Security Affairs newsletter Round 460 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Apple created post-quantum cryptographic protocol PQ3 for iMessage
Russian hacker is set to face trial for the hack of a local power grid
Microsoft released red teaming tool PyRIT for Generative AI
CISA orders federal agencies to fix ConnectWise ScreenConnect bug in a week
FTC charged Avast with selling users’ browsing data to advertising companies
“Beyond the border scam”, pay attention to the instance of the new Nigerian fraud
Multiple XSS flaws in Joomla can lead to remote code execution
New Mustang Panda campaign targets Asia with a backdoor dubbed DOPLUGS
US GOV OFFERS A REWARD OF UP TO $15M FOR INFO ON LOCKBIT GANG MEMBERS AND AFFILIATES
New Redis miner Migo uses novel system weakening techniques
Critical flaw found in deprecated VMware EAP. Uninstall it immediately
Microsoft Exchange flaw CVE-2024-21410 could impact up to 97,000 servers
ConnectWise fixed critical flaws in ScreenConnect remote access tool
More details about Operation Cronos that disrupted Lockbit operation
Cactus ransomware gang claims the theft of 1.5TB of data from Energy management and industrial automation firm Schneider Electric
Operation Cronos: law enforcement disrupted the LockBit operation
Anatsa Android banking Trojan expands to Slovakia, Slovenia, and Czechia
A Ukrainian Raccoon Infostealer operator is awaiting trial in the US
Russia-linked APT TAG-70 targets European government and military mail servers exploiting Roundcube XSS
How BRICS Got “Rug Pulled” – Cryptocurrency Counterfeiting is on the Rise
SolarWinds addressed critical RCEs in Access Rights Manager (ARM)

Cybercrime

How BRICS Got “Rug Pulled” – Crypto Counterfeiting Is On The Rise 

International investigation disrupts the world’s most harmful cyber crime group

U.S. and U.K. Disrupt LockBit Ransomware Variant      

Reward Offers for Information on LockBit Leaders and Designating Affiliates  

Darknet Drug Dealers Arrested After Packages of Meth-Laced Adderall Repeatedly Returned to Sender

LockBit ransomware gang has over $110 million in unspent bitcoin

 

Malware

Anatsa Trojan Returns: Targeting Europe and Expanding Its Reach  

Migo – a Redis Miner with Novel System Weakening Techniques  

Earth Preta Campaign Uses DOPLUGS to Target Asia 

Diversifying Defenses: FjordPhantom Malware Shows Importance of a Multi-Pronged Approach

Dormant PyPI Package Updated to Deploy NovaSentinel Stealer  

Hacking

GitHub leak exposes Chinese offensive cyber operations – researchers  

Joomla: Multiple XSS Vulnerabilities  

A Catastrophe For Control: Understanding the ScreenConnect Authentication Bypass (CVE-2024-1709 & CVE-2024-1708)

Announcing Microsoft’s open automation framework to red team generative AI Systems      

Vologda hacker will appear in court for cutting off power to 38 settlements  

Intelligence and Information Warfare 

Exploring the Cyber Dimension of the Current U.S.-Iran Crisis 

Russia-Aligned TAG-70 Targets European Government and Military Mail Servers in New Espionage Campaign  

U.S. Wages Cyber War on Russian Military Botnet 

Spyware leak offers ‘first-of-its-kind’ look inside Chinese government hacking efforts  

Cybersecurity          

Former NSA chief calls for alternative approach to cyberdefense  

Spyware startup Variston is losing staff — some say it’s closing 

FTC Accuses Avast of Selling Customer Browsing Data to Advertisers 

Message with PQ3: The new state of the art in quantum-secure messaging at scale

After this week’s Julian Assange court hearing, this is clear: extradition would amount to a death sentence

Cyber Insurance – Models and methods and the use of AI       

2024 Unit 42 Incident Response Report: Navigating the Shift in Cybersecurity Threat Tactics

IBM X-Force Threat Intelligence Index 2024       

CrowdStrike 2024 Global Threat Report: Adversaries Gain Speed and Stealth  

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

文 » A