Security Affairs newsletter Round 500 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.—————————————————————————————————————————————————–Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.[15 SpyLoan Android apps found on Google Play had over 8 million installs](https://securityaffairs.com/171553/cyber-crime/15-spyloan-android-apps-on-google-play.html) [Notorious ransomware programmer Mikhail Pavlovich Matveev arrested in Russia](https://securityaffairs.com/171541/cyber-crime/mikhail-pavlovich-matveev-arrested-in-russia.html) [Phishing-as-a-Service Rockstar 2FA continues to be prevalent](https://securityaffairs.com/171532/cyber-crime/rockstar-2fa-phaas.html) [Zello urges users to reset passwords following a cyber attack](https://securityaffairs.com/171516/security/zello-urges-reset-passwords-following-cyber-attack.html) [A cyberattack impacted operations at UK Wirral University Teaching Hospital](https://securityaffairs.com/171509/uncategorized/uks-wirral-university-teaching-hospital-cyberattack.html) [T-Mobile detected network intrusion attempts and blocked them](https://securityaffairs.com/171503/uncategorized/t-mobile-detected-network-intrusion.html) [ProjectSend critical flaw actively exploited in the wild, experts warn](https://securityaffairs.com/171494/hacking/projectsend-critical-flaw-actively-exploited.html) [Bootkitty is the first UEFI Bootkit designed for Linux systems](https://securityaffairs.com/171479/malware/bootkitty-uefi-bootkit-linux.html) [VMware fixed five vulnerabilities in Aria Operations product](https://securityaffairs.com/171472/security/vmware-fixed-five-vulnerabilitiesaria-operations.html) [Operation Serengeti: INTERPOL arrested 1,006 suspects in 19 African countries](https://securityaffairs.com/171462/cyber-crime/operation-serengeti-interpol.html) [How DSPM Helps Businesses Meet Compliance Requirements](https://securityaffairs.com/171457/security/how-dspm-helps-businesses-meet-compliance-requirements.html) [Russian group RomCom exploited Firefox and Tor Browser zero-days to target attacks Europe and North America](https://securityaffairs.com/171443/apt/russia-romcom-group-firefox-tor-browser-zero-day.html) [Software firm Blue Yonder providing services to US and UK stores, including Starbucks, hit by ransomware attack](https://securityaffairs.com/171434/uncategorized/blue-yonder-ransomware-attack.html) [The source code of Banshee Stealer leaked online](https://securityaffairs.com/171423/malware/the-source-code-of-banshee-stealer-leaked-online.html) [U.S. CISA adds Array Networks AG and vxAG ArrayOS flaw to its Known Exploited Vulnerabilities catalog](https://securityaffairs.com/171395/hacking/u-s-cisa-adds-array-networks-ag-and-vxag-arrayos-flaw-to-its-known-exploited-vulnerabilities-catalog.html) [Thai police arrested Chinese hackers involved in SMS blaster attacks](https://securityaffairs.com/171406/cyber-crime/sms-blaster-attacks-bangkok.html) [Zyxel firewalls targeted in recent ransomware attacks](https://securityaffairs.com/171382/cyber-crime/zyxel-firewall-ransomware-attacks.html) [Malware campaign abused flawed Avast Anti-Rootkit driver](https://securityaffairs.com/171340/hacking/avast-anti-rootkit-driver-abused-malware-campaign.html) [Russia-linked APT TAG-110 uses targets Europe and Asia](https://securityaffairs.com/171343/apt/tag-110-targets-asia-europe.html) [Russia-linked threat actors threaten the UK and its allies, minister to say](https://securityaffairs.com/171357/intelligence/russia-linked-threat-actors-threaten-uk.html) [DoJ seized credit card marketplace PopeyeTools and charges its administrators](https://securityaffairs.com/171319/cyber-crime/doj-seized-credit-card-marketplace-popeyetools.html)**International Press — Newsletter****Cybercrime**[Chinese cybercrime bust in thailand, over 700 million calls using fake ’02’ numbers](https://www.khaosodenglish.com/news/2024/11/18/chinese-cybercrime-bust-in-thailand-over-700-million-calls-using-fake-02-numbers/)[Software