A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.—————————————————————————————————————————————————–Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.[Is the INC ransomware gang behind the attack on McLaren hospitals?](https://securityaffairs.com/166851/cyber-crime/mclaren-hospitals-attack.html) [Crooks took control of a cow milking robot causing the death of a cow](https://securityaffairs.com/166839/cyber-crime/cow-milking-robot-hacked.html) [Sonos smart speakers flaw allowed to eavesdrop on users](https://securityaffairs.com/166823/hacking/sonos-smart-speakers-flaw.html) [Five zero-days impacts EoL Cisco Small Business IP Phones. Replace them with newer models asap!](https://securityaffairs.com/166811/uncategorized/zero-days-eof-small-business-ip-phones.html) [CISA adds Apache OFBiz and Android kernel bugs to its Known Exploited Vulnerabilities catalog](https://securityaffairs.com/166782/hacking/cisa-adds-apache-ofbiz-and-android-kernel-bugs-known-exploited-vulnerabilities-catalog.html) [Russian cyber spies stole data and emails from UK government systems](https://securityaffairs.com/166795/intelligence/russia-hacked-uk-government-systems.html) [0.0.0.0 Day flaw allows malicious websites to bypass security in major browsers](https://securityaffairs.com/166765/hacking/0-0-0-0-day-browsers-attack.html) [FBI and CISA update a joint advisory on the BlackSuit Ransomware group](https://securityaffairs.com/166760/hacking/blacksuit-ransomware-group-advisory.html) [Rhysida Ransomware group claims to have breached Bayhealth Hospital in Delaware](https://securityaffairs.com/166749/cyber-crime/rhysida-ransomware-bayhealth-hospital.html) [Critical XSS bug in Roundcube Webmail allows attackers to steal emails and sensitive data](https://securityaffairs.com/166736/hacking/critical-xss-bug-in-roundcube-webmail.html) [New Android spyware LianSpy relies on Yandex Cloud to avoid detection](https://securityaffairs.com/166680/malware/new-android-spyware-lianspy-relies-on-yandex-cloud-to-avoid-detection.html) [Hackers breached MDM firm Mobile Guardian and wiped thousands of devices](https://securityaffairs.com/166710/hacking/mobile-guardian-firm-security-breach.html) [A ransomware attack hit French museum network](https://securityaffairs.com/166696/cyber-crime/ransomware-attack-french-museum-network.html) [CISA adds Microsoft COM for Windows bug to its Known Exploited Vulnerabilities catalog](https://securityaffairs.com/166670/security/cisa-microsoft-com-for-windows-known-exploited-vulnerabilities-catalog.html) [Google warns of an actively exploited Android kernel flaw](https://securityaffairs.com/166656/breaking-news/google-actively-exploited-android-kernel-flaw.html) [Should Organizations Pay Ransom Demands?](https://securityaffairs.com/166650/uncategorized/ransomware-organizations-should-avoid-paying-ransoms.html) [Keytronic incurred approximately $17 million of expenses following ransomware attack](https://securityaffairs.com/166595/data-breach/keytronic-lost-revenue-exceeding-17m.html) [A flaw in Rockwell Automation ControlLogix 1756 could expose critical control systems to unauthorized access](https://securityaffairs.com/166581/ics-scada/rockwell-automation-controllogix-1756-flaw.html) [China-linked APT41 breached Taiwanese research institute](https://securityaffairs.com/166562/breaking-news/apt41-breached-taiwanese-gov-research-institute.html) [Chinese StormBamboo APT compromised ISP to deliver malware](https://securityaffairs.com/166552/apt/stormbamboo-compromised-isp-malware.html) [Hackers attempt to sell the personal data of 3 billion people resulting from an April data breach](https://securityaffairs.com/166539/data-breach/personal-data-3-billion-people-data-breach.html)**International Press — Newsletter****Cybercrime**[Personal Data of 3 Billion People Stolen in Hack, Suit Says](https://news.bloomberglaw.com/privacy-and-data-security/background-check-data-of-3-billion-stolen-in-breach-suit-says)[Cryptonator founder indicted