Threat Intel Solutions

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.—————————————————————————————————————————————————–Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.[Chinese threat actors use Quad7 botnet in password-spray attacks](https://securityaffairs.com/170503/malware/quad7-botnet-used-by-chinese-threat-actors.html) [FBI arrested former Disney World employee for hacking computer menus and mislabeling allergy info](https://securityaffairs.com/170489/cyber-crime/former-disney-world-employee-arrested.html) [Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide](https://securityaffairs.com/170469/apt/china-linked-threat-actors-activity-targeting-network-devices-worldwide.html) [PTZOptics cameras zero-days actively exploited in the wild](https://securityaffairs.com/170456/hacking/ptzoptics-cameras-flaws-exploited.html) [New LightSpy spyware version targets iPhones with destructive capabilities](https://securityaffairs.com/170447/malware/lightspy-spyware-targets-iphones.html) [LottieFiles confirmed a supply chain attack on Lottie-Player](https://securityaffairs.com/170441/hacking/lottiefiles-confirmed-a-supply-chain-attack-on-lottie-player.html) [Threat actor says Interbank refused to pay the ransom after a two-week negotiation](https://securityaffairs.com/170431/data-breach/interbank-refused-to-pay-the-ransom.html) [QNAP fixed second zero-day demonstrated at Pwn2Own Ireland 2024](https://securityaffairs.com/170423/security/qnap-fixed-second-zero-day-demonstrated-pwn2own-ireland-2024.html) [New version of Android malware FakeCall redirects bank calls to scammers](https://securityaffairs.com/170410/malware/fakecall-malware-intercepts-outgoing-bank-calls.html)[Russia-linked Midnight Blizzard APT targeted 100+ organizations with a spear-phishing campaign using RDP files](https://securityaffairs.com/170398/apt/midnight-blizzard-apt-targeted-100-organizations.html) [Google fixed a critical vulnerability in Chrome browser](https://securityaffairs.com/170395/security/google-fixed-critical-chrome-flaw.html) [QNAP fixed NAS backup zero-day demonstrated at Pwn2Own Ireland 2024](https://securityaffairs.com/170386/uncategorized/qnap-fixed-zero-day-cve-2024-50388-pwn2own-ireland-2024.html) [International law enforcement operation dismantled RedLine and Meta infostealers](https://securityaffairs.com/170369/cyber-crime/law-enforcement-operation-disrupted-redline-and-meta-infostealers.html) [Fog and Akira ransomware attacks exploit SonicWall VPN flaw CVE-2024-40766](https://securityaffairs.com/170359/cyber-crime/fog-akira-ransomware-sonicwall-vpn-flaw.html) [Russia-linked espionage group UNC5812 targets Ukraine’s military with malware](https://securityaffairs.com/170346/cyber-warfare-2/unc5812-targets-ukraines-military-malware.html) [France’s second-largest telecoms provider Free suffered a cyber attack](https://securityaffairs.com/170333/data-breach/free-suffered-a-cyber-attack.html) [A crime ring compromised Italian state databases reselling stolen info](https://securityaffairs.com/170328/data-breach/a-crime-ring-compromised-italian-state-databases.html) [Third-Party Identities: The Weakest Link in Your Cybersecurity Supply Chain](https://securityaffairs.com/170324/security/third-party-identities-cybersecurity-supply-chain.html) [Black Basta affiliates used Microsoft Teams in recent attacks](https://securityaffairs.com/170311/cyber-crime/black-basta-ransomware-microsoft-teams.html) [Four REvil Ransomware members sentenced for hacking and money laundering](https://securityaffairs.com/170287/cyber-crime/revil-ransomware-group-member-sentenced.html)**International Press — Newsletter****Cybercrime**[Italy police arrest four over alleged illegal database access, source says](https://www.reuters.com/world/europe/italy-police-arrest-four-over-alleged-illegal-database-access-source-says-2024-10-26/)[Free, France’s second-largest telecoms company, confirms being hit by cyberattack](https://therecord.media/france-telecom-free-cyberattack)[The Crime Messenger: How Sky ECC Phones Became a Tool of the Criminal Trade](https://www.occrp.org/en/project/the-crime-messenger)[Attackers Target Crypto Wallets Using Codeless Webflow Phishing Pages](https://www.netskope.com/blog/attackers-target-crypto-wallets-using-codeless-webflow-phishing-pages)[Operation Magnus](https://operation-magnus.com)[Cryptocurrency Enthusiasts Targeted in Multi-Vector Supply Chain Attack](https://checkmarx.com/blog/cryptocurrency-enthusiasts-targeted-in-multi-vector-supply-chain-attack/)[Ex-Disney worker accused of hacking computer menus to add