company providing services to US and UK grocery stores says it was hit by ransomware attack](https://edition.cnn.com/2024/11/24/business/ransomware-attack-blue-yonder)[Hacker in Snowflake Extortions May Be a U.S. Soldier](https://krebsonsecurity.com/2024/11/hacker-in-snowflake-extortions-may-be-a-u-s-soldier/)[Major cybercrime operation nets 1,006 suspects](https://www.interpol.int/en/News-and-Events/News/2024/Major-cybercrime-operation-nets-1-006-suspects)[UK hospital network postpones procedures after cyberattack](https://www.bleepingcomputer.com/news/security/uk-hospital-network-postpones-procedures-after-cyberattack/)[Tether Has Become a Massive Money Laundering Tool for Mexican Drug Traffickers, Feds Say](https://www.404media.co/tether-has-become-a-massive-money-laundering-tool-for-mexican-drug-traffickers-feds-say/)[Florida Telecommunications and Information Technology Worker Sentenced for Conspiring to Act as Agent of Chinese Government](https://www.justice.gov/opa/pr/florida-telecommunications-and-information-technology-worker-sentenced-conspiring-act-agent)[Rockstar 2FA: A Driving Force in Phishing-as-a-Service (PaaS)](https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/rockstar-2fa-a-driving-force-in-phishing-as-a-service-paas/)[Rockstar 2FA Phishing-as-a-Service (PaaS): Noteworthy Email Campaigns](https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/rockstar-2fa-phishing-as-a-service-paas-noteworthy-email-campaigns/)[A programmer wanted by the FBI will be tried in Kaliningrad](https://ria.ru/20241129/sud-1986456557.html)[11 arrested in Europol shutdown of illegal IPTV streaming networks](https://therecord.media/11-arrested-europol-streaming-shutdown)[Uganda confirms hack of central bank accounts, official downplays extent of loss](https://www.reuters.com/world/africa/hackers-steal-17-mln-uganda-central-bank-state-paper-2024-11-28/)**Malware**[PyPI Python Library ‘aiocpa’ Found Exfiltrating Crypto Keys via Telegram Bot](https://thehackernews.com/2024/11/pypi-python-library-aiocpa-found.html)[Bootkitty: Analyzing the first UEFI bootkit for Linux](https://www.welivesecurity.com/en/eset-research/bootkitty-analyzing-first-uefi-bootkit-linux/)[Gaming Engines: An Undetected Playground for Malware Loaders](https://research.checkpoint.com/2024/gaming-engines-an-undetected-playground-for-malware-loaders/)[Dozens of Machines Infected: Year-Long NPM Supply Chain Attack Combines Crypto Mining and Data Theft](https://checkmarx.com/blog/dozens-of-machines-infected-year-long-npm-supply-chain-attack-combines-crypto-mining-and-data-theft/)[SpyLoan: A Global Threat Exploiting Social Engineering](https://www.mcafee.com/blogs/other-blogs/mcafee-labs/spyloan-a-global-threat-exploiting-social-engineering/)**Hacking**[Recent Zyxel Firewall Vulnerability Exploited in Ransomware Attacks](https://www.securityweek.com/recent-zyxel-firewall-vulnerability-exploited-in-ransomware-attacks/)[Zyxel USG FLEX and ATP series — Upgrading your device and ALL credentials to avoid hackers’ attacks](https://support.zyxel.eu/hc/en-us/articles/21878875707410-Zyxel-USG-FLEX-and-ATP-series-Upgrading-your-device-and-ALL-credentials-to-avoid-hackers-attacks#h_01J9RQNR0WMDY6W4B00BN32VSC)[RomCom exploits Firefox and Windows zero days in the wild](https://www.welivesecurity.com/en/eset-research/romcom-exploits-firefox-and-windows-zero-days-in-the-wild/)[Palo Alto GlobalProtect — RCE and Privilege Escalation via Malicious VPN Server (CVE-2024-5921)](https://blog.amberwolf.com/blog/2024/november/palo-alto-globalprotect—code-execution-and-privilege-escalation-via-malicious-vpn-server-cve-2024-5921/)[ProjectSend CVE-2024-11680 Exploited in the Wild](https://vulncheck.com/blog/projectsend-exploited-itw)[Are You Already In The Matrix—35 Million Devices Under Blue Pill Attack](https://www.forbes.com/sites/daveywinder/2024/11/27/is-your-router-in-the-matrix-35-million-devices-under-blue-pill-attack/)[Over