Cyber Security BlogsA new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
Akira ransomware targets Finnish organizations
GitLab fixed a critical zero-click account hijacking flaw
Juniper Networks fixed a critical RCE bug in its firewalls and switches
Vast Voter Data Leaks Cast Shadow Over Indonesia ’s 2024 Presidential Election
Researchers created a PoC for Apache OFBiz flaw CVE-2023-51467
Team Liquid’s wiki leak exposes 118K users
CISA adds Ivanti and Microsoft SharePoint bugs to its Known Exploited Vulnerabilities catalog
Two zero-day bugs in Ivanti Connect Secure actively exploited
X Account of leading cybersecurity firm Mandiant was hacked because not adequately protected
Cisco fixed critical Unity Connection vulnerability CVE-2024-20272
ShinyHunters member sentenced to three years in prison
HMG Healthcare disclosed a data breach
Entire population of Brazil possibly exposed in massive data leak
Decryptor for Tortilla variant of Babuk ransomware released
Microsoft Patch Tuesday for January 2024 fixed 2 critical flaws
CISA adds Apache Superset bug to its Known Exploited Vulnerabilities catalog
LockBit ransomware gang claims the attack on Capital Health
Syrian group Anonymous Arabic distributes stealthy malware Silver RAT
Swiss Air Force sensitive files stolen in the hack of Ultra Intelligence & Communications
Saudi Ministry exposed sensitive data for 15 months
DoJ charged 19 individuals in a transnational cybercrime investigation xDedic Marketplace
Long-existing Bandook RAT targets Windows machines
A cyber attack hit the Beirut International Airport
Iranian crypto exchange Bit24.cash leaks user passports and IDs
Turkish Sea Turtle APT targets Dutch IT and Telecom firms
Cybercrime
Vast Voter Data Leaks Cast Shadow Over Indonesia’s 2024 Presidential Election
Finnish organizations targeted by Akira ransomware
Member of notorious international hacking crew sentenced to prison
Foreign National Sentenced for Conspiring to Launder Proceeds of Internet Fraud Schemes
Ransomware gang targets nonprofit providing clean water to world’s poorest
Malware
Thousands of Sites with Popup Builder Compromised by Balada Injector
Finnish organizations targeted by Akira ransomware
Decryptor for Babuk ransomware variant released after hacker arrested
You Had Me at Hi — Mirai-Based NoaBot Makes an Appearance
A GAMER TURNED MALWARE DEVELOPER : DIVING INTO SILVERRAT AND IT’S SYRIAN ROOTS
Hacking
Active Exploitation of Two Zero-Day Vulnerabilities in Ivanti Connect Secure VPN
Weaponizing Apache OFBiz CVE-2023-51467
Active Exploitation of Two Zero-Day Vulnerabilities in Ivanti Connect Secure VPN
China claims it cracked Apple’s AirDrop to find numbers, email addresses
Weaponizing Apache OFBiz CVE-2023-51467
Intelligence and Information Warfare
Chinese hackers invade critical US power and water systems: Report
Pro-Ukraine hackers breach Russian ISP in revenge for KyivStar attack
Nation-State Actors Weaponize Ivanti VPN Zero-Days, Deploying 5 Malware Families
China-Linked Volt Typhoon Hackers Possibly Targeting Australian, UK Governments
Cybersecurity
THE DECEMBER 2023 SECURITY UPDATE REVIEW
Ubiquiti Users Somehow Being Fed Access to Strangers’ Security Cameras
Exercise Crossed Swords Tests Allied Cyber Operations
Microsoft Cloud enables customers to keep all personal data within European Data Boundary
Why securing the OT environment against cyberattacks is vital
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, newsletter)
