Código HTML do Conteúdo

Post: Security Affairs newsletter Round 543 by Pierluigi Paganini – INTERNATIONAL EDITION

<div> <h2>Security Affairs newsletter Round 543 by Pierluigi Paganini – INTERNATIONAL EDITION</h2> <h2>A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.</h2> Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. International Press – Newsletter Cybercrime<a target="_blank"></a> <a href="https://www.ic3.gov/PSA/2025/PSA250919" target="_blank">Threat Actors Spoofing the FBI IC3 Website for Possible Malicious Activity</a> <a href="https://medium.com/@nshcthreatrecon/hacking-activities-of-pro-russian-cyber-crime-group-targeting-korean-companies-8e349ae90401" target="_blank">Hacking Activities of Pro-Russian Cyber Crime Group Targeting Korean Companies</a> <a href="https://www.bleepingcomputer.com/news/security/canada-dismantles-tradeogre-exchange-seizes-40-million-in-crypto/" target="_blank">Canada dismantles TradeOgre exchange, seizes $40 million in crypto</a> <a href="https://www.securityweek.com/scattered-spider-suspect-arrested-in-us/" target="_blank">Scattered Spider Suspect Arrested in US</a> <a href="https://www.darktrace.com/blog/shadowv2-an-emerging-ddos-for-hire-botnet" target="_blank">ShadowV2: An emerging DDoS for hire botnet</a> <a href="https://krebsonsecurity.com/2025/09/feds-tie-scattered-spider-duo-to-115m-in-ransoms/" target="_blank">Feds Tie ‘Scattered Spider’ Duo to $115M in Ransoms</a> Volvo Group Employee Data Stolen in Ransomware Attack <a href="https://www.interpol.int/News-and-Events/News/2025/USD-439-million-recovered-in-global-financial-crime-operation" target="_blank">USD 439 million recovered in global financial crime operation</a> <a href="https://www.eurojust.europa.eu/news/eurojust-coordinates-action-halt-cryptocurrency-fraud-over-100-million-euros-across-europe" target="_blank">Eurojust coordinates action to halt cryptocurrency fraud of over 100 million euros across Europe</a> <a href="https://www.securityweek.com/european-airport-cyberattack-linked-to-obscure-ransomware-suspect-arrested/" target="_blank"></a> <a href="https://www.securityweek.com/european-airport-cyberattack-linked-to-obscure-ransomware-suspect-arrested/" target="_blank">European Airport Cyberattack Linked to Obscure Ransomware, Suspect Arrested</a> <a href="https://www.interpol.int/en/News-and-Events/News/2025/260-suspected-scammers-arrested-in-pan-African-cybercrime-operation" target="_blank">260 suspected scammers arrested in pan-African cybercrime operation</a> Ransomware attack on Ohio county impacts over 45,000 residents, employees Malware <a href="https://medium.com/deriv-tech/brewing-trouble-dissecting-a-macos-malware-campaign-90c2c24de5dc" target="_blank">Brewing Trouble — Dissecting a macOS Malware Campaign</a> <a href="https://blog.lastpass.com/posts/attack-targeting-macs-via-github-pages" target="_blank">Large-Scale Attack Targeting Macs via GitHub Pages Impersonating Companies to Attempt to Deliver Stealer Malware</a> <a href="https://www.ncsc.gov.uk/static-assets/documents/malware-analysis-reports/RayInitiator-LINE-VIPER/ncsc-mar-rayinitiator-line-viper.pdf" target="_blank">Malware Analysis Report RayInitiator & LINE VIPER</a> <a href="https://www.microsoft.com/en-us/security/blog/2025/09/25/xcsset-evolves-again-analyzing-the-latest-updates-to-xcssets-inventory/" target="_blank">XCSSET evolves again: Analyzing the latest updates to XCSSET’s inventory</a> <a href="https://www.f6.ru/blog/bearlyfy/" target="_blank">Bearlyfy: The Evolution of a New Ransomware Group and Its Connection to PhantomCore</a> <a href="https://securelist.ru/bo-team-upgrades-brockendoor-and-zeronetkit-backdoors/113536/" target="_blank">Updated BO Team Grouping Tools</a> Hacking <a href="https://www.f6.ru/blog/comicform/" target="_blank">ComicForm, start: F6 analysts have studied the phishing campaigns of a new attacker</a> <a