profanities, errors](https://apnews.com/article/disney-arrest-florida-orlando-theme-parks-0c075b6ff23f3d57fe44be6ea1a85407)**Malware**[EIW — ESET Israel Wiper — used in active attacks targeting Israeli orgs](https://doublepulsar.com/eiw-eset-israel-wiper-used-in-active-attacks-targeting-israeli-orgs-b1210aed7021)[ESET Online Scanner for Redline and META](https://www.eset.com/nl/thuis/online-scanner-redline-en/)[Massive PSAUX ransomware attack targets 22,000 CyberPanel instances](https://www.bleepingcomputer.com/news/security/massive-psaux-ransomware-attack-targets-22-000-cyberpanel-instances/)[LightSpy: Implant for iOS](https://www.threatfabric.com/blogs/lightspy-implant-for-ios)[Pygmy Goat](https://www.ncsc.gov.uk/static-assets/documents/malware-analysis-reports/pygmy-goat/ncsc-mar-pygmy-goat.pdf)**Hacking**[Protect AI’s October 2024 Vulnerability Report](https://protectai.com/threat-research/2024-october-vulnerability-report)[An analysis of the Keycloak authentication system](https://security.humanativaspa.it/an-analysis-of-the-keycloak-authentication-system/)[Anthropic flags AI’s potential to ‘automate sophisticated destructive cyber attacks’](https://www.zdnet.com/article/anthropic-flags-ais-potential-to-automate-sophisticated-destructive-cyber-attacks/)[Lottie-Player Supply Chain Attack Targets Cryptocurrency Wallets](https://www.securityweek.com/lottie-player-supply-chain-attack-targets-cryptocurrency-wallets/)[Rare Case of Privilege Escalation Patched in LiteSpeed Cache Plugin](https://patchstack.com/articles/rare-case-of-privilege-escalation-patched-in-litespeed-cache-plugin/)[GreyNoise Intelligence Discovers Zero-Day Vulnerabilities in Live Streaming Cameras with the Help of AI](https://www.greynoise.io/blog/greynoise-intelligence-discovers-zero-day-vulnerabilities-in-live-streaming-cameras-with-the-help-of-ai)**Intelligence and Information Warfare**[Tenacious Pungsan: A DPRK threat actor linked to Contagious Interview](https://securitylabs.datadoghq.com/articles/tenacious-pungsan-dprk-threat-actor-contagious-interview/)[Hybrid Russian Espionage and Influence Campaign Aims to Compromise Ukrainian Military Recruits and Deliver Anti-Mobilization Narratives](https://cloud.google.com/blog/topics/threat-intelligence/russian-espionage-influence-ukrainian-military-recruits-anti-mobilization-narratives)[Midnight Blizzard conducts large-scale spear-phishing campaign using RDP files](https://www.microsoft.com/en-us/security/blog/2024/10/29/midnight-blizzard-conducts-large-scale-spear-phishing-campaign-using-rdp-files/)[CloudScout: Evasive Panda scouting cloud services](https://www.welivesecurity.com/en/eset-research/cloudscout-evasive-panda-scouting-cloud-services/)[Hidden Warfare: Iran’s Growing Dependence on Criminal Networks](https://thesoufancenter.org/intelbrief-2024-november-1/)[New Tradecraft of Iranian Cyber Group Aria Sepehr Ayandehsazan aka Emennet Pasargad](https://www.ic3.gov/CSA/2024/241030.pdf)**Cybersecurity**[Unchaining Blockchain Security Part 1: The Emerging Risks of Private Blockchains in Enterprises](https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/unchaining-blockchain-security-part-1-the-emerging-risks-of-private-blockchains-in-enterprises)[OT security becoming a mainstream concern](https://www.csoonline.com/article/3595787/ot-security-becoming-a-mainstream-concern.html)[My Habit Was Collecting](https://www.bloomberg.com/features/2024-dutch-hacking-spree/)[OpenAI’s new ChatGPT Search Chrome extension feels like a search hijacker](https://www.bleepingcomputer.com/news/security/openais-new-chatgpt-search-chrome-extension-feels-like-a-search-hijacker/)[Synology hurries out patches for zero-days exploited at Pwn2Own](https://www.bleepingcomputer.com/news/security/synology-fixed-two-critical-zero-days-exploited-at-pwn2own-within-days/)Follow me on Twitter: [**@securityaffairs**](https://twitter.com/securityaffairs) and [**Facebook**](https://www.facebook.com/sec.affairs) and [Mastodon](https://infosec.exchange/@securityaffairs)[**Pierluigi Paganini**](http://www.linkedin.com/pub/pierluigi-paganini/b/742/559)**(** [**SecurityAffairs**](http://securityaffairs.co/wordpress/)**–** **hacking, newsletter)**

Related Tags:
GOLD SAHARA

Akira

PUNK SPIDER

Midnight Blizzard

NAICS: 71 – Arts

Entertainment

Recreation

NAICS: 56 – Administrative And Support And Waste Management And Remediation Services

NAICS: 54 – Professional

Scientific

Technical Services

NAICS: 335 – Electrical Equipment

Appliance

Component Manufacturing

NAICS: 561 – Administrative And Support Services

Associated Indicators: