Newsletter Safety Affairs Round 489 by Pierluigi Paganini – INTERNATIONAL EDITION

Sextortion scam now uses your ‘cheating’ spouse’s name as bait

Researchers trace large-scale data breach to US data broker: why should you care?

Cyberattack on payment gateway exposes 1.7 million credit card details

Highline Public Schools closes schools after cyberattack

After Durov’s arrest, some cybercriminals dump Telegram

Six people are charged with offences related to illegal cyber activities

UK arrests teen linked to cyber attack on Transport for London

Fortinet Suffers Third-Party Data Breach That Affects Customers in Asia Pacific

Malware

Mythical Beasts and Where to Find Them: Mapping the Global Spyware Market and Its Threats to National Security and Human Rights

Shared Secrets of Malware: Code Similarity Insights for Tracking Ransomware Gangs

Mallox Ransomware: In-Depth Analysis and Evolution

A look at the next steps of the Quad7 operators and their associated botnets

Ajina Attacks Central Asia: Story of an Uzbek Android Pandemic

Void captures over a million Android TV boxes

Hacking

Check out the Typo: Our PoC exploit for typosquatting in GitHub Actions

Threat actors exploit GeoServer vulnerability CVE-2024-36401

YubiKeys Vulnerable to Cloning Attacks Thanks to Newly Discovered Side-Channel

Once and for all: WhatsApp’s take on broken functionality

PIXHELL Attack: Leaking Sensitive Information from Computers in the Airspace via ‘Singing Pixels’

Critical SonicWall SSLVPN bug exploited in ransomware attacks

Flipper Zero releases firmware 1.0 after three years of development

DragonRank, a Chinese-language SEO manipulation service provider

CVE-2024-29847 Deep Dive: Ivanti Endpoint Manager AgentPortal Deserialization of Untrusted Data Remote Code Execution Vulnerability

Living off the land, GPO style

Intelligence and information warfare

DeFied Expectations — Web3 Heists Investigation

Australian ties exposed in global defence companies scandal involving China, Russia and Iran

TIDRONE focuses on military and satellite industries in Taiwan

MI6, CIA warn of ‘reckless sabotage campaign across Europe’ by Russia

Earth Preta evolves its attacks with new malware and strategies

Chinese APT Abuses VSCode to Attack Government in Asia

Poland neutralizes sabotage group with ties to Belarus and Russia

Fake Recruiter Code Tests Target Developers with Malicious Python Packages

Cyber ​​Security

25 Ways to Make SOC More Efficient and Prevent Team Burnout

An open door

The September 2024 Security Update Review

The Rise of Fake Influencers

Bug left some Windows PCs dangerously unpatched

YARA Regulation: A Deep Dive into Signature-Based Threat Hunting Strategies

WordPress.org to Require 2FA for Plugin Developers Starting in October

Data Protection Commission launches investigation into Google AI model

Setting up a cybersecurity and privacy curriculum

UK data centres given critical infrastructure status, sparking Green Belt controversy

Record $65 Million Settlement Reached Between Saltz Mongeluzzi Bendesky and LVHN on Behalf of Cancer Patients Whose Nude Photos Were Hacked

Facebook scrapes photos of children from Australian user profiles to train its AI

Global Cybersecurity Index