Security Affairs newsletter Round 425 by Pierluigi Paganini – International edition

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Someone is sending mysterious smartwatches to the US Military personnelCISA orders govt agencies to fix recently disclosed flaws in Apple devicesVMware fixed five memory corruption issues in vCenter ServerFortinet fixes critical FortiNAC RCE, install updates asapMore than a million GitHub repositories potentially vulnerable to RepoJackingNew Mirai botnet targets tens of flaws in popular IoT devicesResearchers released a PoC exploit for CVE-2023-20178 flaw in Cisco AnyConnect SecureNorton parent firm Gen Digital, was victim of a MOVEit attack tooApple addressed actively exploited zero-day flaws in iOS, macOS, and SafariAnalyzing the TriangleDB implant used in Operation TriangulationRussia-linked APT28 hacked Roundcube email servers of Ukrainian entitiesNew Condi DDoS botnet targets TP-Link Wi-Fi routersCritical RCE flaw CVE-2023-20887 in VMware vRealize exploited in the wild3CX data exposed, third-party to blameNew Tsunami botnet targets Linux SSH serversZyxel addressed critical flaw CVE-2023-27992 in NAS DevicesTackling Data Sovereignty with DDRASUS addressed critical flaws in some router modelsExperts found components of a complex toolkit employed in macOS attacksEU member states are urged to restrict without delay 5G equipment from risky suppliersDiicot cybercrime gang expands its attack capabilitiesMicrosoft: June Outlook and cloud platform outages were caused by DDoSCybercrime

US govt offers $10 million bounty for info on Clop ransomware

FBI seizes BreachForums after arresting its owner Pompompurin in MarchUS Military Personnel Receiving Unsolicited, Suspicious Smartwatches

Twitter Hacker Sentenced to 5 Years in Prison for $120,000 Crypto Scam

Reddit Files: BlackCat/ALPHV ransomware gang claims to have stolen 80GB of data from Reddit

US govt offers $10 million bounty for info linking Clop ransomware gang to a foreign government.


Tracking Diicot: an emerging Romanian threat actor  

Fragments of Cross-Platform Backdoor Hint at Larger Mac OS Attack

Tsunami DDoS Malware Distributed to Linux SSH Servers        

Condi DDoS Botnet Spreads via TP-Link’s CVE-2023-1389  

Dissecting TriangleDB, a Triangulation spyware implant   

Why Malware Crypting Services Deserve More Scrutiny    


Microsoft Response to Layer 7 Distributed Denial of Service (DDoS) Attacks   

VMware warns of critical vRealize flaw exploited in attacks

Researchers Expose New Severe Flaws in Wago and Schneider Electric OT Products

PoC Exploit Published for Cisco AnyConnect Secure Vulnerability 

GitHub Dataset Research Reveals Millions Potentially Vulnerable to RepoJacking

Intelligence and Information Warfare

BlueDelta Exploits Ukrainian Government Roundcube Mail Servers to Support Espionage Activities

APT28 group used three Roundcube exploits (CVE-2020-35730, CVE-2021-44026, CVE-2020-12641) during another espionage campaign (CERT-UA#6805)       

China-Linked APT15 Targets Foreign Ministries With ‘Graphican’ Backdoor


Second report on Member States’ progress in implementing the EU Toolbox on 5G Cybersecurity 

Google Backs Creation of Cybersecurity Clinics With $20 Million Donation

U.S. Cybersecurity Agency Adds 6 Flaws to Known Exploited Vulnerabilities Catalog

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

The post Security Affairs newsletter Round 425 by Pierluigi Paganini – International edition appeared first on Security Affairs.