A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.—————————————————————————————————————————————————–Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.[Hackers stole over $44 million from Asian crypto platform BingX](https://securityaffairs.com/168703/cyber-crime/hackers-stole-44m-from-bingx.html) [OP KAERB: Europol dismantled phishing scheme targeting mobile users](https://securityaffairs.com/168692/cyber-crime/op-kaerb-europol-dismantled-phishing-scheme.html) [Ukraine bans Telegram for government agencies, military, and critical infrastructure](https://securityaffairs.com/168674/cyber-warfare-2/ukraine-nccc-banned-telegram-military-government.html) [Tor Project responded to claims that law enforcement can de-anonymize Tor users](https://securityaffairs.com/168667/security/tor-project-commented-on-deanonymizing-technique.html) [UNC1860 provides Iran-linked APTs with access to Middle Eastern networks](https://securityaffairs.com/168656/apt/unc1860-provides-iran-linked-apts-access-middle-east.html) [US DoJ charged two men with stealing and laundering $230 Million worth of cryptocurrency](https://securityaffairs.com/168647/cyber-crime/us-doj-charged-two-men-stealing-laundering-230m.html) [The Vanilla Tempest cybercrime gang used INC ransomware for the first time in attacks on the healthcare sector](https://securityaffairs.com/168633/uncategorized/vanilla-tempest-used-inc-ransomware.html) [U.S. CISA adds new Ivanti Cloud Services Appliance Vulnerability to its Known Exploited Vulnerabilities catalog](https://securityaffairs.com/168626/hacking/u-s-cisa-adds-ivanti-csa-flaw-known-exploited-vulnerabilities-catalog.html) [Ivanti warns of a new actively exploited Cloud Services Appliance (CSA) flaw](https://securityaffairs.com/168617/security/ivanti-cloud-services-appliance-cve-2024-8963.html) [International law enforcement operation dismantled criminal communication platform Ghost](https://securityaffairs.com/168575/cyber-crime/police-dismantled-criminal-communication-platform-ghost.html) [U.S. CISA adds Microsoft Windows, Apache HugeGraph-Server, Oracle JDeveloper, Oracle WebLogic Server, and Microsoft SQL Server bugs to its Known Exploited Vulnerabilities catalog](https://securityaffairs.com/168592/security/u-s-cisa-windows-apache-hugegraph-oracle-jdeveloper-oracle-weblogic-sql-server-bugs-to-its-known-exploited-vulnerabilities-catalog.html) [SIEM for Small and Medium-Sized Enterprises: What you need to know](https://securityaffairs.com/168584/security/siem-sbms-enterprises.html) [Antivirus firm Dr.Web disconnected all servers following a cyberattack](https://securityaffairs.com/168577/hacking/antivirus-firm-dr-web-suffers-cyberattack.html) [Experts warn of China-linked APT’s Raptor Train IoT Botnet](https://securityaffairs.com/168563/malware/raptor-train-botnet-iot.html) [Credential Flusher, understanding the threat and how to protect your login data](https://securityaffairs.com/168557/cyber-crime/credential-flusher.html) [U.S. Treasury issued fresh sanctions against entities linked to the Intellexa Consortium](https://securityaffairs.com/168550/security/intellexa-consortium-sactions.html) [Broadcom fixed Critical VMware vCenter Server flaw CVE-2024-38812](https://securityaffairs.com/168536/security/vmware-vcenter-server-cve-2024-38812.html) [Remote attack on pagers used by Hezbollah caused 9 deaths and thousands of injuries](https://securityaffairs.com/168521/intelligence/remote-attack-on-pagers-used-by-hezbollah.html) [Chinese man charged for spear-phishing against NASA and US Government](https://securityaffairs.com/168514/cyber-crime/chinese-man-spear-phishing-nasa-us-government.html) [Data Breach](https://securityaffairs.com/168480/data-breach/qilin-attack-on-synnovis-impacted-900000-patients.html) [Qilin ransomware attack on Synnovis impacted over 900,000 patients](https://securityaffairs.com/168480/data-breach/qilin-attack-on-synnovis-impacted-900000-patients.html) [D-Link addressed three critical