after platform found handling $235 million in illicit funds](https://therecord.media/cryptonator-cryptocurrency-exchange-founder-indictment)[SharpRhino — New Hunters International RAT identified by Quorum Cyber](https://www.quorumcyber.com/insights/sharprhino-new-hunters-international-rat-identified-by-quorum-cyber/)[French museum network hit by ransomware attack, but no disruptions are reported at Olympic events](https://apnews.com/article/paris-2024-ransomware-museums-olympic-competitions-12a1facc4a245e2e58f229cfc041beac)[Police recover over USD 40 million from international email scam](https://www.interpol.int/News-and-Events/News/2024/Police-recover-over-USD-40-million-from-international-email-scam)[USPS Text Scammers Duped His Wife, So He Hacked Their Operation](https://www.wired.com/story/usps-scam-text-smishing-triad/)**Malware**[Surge in Magniber ransomware attacks impact home users worldwide](https://www.bleepingcomputer.com/news/security/surge-in-magniber-ransomware-attacks-impact-home-users-worldwide/)[BlankBot — a new Android banking trojan with screen recording, keylogging and remote control capabilities](https://intel471.com/blog/blankbot-a-new-android-banking-trojan-with-screen-recording-keylogging-and-remote-control-capabilities)[LianSpy: new Android spyware targeting Russian users](https://securelist.com/lianspy-android-spyware/113253/)[Royal Ransomware Actors Rebrand as ‘BlackSuit,’ FBI and CISA Release Update to Advisory](https://www.cisa.gov/news-events/alerts/2024/08/07/royal-ransomware-actors-rebrand-blacksuit-fbi-and-cisa-release-update-advisory)[New Widespread Extension Trojan Malware Campaign](https://reasonlabs.com/research/new-widespread-extension-trojan-malware-campaign)**Hacking**[Bypassing Rockwell Automation Logix Controllers’ Local Chassis Security Protection](https://claroty.com/team82/research/bypassing-rockwell-automation-logix-controllers-local-chassis-security-protection)[Linux kernel impacted by new SLUBStick cross-cache attack](https://www.bleepingcomputer.com/news/security/linux-kernel-impacted-by-new-slubstick-cross-cache-attack/)[Bloody Wolf strikes organizations in Kazakhstan with STRRAT commercial malware](https://bi.zone/eng/expertise/blog/bloody-wolf-primenyaet-kommercheskoe-vpo-strrat-protiv-organizatsiy-v-kazakhstane/)[Hacker wipes 13,000 devices after breaching classroom management platform](https://www.bleepingcomputer.com/news/security/hacker-wipes-13-000-devices-after-breaching-classroom-management-platform/)[Government Emails at Risk: Critical Cross-Site Scripting Vulnerability in Roundcube Webmail](https://www.sonarsource.com/blog/government-emails-at-risk-critical-cross-site-scripting-vulnerability-in-roundcube-webmail/)[0.0.0.0 Day: Exploiting Localhost APIs From the Browser](https://www.oligo.security/blog/0-0-0-0-day-exploiting-localhost-apis-from-the-browser)[BlackHat USA 2024 — Listen-Up: Sonos Over-The-Air Remote Kernel Exploitation and Covert Wiretap](https://www.nccgroup.com/us/research-blog/blackhat-usa-2024-listen-up-sonos-over-the-air-remote-kernel-exploitation-and-covert-wiretap/)[‘Sinkclose’ Flaw in Hundreds of Millions of AMD Chips Allows Deep, Virtually Unfixable Infections](https://www.wired.com/story/amd-chip-sinkclose-flaw/)[E.U. Regulations Made the CrowdStrike Fiasco Much Worse](https://reason.com/2024/08/09/e-u-regulations-made-the-crowdstrike-fiasco-much-worse/)[Hotel to Search Rooms During DEF CON Hacking Conference](https://www.404media.co/hotel-to-search-rooms-during-def-con-hacking-conference/)**Intelligence and Information Warfare**[StormBamboo Compromises ISP to Abuse Insecure Software Update Mechanisms](https://www.volexity.com/blog/2024/08/02/stormbamboo-compromises-isp-to-abuse-insecure-software-update-mechanisms/)[APT41 likely compromised Taiwanese government-affiliated research institute with ShadowPad and Cobalt Strike](https://blog.talosintelligence.com/chinese-hacking-group-apt41-compromised-taiwanese-government-affiliated-research-institute-with-shadowpad-and-cobaltstrike-2/)[North