Security Affairs newsletter Round 422 by Pierluigi Paganini – International edition

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Xplain hack impacted the Swiss cantonal police and FedpolZyxel published guidance for protecting devices from ongoing attacksKimsuky APT poses as journalists and broadcast writers in its attacksNew Linux Ransomware BlackSuit is similar to Royal ransomwareCISA adds Progress MOVEit Transfer zero-day to its Known Exploited Vulnerabilities catalogNew botnet Horabot targets Latin AmericaPoint32Health ransomware attack exposed info of 2.5M peopleMOVEit Transfer software zero-day actively exploited in the wildRussia’s FSB blames the US intelligence for Operation TriangulationOperation Triangulation: previously undetected malware targets iOS devicesCalifornia-based workforce platform Prosperix leaks drivers licenses and medical recordsApps with over 420 Million downloads from Google Play unveil the discovery of SpinOk spywareBlackCat claims the hack of the Casepoint legal technology platform used by US agenciesWidespread exploitation by botnet operators of Zyxel firewall flawExperts warn of backdoor-like behavior within Gigabyte systemsThreat actors are exploiting Barracuda Email Security Gateway bug since October 2022Swiss real estate agency Neho fails to put a password on its systemsMicrosoft found a new bug that allows bypassing SIP root restrictions in macOSPyPI enforces 2FA authentication to prevent maintainers’ account takeoverA database containing 478,000 RaidForums members leaked onlineBeware of the new phishing technique “file archiver in the browser” that exploits zip domainsBrutePrint Attack allows to unlock smartphones with brute-forcing fingerprintLockbit ransomware attack on MCNA Dental impacts 8.9M individualsNew Go-written GobRAT RAT targets Linux Routers in JapanResearchers analyzed the PREDATOR spyware and its loader AlienAttackers use encrypted RPMSG messages in Microsoft 365 targeted phishing attacksIndustrial automation giant ABB disclosed data breach after ransomware attackNew Bandit Stealer targets web browsers and cryptocurrency walletsCISA adds recently patched Barracuda zero-day to its Known Exploited Vulnerabilities catalogInternational Press


New hacking forum leaks data of 478,000 RaidForums members  

Ask Fitis, the Bear: Real Crooks Sign Their Malware   

Discord Admins Hacked by Malicious Bookmarks   


Microsoft Encrypted Restricted Permission Messages Deliver Phishing

BrutePrint: Expose Smartphone Fingerprint Authentication to Brute-force Attack      

Barracuda Email Security Gateway Appliance (ESG) Vulnerability 


Widespread Exploitation of Zyxel Network Devices       

MOVEit Transfer Critical Vulnerability Rapid Response  

An extraordinary cyberattack hits Switzerland, affecting the army and many police  


New Info Stealer Bandit Stealer Targets Browsers, Wallets  

Mercenary mayhem: A technical analysis of Intellexa’s PREDATOR spyware

GobRAT malware written in Go language targeting Linux routers  

Potentially millions of Android TVs and phones come with malware preinstalled  

Android apps containing SpinOk module with spyware features installed over 421,000,000 times   

New Horabot campaign targets the Americas  

Investigating BlackSuit Ransomware’s Similarities to Royal  

Intelligence and Information Warfare

Operation Triangulation: iOS devices targeted with previously unknown malware

The FSB of Russia revealed the intelligence action of the American intelligence services using apple mobile devices       

Chinese Threat Actor Used Modified Cobalt Strike Variant to Attack Taiwanese Critical Infrastructure   

North Korea Using Social Engineering to Enable Hacking of Think Tanks, Academia, and Media   


Securing PyPI accounts via Two-Factor Authentication

US Air Force denies AI drone attacked operator in test

Zyxel’s guidance for the recent attacks on the ZyWALL devices   

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)
The post Security Affairs newsletter Round 422 by Pierluigi Paganini – International edition appeared first on Security Affairs.