RCE in wireless router models](https://securityaffairs.com/168471/security/d-link-rce-wireless-router-models.html) [Apple dismisses lawsuit against surveillance firm NSO Group due to risk of threat intelligence exposure](https://securityaffairs.com/168450/laws-and-regulations/apple-drops-lawsuit-against-nso-group.html) [Hacker tricked ChatGPT into providing detailed instructions to make a homemade bomb](https://securityaffairs.com/168423/hacking/chatgpt-provided-instructions-to-make-homemade-bombs.html) [Port of Seattle confirmed that Rhysida ransomware gang was behind the August attack](https://securityaffairs.com/168412/cyber-crime/port-of-seattle-rhysida-ransomware.html)**International Press — Newsletter****Cybercrime**[Samourai and Tornado Cash both pinning hopes on upcoming ruling](https://protos.com/samourai-and-tornado-cash-both-pinning-hopes-on-upcoming-ruling/)[Cyberattack on Kansas water treatment facility investigated by feds](https://www.scworld.com/news/cyberattack-on-kansas-water-treatment-facility-investigated-by-feds)[Modified LockBit and Conti ransomware shows up in DragonForce gang’s attacks](https://therecord.media/lockbit-conti-dragonforce-ransomware-cybercrime)[Inside the Dragon: DragonForce Ransomware Group](https://www.group-ib.com/blog/dragonforce-ransomware/)[Two Russian Nationals Charged in Connection with Operating Billion Dollar Money Laundering Services](https://www.justice.gov/opa/pr/two-russian-nationals-charged-connection-operating-billion-dollar-money-laundering-1)[Telegram’s New Rules Push Criminal Groups to Flee the Platform](https://dailydarkweb.net/telegrams-new-rules-push-criminal-groups-to-flee-the-platform/)[Security Brief: Actor Uses Compromised Accounts, Customized Social Engineering to Target Transport and Logistics Firms with Malware](https://www.proofpoint.com/us/blog/threat-insight/security-brief-actor-uses-compromised-accounts-customized-social-engineering)[Administrator account blamed for rail terror message hack](https://www.bbc.com/news/articles/cr75znv47xpo)[OFAC and FinCEN target major Russian money laundering services including Cryptex and PM2BTC](https://www.elliptic.co/blog/ofac-and-fincen-target-major-russian-money-laundering-services-including-cryptex-and-pm2btc)[Seizure of 7 million euros of crypto currency and 2 crypto currency exchanges offline](https://www.fiod.nl/seizure-of-7-million-euros-of-crypto-currency-and-2-crypto-currency-exchanges-offline/)[Crypto scammers hack OpenAI’s press account on X](https://techcrunch.com/2024/09/23/crypto-scammers-hack-openais-press-account-on-x/)[Storm-0501: Ransomware attacks expanding to hybrid cloud environments](https://www.microsoft.com/en-us/security/blog/2024/09/26/storm-0501-ransomware-attacks-expanding-to-hybrid-cloud-environments/)[Kuwait Health Ministry restoring systems after cyberattack takes down hospitals, healthcare app](https://therecord.media/kuwait-ministry-restoring-systems-cyberattack)[Wallet Scam: A Case Study in Crypto Drainer Tactics](https://research.checkpoint.com/2024/wallet-scam-a-case-study-in-crypto-drainer-tactics/)**Malware**[How the Necro Trojan infiltrated Google Play, again](https://securelist.com/necro-trojan-is-back-on-google-play/113881/)[Kryptina RaaS -| From Unsellable Cast-Off to Enterprise Ransomware](https://www.sentinelone.com/labs/kryptina-raas-from-unsellable-cast-off-to-enterprise-ransomware/)[Infostealer malware bypasses Chrome’s new cookie-theft defenses](https://www.bleepingcomputer.com/news/security/infostealer-malware-bypasses-chromes-new-cookie-theft-defenses/)[AI-Generated Malware Found in the Wild](https://www.securityweek.com/ai-generated-malware-found-in-the-wild/)[‘Marko Polo’ Navigates Uncharted Waters With Infostealer Empire](http://go.recordedfuture.com/hubfs/reports/cta-2024-0917.pdf)[Octo2: European Banks Already Under Attack by New Malware Variant](https://www.threatfabric.com/blogs/octo2-european-banks-already-under-attack-by-new-malware-variant)**Hacking**[Hacking