Korean hackers exploit VPN update flaw to install malware](https://www.bleepingcomputer.com/news/security/north-korean-hackers-exploit-vpn-update-flaw-to-install-malware/)[Moscow’s Spies Were Stealing US Tech — Until the FBI Started a Sabotage Campaign](https://www.politico.com/news/magazine/2024/08/04/us-spies-soviet-technology-00164126)[How the FBI Is Hunting North Korean Hackers Who Attacked U.S. Healthcare System](https://www.404media.co/how-the-fbi-is-hunting-north-korean-hackers-who-attacked-u-s-healthcare-system/)[Stressed Pungsan: DPRK-aligned threat actor leverages npm for initial access](https://securitylabs.datadoghq.com/articles/stressed-pungsan-dprk-aligned-threat-actor-leverages-npm-for-initial-access/)[Exclusive: Russian spies hacked UK government systems earlier this year, stole data and emails](https://therecord.media/russia-hack-uk-government-home-office-microsoft)**Cybersecurity**[The human body is the next cyber battlefield — and I’m living proof](https://thehill-com.cdn.ampproject.org/c/s/thehill.com/opinion/cybersecurity/4804186-bio-hacking-cybersecurity-threats/amp/)[Elon Musk’s X under pressure from regulators over data harvesting for Grok AI](https://www.theguardian.com/technology/article/2024/jul/26/elon-musks-x-under-pressure-from-regulators-over-data-harvesting-for-grok-ai)[How the theft of 40M UK voter register records was entirely preventable](https://techcrunch.com/2024/08/02/how-the-theft-of-40-million-uk-voter-register-records-was-entirely-preventable/)[SonicWall Discovers Second Critical Apache OFBiz Zero-Day Vulnerability](https://blog.sonicwall.com/en-us/2024/08/sonicwall-discovers-second-critical-apache-ofbiz-zero-day-vulnerability/)[Google Patches New Android Kernel Vulnerability Exploited in the Wild](https://thehackernews.com/2024/08/google-patches-new-android-kernel.html)[CrowdStrike trying to use legal threats to suppress criticism and parody of global IT outage](https://doublepulsar.com/crowdstrike-trying-to-use-legal-threats-to-suppress-criticism-and-parody-of-global-it-outage-49320e922120)[Leaked Documents Show Nvidia Scraping ‘A Human Lifetime’ of Videos Per Day to Train AI](https://www.404media.co/nvidia-ai-scraping-foundational-model-cosmos-project/)[Industry report says 92% of ICT jobs will be transformed by AI](https://www.euractiv.com/section/economy-jobs/news/industry-report-says-92-of-ict-jobs-will-be-transformed-by-ai/)[Crowdstrike Channel File 291 Incident: Root Cause Analysis is Available](https://www.crowdstrike.com/blog/channel-file-291-rca-available/)[macOS Sequoia brings better Gatekeeper, stalkerware protections](https://www.bleepingcomputer.com/news/apple/macos-sequoia-brings-better-gatekeeper-stalkerware-protections/)[Cisco warns of critical RCE zero-days in end of life IP phones](https://www.bleepingcomputer.com/news/security/cisco-warns-of-critical-rce-zero-days-in-end-of-life-ip-phones/)[Microsoft Hits Back at Delta After the Airline Said Last Month’s Tech Outage Cost It $500 Million](https://www.securityweek.com/microsoft-hits-back-at-delta-after-the-airline-said-last-months-tech-outage-cost-it-500-million/)Follow me on Twitter: [**@securityaffairs**](https://twitter.com/securityaffairs) and [**Facebook**](https://www.facebook.com/sec.affairs) and [Mastodon](https://infosec.exchange/@securityaffairs)[**Pierluigi Paganini**](http://www.linkedin.com/pub/pierluigi-paganini/b/742/559)**(** [**SecurityAffairs**](http://securityaffairs.co/wordpress/)**–** **hacking, newsletter)**
Related Tags:
Brass Typhoon
NAICS: 712 – Museums
Historical Sites
Similar Institutions
NAICS: 486 – Pipeline Transportation
NAICS: 48 – Transportation
NAICS: 921 – Executive
Legislative
Other General Government Support
NAICS: 71 – Arts
Entertainment
Recreation
NAICS: 54 – Professional
Scientific
Technical Services
NAICS: 72 – Accommodation And Food Services
NAICS: 334 – Computer And Electronic Product Manufacturing
Associated Indicators: