Security Affairs newsletter Round 430 by Pierluigi Paganini – International edition

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Now Abyss Locker also targets VMware ESXi serversRussian APT BlueBravo targets diplomatic entities with GraphicalProton backdoorCoinsPaid blames North Korea-linked APT Lazarus for theft of $37M worth of cryptocurrencyMonitor Insider Threats but Build Trust FirstZimbra fixed actively exploited zero-day CVE-2023-38750 in ZCSDepositFiles exposed config file, jeopardizing user securityGROUP-IB Co-Founder ILYA SACHKOV SENTENCED TO 14 YEARS IN A STRICT PRISON COLONYTwo flaws in Linux Ubuntu affect 40% of Ubuntu usersTwo ambulance services in UK lost access to patient records after a cyber attack on software providerFraudGPT, a new malicious generative AI tool appears in the threat landscapeCISA adds Ivanti EPMM flaw to its Known Exploited Vulnerabilities catalogOver 500K MikroTik RouterOS systems potentially exposed to hacking due to critical flawAtlassian addressed 3 flaws in Confluence and Bamboo productsVMware addressed an information disclosure flaw in VMware Tanzu Application Service for VMs and Isolation SegmentApple addressed a new actively exploited zero-day tracked as CVE-2023-38606Twelve Norwegian ministries were hacked using a zero-day vulnerabilityA flaw in OpenSSH forwarded ssh-agent allows remote code executionApple could opt to stop iMessage and FaceTime services due to the government’s surveillance demandsCybercrime

The shadow of Moscow extends over Brazil: from the scandal over the shelter of the Russian spy, to cyber-espionage and the sale of oil  

First Known Targeted OSS Supply Chain Attacks Against the Banking Sector

FraudGPT: The Villain Avatar of ChatGPT  

Ambulance patient records system hauled offline for cyber-attack probe  

ALPHV ransomware adds data leak API in new extortion strategy

Healthcare files of 8M-plus people fall into hands of Clop via MOVEit mega-bug

Lazarus hackers linked to $60 million Alphapo cryptocurrency heist


Who and What is Behind the Malware Proxy Service SocksEscort?      

Into the tank with Nitrogen 

Conti and Akira: Chained Together  

Linux version of Abyss Locker ransomware targets VMware ESXi servers

Sneaky XWorm Uses MultiStaged Attack

Related CherryBlos and FakeTrade Android Malware Involved in Scam Campaigns  

CISA Releases Malware Analysis Reports on Barracuda Backdoors


Norwegian Ministries exposed to computer attacks  

A flaw in #OpenSSH forwarded ssh-agent allows remote code execution

Apple Rolls Out Urgent Patches for Zero-Day Flaws Impacting iPhones, iPads and Macs   

CVE-2023-38408: Remote Code Execution in OpenSSH’s forwarded ssh-agent  

Exploiting MikroTik RouterOS Hardware with CVE-2023-30799

GameOver(lay): Easy-to-exploit local privilege escalation vulnerabilities in Ubuntu Linux affect 40% of Ubuntu cloud workloads  

TETRA radio comms used by emergency heroes easily cracked, say experts

Intelligence and Information Warfare

CoinsPaid is back to processing after being hit by a hacker attack. Client funds were not affected and are fully available  

Moldova to kick out Russian diplomats over espionage allegations  

BlueBravo Adapts to Target Diplomatic Entities with GraphicalProton Malware    


Apple slams UK surveillance-bill proposals 

Think tank calls for monitoring of Chinese AI-enabled products

Cyber Command, NSA pick advances to Senate floor, but path to confirmation remains blocked   

US Senator Wyden Accuses Microsoft of ‘Cybersecurity Negligence’

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)
The post Security Affairs newsletter Round 430 by Pierluigi Paganini – International edition appeared first on Security Affairs.