Kia: Remotely Controlling Cars With Just a License Plate](https://samcurry.net/hacking-kia)[4 exploits, 1 bug: exploiting cve-2024-20017 4 different ways](https://blog.coffinsec.com/0day/2024/08/30/exploiting-CVE-2024-20017-four-different-ways.html)[LLM’s New Achilles Heel: When Prompts Become Exploits](https://www.linkedin.com/pulse/llms-new-achilles-heel-when-prompts-become-exploits-luca-sambucci-caabf/)[A collection of Semgrep rules to facilitate vulnerability research](https://github.com/0xdea/semgrep-rules)[CVEs Targeting Remote Access Technologies](https://www.hackmageddon.com/2024/04/22/cves-targeting-remote-access-technologies/)[Hezbollah likely to launch retaliatory cyberattack on Israel, expert says](https://www.jpost.com/israel-news/article-821342)[Rethinking Red Teaming for AI: The new wave of Cybersecurity in the age of AI](https://hakin9.org/rethinking-red-teaming-for-ai-from-cybersecurity-to-ai-security/)[Israeli Group Claims Lebanon Water Hack as CISA Reiterates Warning on Simple ICS Attacks](https://www.securityweek.com/israeli-group-claims-lebanon-water-hack-as-cisa-reiterates-warning-on-simple-ics-attacks/)[Attacking UNIX Systems via CUPS, Part I](https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I/) [Highly Anticipated Linux Flaw Allows Remote Code Execution, but Less Serious Than Expected](https://www.securityweek.com/#:~:text=UltraAV%20gradually%20progresses.-,Highly%20Anticipated%20Linux%20Flaw%20Allows%20Remote%20Code%20Execution%2C%20but%20Less%20Serious%20Than%20Expected,-A%20researcher%20has)[Tosint: Open-source Telegram OSINT tool](https://www.helpnetsecurity.com/2024/09/27/tosint-open-source-telegram-osint-tool/)**Intelligence and Information Warfare**[GreyNoise Reveals New Internet Noise Storm: Secret Messages and the China Connection](https://www.greynoise.io/blog/greynoise-reveals-new-internet-noise-storm-secret-messages-and-the-china-connection)[-=TWELVE=- is back](https://securelist.com/twelve-group-unified-kill-chain/113877/)[Earth Baxia Uses Spear-Phishing and GeoServer Exploit to Target APAC](https://www.trendmicro.com/en_us/research/24/i/earth-baxia-spear-phishing-and-geoserver-exploit.html)[Gleaming Pisces Poisoned Python Packages Campaign Delivers PondRAT Linux and MacOS Backdoors](https://unit42.paloaltonetworks.com/gleaming-pisces-applejeus-poolrat-and-pondrat/)[‘Get away from Hezbollah’: Has Israel hacked Lebanon’s telecoms networks?](https://www.aljazeera.com/news/2024/9/23/get-away-from-hezbollah-has-israel-hacked-lebanons-telecoms-networks)[Iran linked hacker group Handala Hack Team claim pager explosions linked to Israeli battery company](https://doublepulsar.com/hacker-group-handala-hack-team-claim-battery-explosions-linked-to-israeli-battery-company-5bea086280cd)[Norway starts probe into reported links to exploding pagers in Lebanon](https://www.swissinfo.ch/eng/norway-starts-probe-into-reported-links-to-exploding-pagers-in-lebanon/87613418)[Thousands of Capitol Hill staffers’ info spilled across dark web, security firm says](https://www.washingtontimes.com/news/2024/sep/24/thousands-of-capitol-hill-staffers-info-spilled-ac/)[Cyberespionage the Gamaredon way: Analysis of toolset used to spy on Ukraine in 2022 and 2023](https://www.welivesecurity.com/en/eset-research/cyberespionage-gamaredon-way-analysis-toolset-used-spy-ukraine-2022-2023/)[China-Linked Hackers Breach U.S. Internet Providers in New ‘Salt Typhoon’ Cyberattack](https://www.wsj.com/politics/national-security/china-cyberattack-internet-providers-260bd835)[China’s satellites are dodging US eyes in space](https://www.defenseone.com/technology/2024/09/one-way-learn-about-us-spy-satellites-china/399816/)[Unraveling Sparkling Pisces’s Tool Set: KLogEXE and FPSpy](https://unit42.paloaltonetworks.com/kimsuky-new-keylogger-backdoor-variant/)[Sophistication of AI-backed operation targeting senator points to future of deepfake