Security Affairs newsletter Round 429 by Pierluigi Paganini – International edition

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Multiple DDoS botnets were observed targeting Zyxel devicesCISA warns of attacks against Citrix NetScaler ADC and Gateway DevicesExperts believe North Korea behind JumpCloud supply chain attackNice Suzuki, sport: shame dealer left your data up for grabsExperts attribute WyrmSpy and DragonEgg spyware to the Chinese APT41 groupALPHV/BlackCat and Clop gangs claim to have hacked cosmetics giant Estée LauderP2PInfect, a Rusty P2P worm targets Redis Servers on Linux and Windows systemsAdobe out-of-band update addresses an actively exploited ColdFusion zero-dayUkraine’s cyber police dismantled a massive bot farm spreading propagandaUS Gov adds surveillance firms Cytrox and Intellexa to Entity List for trafficking in cyber exploitsCitrix warns of actively exploited zero-day in ADC and GatewayFIA World Endurance Championship driver passports leakedVirustotal data leak exposed data of some registered customers, including intelligence membersFIN8 Group spotted delivering the BlackCat RansomwareHacking campaign targets sites using WordPress WooCommerce Payments PluginJumpCloud revealed it was hit by a sophisticated attack by a nation-state actorAdobe warns customers of a critical ColdFusion RCE exploited in attacksAdmins of Genesis Market marketplace sold their infrastructure on a hacker forumCisco fixed a critical flaw in SD-WAN vManagePompompurin, the BreachForums owner, pleads guilty to hacking charges and possession of child pornographyWormGPT, the generative AI tool to launch sophisticated BEC attacksCybercrime

WormGPT – The Generative AI Tool Cybercriminals Are Using to Launch Business Email Compromise Attacks     

FIN8 Group Using Modified Sardonic Backdoor for BlackCat Ransomware Attacks

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack  

Nigerian Man Sentenced to 8 Years in US Prison for $8 Million BEC Scheme

Internet Organised Crime Threat Assessment (IOCTA) 2023    

Malware

P2PInfect: The Rusty Peer-to-Peer Self-Replicating Worm  

Lookout Attributes Advanced Android Surveillanceware to Chinese Espionage Group APT41  

DDoS Botnets Target Zyxel Vulnerability CVE-2023-28771

BYOS – BUNDLE YOUR OWN STEALER      

Hacking

Massive Targeted Exploit Campaign Against WooCommerce Payments Underway  

Finding and exploiting process killer drivers with LOL for 3000$  

Zero-Day Attacks Exploited Critical Vulnerability in Citrix ADC and Gateway

Bad.Build: A Critical Privilege Escalation Design Flaw in Google Cloud Build Enables a Supply Chain Attack  

JumpCloud Intrusion | Attacker Infrastructure Links Compromise to North Korean APT Activity

Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells 

         Intelligence and Information Warfare

[Security Update] JumpCloud Incident Details  

Commerce Adds Four Entities to Entity List for Trafficking in Cyber Exploits   

Cyber ​​police exposed organizers of bot farms that spread hostile propaganda and engaged in Internet fraud  

Cybersecurity

Lowering the Bar(d)? Check Point Research’s security analysis spurs concerns over Google Bard’s limitations

Quantum-Safe Cryptography: A Call for National Action       

Data leak reveals customers of the Google security platform VirusTotal  

Kevin Mitnick, Hacker Who Once Eluded     Authorities, Is Dead at 59

Nice Suzuki, sport: shame dealer left your data up for grabs  

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)
The post Security Affairs newsletter Round 429 by Pierluigi Paganini – International edition appeared first on Security Affairs.