href="https://bughunters.google.com/blog/4684191115575296/project-rain-l1tf" target="_blank">Project Rain:L1TF</a> <a href="https://www.crowdfense.com/cve-2025-53149-windows-ksthunk-heap-overflow/" target="_blank">Heap-based buffer overflow in Kernel Streaming WOW Thunk Service Driver – CVE-2025-53149</a> <a href="https://www.bleepingcomputer.com/news/security/cloudflare-mitigates-new-record-breaking-222-tbps-ddos-attack/" target="_blank">Cloudflare mitigates new record-breaking 22.2 Tbps DDoS attack</a> <a href="https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-266a" target="_blank">CISA Shares Lessons Learned from an Incident Response Engagement</a> <a href="https://www.bleepingcomputer.com/news/security/cisco-warns-of-ios-zero-day-vulnerability-exploited-in-attacks/" target="_blank">Cisco warns of IOS zero-day vulnerability exploited in attacks</a> <a href="https://www.wiz.io/blog/imds-anomaly-hunting-zero-day" target="_blank">IMDS Abused: Hunting Rare Behaviors to Uncover Exploits</a> <a href="https://sec.cloudapps.cisco.com/security/center/resources/asa_ftd_continued_attacks" target="_blank">Cisco Event Response: Continued Attacks Against Cisco Firewalls</a> <a href="https://attackerkb.com/topics/LbA9ANjcdz/cve-2025-10035/rapid7-analysis" target="_blank">Technical Analysis – CVE-2025-10035</a> <a href="https://labs.watchtowr.com/it-is-bad-exploitation-of-fortra-goanywhere-mft-cve-2025-10035-part-2/" target="_blank">It Is Bad (Exploitation of Fortra GoAnywhere MFT CVE-2025-10035) – Part 2</a> <a href="https://noma.security/blog/forcedleak-agent-risks-exposed-in-salesforce-agentforce/" target="_blank">ForcedLeak: AI Agent risks exposed in Salesforce AgentForce</a> <a href="https://www.fortinet.com/blog/threat-research/svg-phishing-hits-ukraine-with-amatera-stealer-pureminer" target="_blank">SVG Phishing hits Ukraine with Amatera Stealer, PureMiner</a> Intelligence and Information Warfare <a href="https://www.group-ib.com/blog/muddywater-infrastructure-malware/" target="_blank">Mapping the Infrastructure and Malware Ecosystem of MuddyWater</a> <a href="https://www.zmescience.com/future/inside-palantir-the-secretive-tech-company-helping-the-us-government-build-a-massive-web-of-surveillance/" target="_blank">Inside Palantir: The Secretive Tech Company Helping the US Government Build a Massive Web of Surveillance</a> <a href="https://www.secretservice.gov/newsroom/releases/2025/09/us-secret-service-dismantles-imminent-telecommunications-threat-new-york" target="_blank">U.S. Secret Service dismantles imminent telecommunications threat in New York tristate area</a> <a href="https://www.nytimes.com/2025/09/23/us/politics/secret-service-sim-cards-servers-un.html" target="_blank">Cache of Devices Capable of Crashing Cell Network Is Found Near U.N.</a> <a href="https://techcrunch.com/2025/09/18/ice-unit-signs-new-3-million-contract-for-phone-hacking-tech/" target="_blank">ICE unit signs new $3M contract for phone-hacking tech</a> <a href="https://unit42.paloaltonetworks.com/operation-rewrite-seo-poisoning-campaign/" target="_blank">Operation Rewrite: Chinese-Speaking Threat Actors Deploy BadIIS in a Wide Scale SEO Poisoning Campaign</a><a href="https://www.securityweek.com/libraesva-email-security-gateway-vulnerability-exploited-by-nation-state-hackers/" target="_blank"></a> <a href="https://www.securityweek.com/libraesva-email-security-gateway-vulnerability-exploited-by-nation-state-hackers/" target="_blank">Libraesva Email Security Gateway Vulnerability Exploited by Nation-State Hackers</a> <a href="https://cloud.google.com/blog/topics/threat-intelligence/brickstorm-espionage-campaign" target="_blank">Another BRICKSTORM: Stealthy Backdoor Enabling Espionage into Tech and Legal Sectors</a> <a href="https://www.ncsc.gov.uk/news/persistent-malicious-targeting-cisco-devices" target="_blank">NCSC warns of persistent malware campaign targeting Cisco devices</a> <a