Security Affairs Newsletter Round 523 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Yemeni Man Charged in Federal Indictment Alleging He Sent ‘Black Kingdom’ Malware to Extort Businesses, Schools, and Medical Clinics

A recent development has seen a Yemeni man charged with federal indictment allegations of sending the highly destructive malware known as 'Black Kingdom' to extort businesses, schools, and medical clinics. This malware is notorious for its ability to lock down systems and demand hefty ransom payments.

Big Game Ransomware: the myths experts tell board members

Security experts have weighed in on various aspects of Big Game Ransomware, dispelling several common myths that often surround this highly feared malware. From its origins to its motivations and methods, experts provide a comprehensive understanding of this ransomware variant.

DragonForce Ransomware Cartel attacks on UK high street retailers: walking in the front door

A recent report has shed light on the activities of DragonForce Ransomware Cartel, highlighting their involvement in targeting high street retailers across the UK. The cartel's tactics and strategies are explored in depth, providing valuable insights for businesses looking to protect themselves.

From Callback Phishing to Extortion: Luna Moth Abuse

Luna Moth abuse has been a significant concern for security experts in recent times. This type of malware is often used in phishing attacks, and its misuse can have devastating consequences. Experts discuss the tactics used by attackers and the importance of staying vigilant.

Reamaze Helpdesk and RMM Tools Against U.S. Legal and Financial Sectors

Reamaze has been working to provide advanced helpdesk and RMM tools designed specifically for legal and financial sectors in the US. These tools offer a range of features that can help protect these organizations from various security threats.

Uncovering Actor TTP Patterns and the Role of DNS in Investment Scams

Security experts have been working to uncover patterns of activity from attackers, particularly those involved in investment scams. The role of DNS in these schemes is a critical area of study, providing insights into how attackers operate.

Ransomware Attackers Leveraged Privilege Escalation Zero-day DDoS-for-hire empire brought down: Poland arrests 4 administrators, US seizes 9 domains

A significant development in the fight against ransomware has seen a zero-day DDoS-for-hire empire brought down. Polish authorities have arrested four individuals involved in this operation, while the US has seized nine domains.

LockBit ransomware gang hacked, victim negotiations exposed

The LockBit ransomware gang has been hit with a significant blow, as its hackers were compromised and their negotiations with victims exposed. This development offers insights into the inner workings of this notorious group.

Pakistani Firm Shipped Fentanyl Analogs, Scams to US PowerSchool hacker now extorting individual school districts

A Pakistani firm has been implicated in shipping fentanyl analogs and engaging in scams. The same individual responsible for targeting US PowerSchool is now extorting individual school districts.

Cyber criminal services target EoL Routers to Launch attack and hide their activities

Security experts have highlighted the growing threat of cybercriminal services that target end-of-life (EoL) routers. These attacks can allow attackers to launch sophisticated assaults and remain hidden.

Botnet Dismantled in International Operation, Russian and Kazakhstani Administrators Indicted

A significant operation has resulted in the dismantling of a botnet across several countries. The individuals responsible for managing this network have been indicted, marking an important step in combating cybercrime.

One Small Click for an Admin, One Giant Breach for the Organization

A recent incident highlights the significance of seemingly minor actions by administrators. A single click can unleash a devastating breach, emphasizing the importance of vigilance and robust security measures.

iClicker site hack targeted students with malware via fake CAPTCHA

The iClicker website has been compromised, targeting students with malware disguised as a CAPTCHA challenge. This attack demonstrates the ease with which attackers can infiltrate seemingly secure platforms.

Backdoor found in popular ecommerce components Stealthy Linux backdoor leveraging residential proxies and NHAS reverse SSH

A significant vulnerability has been discovered in various e-commerce components, allowing for a stealthy Linux backdoor. This malware leverages residential proxies and NHAS reverse SSH to remain undetected.

Malicious PyPI Package Targets Discord Developers with Remote Access Trojan

A malicious PyPI package has been identified as targeting Discord developers with a remote access Trojan (RAT). This highlights the ongoing threat of supply-chain attacks and the importance of secure software distribution channels.

Backdooring the IDE: Malicious npm Packages Hijack Cursor Editor on macOS

A malicious npm package has been found to hijack the cursor editor in macOS. This attack demonstrates the potential for attackers to exploit seemingly innocuous packages and tools.

Stay Vigilant, Stay Secure

As we navigate the ever-evolving landscape of cybersecurity threats, it is crucial that individuals and organizations remain vigilant. By staying informed and taking proactive steps, we can mitigate the impact of these attacks and protect ourselves from harm.