schemes](https://apnews.com/article/deepfake-cardin-ai-artificial-intelligence-879a6c2ca816c71d9af52a101dedb7ff)[Three IRGC Cyber Actors Indicted for ‘Hack-and-Leak’ Operation Designed to Influence the 2024 U.S. Presidential Election](https://www.justice.gov/opa/pr/three-irgc-cyber-actors-indicted-hack-and-leak-operation-designed-influence-2024-us)**Cybersecurity**[Nearly 40% of FAA air traffic control systems need urgent updates, GAO reports](https://www.nextgov.com/modernization/2024/09/nearly-40-faa-air-traffic-control-systems-need-urgent-updates-gao-reports/399742/)[Telegram Changes Policy, Says It Will Provide User Data to Authorities](https://www.404media.co/telegram-changes-policy-says-it-will-provide-user-data-to-authorities/) [](https://www.theregister.com/2024/09/23/moneygram_cybersecurity_issue/)[‘Cybersecurity issue’ takes MoneyGram offline for three days — and counting](https://www.theregister.com/2024/09/23/moneygram_cybersecurity_issue/)[Kaspersky deletes itself, installs UltraAV antivirus without warning](https://www.bleepingcomputer.com/news/security/kaspersky-deletes-itself-installs-ultraav-antivirus-without-warning/)[HP Wolf Security Threat Insights Report: September 2024](https://threatresearch.ext.hp.com/hp-wolf-security-threat-insights-report-september-2024/)[Google -& Arm — Raising The Bar on GPU Security](https://security.googleblog.com/2024/09/google-arm-raising-bar-on-gpu-security.html)[Increased Cybersecurity Essential For NGOs: Help Available](https://www.forbes.com/sites/davidhessekiel/2024/09/19/increased-cybersecurity-essential-for-ngos-help-available/)[Firefox tracks you with ‘privacy preserving’ feature](https://noyb.eu/en/firefox-tracks-you-privacy-preserving-feature)[Cyber house of cards — Politicians’ and staffers’ personal details exposed online](https://proton.me/blog/politicians-exposed-dark-web)[NATO is testing out this decentralized messenger for communications between member nations](https://www.fastcompany.com/91194828/nato-is-testing-out-this-decentralized-messenger-for-communications-between-member-nations)[Kaspersky defends force-replacing its security software without users’ explicit consent](https://techcrunch.com/2024/09/26/kaspersky-defends-automatically-force-replacing-its-software-without-users-explicit-consent/)[Threat Actors Continue to Exploit OT/ICS through Unsophisticated Means](https://www.cisa.gov/news-events/alerts/2024/09/25/threat-actors-continue-exploit-otics-through-unsophisticated-means)[Uniting for Internet Freedom: Tor Project -& Tails Join Forces](https://tails.net/news/tails_tor/index.en.html)[Microsoft’s more secure Windows Recall feature can also be uninstalled by users](https://www.theverge.com/2024/9/27/24255721/microsoft-windows-recall-ai-security-improvements-overhaul-uninstall)[Irish Data Protection Commission fines Meta Ireland €91 million](https://www.dataprotection.ie/en/news-media/press-releases/DPC-announces-91-million-fine-of-Meta)Follow me on Twitter: [**@securityaffairs**](https://twitter.com/securityaffairs) and [**Facebook**](https://www.facebook.com/sec.affairs) and [Mastodon](https://infosec.exchange/@securityaffairs)**Subscribe to the newsletter for free here:**[**https://www.linkedin.com/build-relation/newsletter-follow?entityUrn=7093942975545667584**](https://www.linkedin.com/build-relation/newsletter-follow?entityUrn=7093942975545667584)[**Pierluigi Paganini**](http://www.linkedin.com/pub/pierluigi-paganini/b/742/559)**(** [**SecurityAffairs**](http://securityaffairs.co/wordpress/)**–** **hacking, newsletter)**
Related Tags:
NAICS: 484 – Truck Transportation
NAICS: 48 – Transportation
NAICS: 921 – Executive
Legislative
Other General Government Support
NAICS: 71 – Arts
Entertainment
Recreation
NAICS: 335 – Electrical Equipment
Appliance
Component Manufacturing
NAICS: 713 – Amusement
Gambling
Recreation Industries
NAICS: 334 – Computer And Electronic Product Manufacturing
NAICS: 62 – Health Care And Social Assistance
NAICS: 52 – Finance And Insurance
Associated Indicators:
null