href="https://blog.talosintelligence.com/how-rainyday-turian-and-a-new-plugx-variant-abuse-dll-search-order-hijacking/" target="_blank">How RainyDay, Turian and a new PlugX variant abuse DLL search order hijacking</a> <a href="https://www.welivesecurity.com/en/eset-research/deceptivedevelopment-from-primitive-crypto-theft-to-sophisticated-ai-based-deception/" target="_blank">DeceptiveDevelopment: From primitive crypto theft to sophisticated AI-based deception</a> <a href="https://www.recordedfuture.com/research/rednovember-targets-government-defense-and-technology-organizations" target="_blank">RedNovember Targets Government, Defense, and Technology Organizations</a> <a href="https://www.securityweek.com/microsoft-reduces-israels-access-to-cloud-and-ai-products-over-reports-of-mass-surveillance-in-gaza/" target="_blank"></a> <a href="https://www.securityweek.com/microsoft-reduces-israels-access-to-cloud-and-ai-products-over-reports-of-mass-surveillance-in-gaza/" target="_blank">Microsoft Reduces Israel’s Access to Cloud and AI Products Over Reports of Mass Surveillance in Gaza</a> Cybersecurity <a href="https://www.dw.com/en/european-airports-disruption-due-to-ransomware-eu-agency/a-74073365" target="_blank">European airports disruption due to ransomware — EU agency</a> <a href="https://therecord.media/stellantis-investigates-cyber-incident" target="_blank">Auto giant Stellantis investigating data breach following ‘unauthorized access’</a> <a href="https://home.treasury.gov/system/files/136/G7-Cyber-Expert-Group-Statement-AI-and-Cybersecurity-2025.pdf" rel="noreferrer noopener" target="_blank">Statement on AI and Cybersecurity</a> <a href="https://techcrunch.com/2025/09/23/european-airports-still-dealing-with-disruptions-days-after-ransomware-attack/" target="_blank">European airports still dealing with disruptions days after ransomware attack</a> <a href="https://thehackernews.com/2025/09/solarwinds-releases-hotfix-for-critical.html" target="_blank">SolarWinds Releases Hotfix for Critical CVE-2025-26399 Remote Code Execution Flaw</a> <a href="https://www.cisa.gov/news-events/directives/ed-25-03-identify-and-mitigate-potential-compromise-cisco-devices" target="_blank">CISA: ED 25-03: Identify and Mitigate Potential Compromise of Cisco Devices</a> <a href="https://therecord.media/cyberattack-jaguar-land-rover-economic-growth-uk-government" target="_blank">Cyberattack on Jaguar Land Rover threatens to hit British economic growth</a> <a href="https://www.cyber.gc.ca/en/news-events/statement-canadian-centre-cyber-security-malware-targeting-global-organizations-through-cisco-systems" target="_blank">Statement from the Canadian Centre for Cyber Security on malware targeting global organizations through Cisco Systems</a> <a href="https://www.theregister.com/2025/09/26/brits_warned_as_illegal_robocallers/" target="_blank"></a> <a href="https://www.theregister.com/2025/09/26/brits_warned_as_illegal_robocallers/" target="_blank">Brits warned as illegal robo-callers with offshored call centers fined half a million</a> <a href="https://gcore.com/resources/gcore-radar-attack-trends-q1-q2-2025" target="_blank">Gcore Radar Attack Trends Q1‑Q2 2025</a> <a href="https://techcrunch.com/2025/09/25/viral-call-recording-app-neon-goes-dark-after-exposing-users-phone-numbers-call-recordings-and-transcripts/" target="_blank">Viral call-recording app Neon goes dark after exposing users’ phone numbers, call recordings, and transcripts</a> Follow me on Twitter:<a href="https://twitter.com/securityaffairs" target="_blank">@securityaffairs</a>and<a href="https://www.facebook.com/sec.affairs" target="_blank">Facebook</a>and<a href="https://infosec.exchange/@securityaffairs" target="_blank">Mastodon</a> <a href="http://www.linkedin.com/pub/pierluigi-paganini/b/742/559" target="_blank">PierluigiPaganini</a> (<a href="http://securityaffairs.co/wordpress/" target="_blank">SecurityAffairs</a>–hacking,newsletter) <hr> <hr> </div>