybersecurity

Discarded, not destroyed: Old routers reveal corporate secrets

Google Authenticator now supports Google Account synchronization

Intel Trust Domain Extensions (TDX) Security Review  

New high-severity vulnerability (CVE-2023-29552) discovered in the Service Location Protocol (SLP)

South Korea, US agree to cooperate on cybersecurity and combating North Korean digital heists  

ChatGPT: OpenAI reinstates service in Italy with enhanced transparency and rights for european users and non-users

Illumina Cybersecurity Vulnerability Affecting the Universal Copy Service Software May Present Risks for Patient Results and Customer Networks: Letter to Health Care Providers  

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Please vote for Security Affairs (https://securityaffairs.com/) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERSVote for me in the sections:

The Teacher – Most Educational Blog

The Entertainer – Most Entertaining Blog

The Tech Whizz – Best Technical Blog

Best Social Media Account to Follow (@securityaffairs)
Please nominate Security Affairs as your favorite blog.

Nominate here: https://docs.google.com/forms/d/e/1FAIpQLSfaFMkrMlrLhOBsRPKdv56Y4HgC88Bcji4V7OCxCm_OmyPoLw/viewform

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

The post Security Affairs newsletter Round 417 by Pierluigi Paganini – International edition appeared first on Security Affairs.