Two Dozen Flaws Identified in Advantech Industrial Wi-Fi Access Points — Patch ASAP](https://thehackernews.com/2024/11/over-two-dozen-flaws-identified-in.html)**Intelligence and Information Warfare**[Russia-Aligned TAG-110 Targets Asia and Europe with HATVIBE and CHERRYSPY](https://www.recordedfuture.com/research/russia-aligned-tag-110-targets-asia-and-europe)[**Russia ready to wage cyber war on UK, minister to say**](https://www-bbc-com.cdn.ampproject.org/c/s/www.bbc.com/news/articles/ceqxezer7nqo.amp)**[China-Nexus TAG-112 Compromises Tibetan Websites to Distribute Cobalt Strike](https://www.recordedfuture.com/research/china-nexus-tag-112-compromises-tibetan-websites)****[Unveiling the Past and Present of APT-K-47 Weapon: Asyncshell](https://medium.com/@knownsec404team/unveiling-the-past-and-present-of-apt-k-47-weapon-asyncshell-5a98f75c2d68)****[UK seeks collaboration for security research lab to counter Russia and ‘new AI arms race’](https://techcrunch.com/2024/11/25/uk-seeks-collaboration-for-security-research-lab-to-counter-russia-and-new-ai-arms-race/)****[Microsoft shares latest intelligence on North Korean and Chinese threat actors at CYBERWARCON](https://www.microsoft.com/en-us/security/blog/2024/11/22/microsoft-shares-latest-intelligence-on-north-korean-and-chinese-threat-actors-at-cyberwarcon/)****[Game of Emperor: Unveiling Long Term Earth Estries Cyber Intrusions](https://www.trendmicro.com/en_us/research/24/k/earth-estries.html)****[An Update on Recent Cyberattacks Targeting the US Wireless Companies](https://www.t-mobile.com/news/un-carrier/update-cyberattacks-targeting-us-wireless-companies)****[‘Operation Undercut’ Shows Multifaceted Nature of SDA’s Influence Operations](https://www.recordedfuture.com/research/operation-undercut-shows-multifaceted-nature-sdas-influence-operations)****Cybersecurity****[Introducing Restore Credentials: Effortless account restoration for Android apps](https://android-developers.googleblog.com/2024/11/maintain-strong-user-relationships-with-restore-credentials.html)****[Bipartisan Legislation Seeks Stronger Healthcare Cybersecurity](https://www.securityweek.com/bipartisan-legislation-seeks-stronger-healthcare-cybersecurity/)****[Generative AI Under Attack: Flowbreaking Exploits Trigger Data Leaks](https://www.forbes.com/sites/nizangpackin/2024/11/26/generative-ai-under-attack-flowbreaking-exploits-trigger-data-leaks/)****[GenAI Tools and Decision-Making: Beware a New Control Trap](https://sloanreview.mit.edu/article/genai-tools-and-decision-making-beware-a-new-control-trap/)****[Microsoft Hacking Warning—450 Million Windows Users Must Now Act](https://www.forbes.com/sites/zakdoffman/2024/11/27/microsoft-windows-hacking-warning-450-million-users-must-now-act/)**Follow me on Twitter: [**@securityaffairs**](https://twitter.com/securityaffairs) and [**Facebook**](https://www.facebook.com/sec.affairs) and [Mastodon](https://infosec.exchange/@securityaffairs)[**Pierluigi Paganini**](http://www.linkedin.com/pub/pierluigi-paganini/b/742/559)**(** [**SecurityAffairs**](http://securityaffairs.co/wordpress/)**–** **hacking, newsletter)**

Related Tags:
CVE-2024-5921

Playcrypt

Play

NAICS: 445 – Food And Beverage Retailers

NAICS: 44 – Retail Trade – Auto

Food

Home

NAICS: 921 – Executive

Legislative

Other General Government Support

NAICS: 54 – Professional

Scientific

Technical Services

NAICS: 517 – Telecommunications

NAICS: 62 – Health Care And Social Assistance

Associated Indicators:

Threat Intel Solutions

Security Affairs newsletter Round 500 by Pierluigi Paganini – INTERNATIONAL EDITION

Search

Popular Posts

2024 macOS Malware Review | Infostealers, Backdoors, and APT Campaigns Targeting the Enterprise

The great Google Ads heist: criminals ransack advertiser accounts via fake Google ads

MintsLoader: StealC and BOINC Delivery

Categories

Archives

Tags

Follow Us