A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.—————————————————————————————————————————————————–Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.[RedLine info-stealer campaign targets Russian businesses through pirated corporate software](https://securityaffairs.com/171771/cyber-crime/redline-info-stealer-campaign-targets-russian-businesses.html) [8Base ransomware group hacked Croatia’s Port of Rijeka](https://securityaffairs.com/171779/cyber-crime/8base-ransomware-croatias-port-of-rijeka.html) [Russia’s FSB used spyware against a Russian programmer](https://securityaffairs.com/171767/malware/russias-fsb-used-spyware-against-a-russian-programmer.html) [Romania ‘s election systems hit by 85,000 attacks ahead of presidential vote](https://securityaffairs.com/171758/cyber-warfare-2/romanias-election-systems-hit-by-85000-attacks.html) [New Atrium Health data breach impacts 585,000 individuals](https://securityaffairs.com/171747/data-breach/atrium-health-disclosed-a-data-breach.html) [U.S. CISA adds CyberPanel flaw to its Known Exploited Vulnerabilities catalog](https://securityaffairs.com/171736/hacking/u-s-cisa-adds-cyberpanel-flaw-known-exploited-vulnerabilities-catalog.html) [Hundred of CISCO switches impacted by bootloader flaw](https://securityaffairs.com/171729/security/cisco-switches-bootloader-flaw-cve-2024-20397.html) [Burnout in SOCs: How AI Can Help Analysts Focus on High-Value Tasks](https://securityaffairs.com/171724/security/burnout-in-socs-how-ai-can-help-analysts-focus-on-high-value-tasks.html) [Operation Destabilise dismantled Russian money laundering networks](https://securityaffairs.com/171710/cyber-crime/operation-destabilise-anti-money-laundering.html) [Russia-linked APT Secret Blizzard spotted using infrastructure of other threat actors](https://securityaffairs.com/171699/apt/secret-blizzard-using-infrastructure-of-other-threat-actors.html) [China-linked APT Salt Typhoon has breached telcos in dozens of countries](https://securityaffairs.com/171692/apt/china-salt-typhoon-breached-telecommunications.html) [Black Basta ransomware gang hit BT Group](https://securityaffairs.com/171668/breaking-news/black-basta-ransomware-attack-bt-group.html) [Authorities shut down Crimenetwork, the Germany’s largest crime marketplace](https://securityaffairs.com/171658/cyber-crime/german-authorities-shut-down-crimenetwork.html) [Veeam addressed critical Service Provider Console (VSPC) bug](https://securityaffairs.com/171651/security/veeam-addressed-critical-service-provider-console-vspc-flaw.html) [Australia, Canada, New Zealand, and the U.S. warn of PRC-linked cyber espionage targeting telecom networks](https://securityaffairs.com/171644/hacking/prc-linked-cyber-espionage-telecom-networks.html) [U.S. CISA adds ProjectSend, North Grid Proself, and Zyxel firewalls bugs to its Known Exploited Vulnerabilities catalog](https://securityaffairs.com/171638/security/u-s-cisa-adds-projectsend-north-grid-proself-and-zyxel-firewalls-bugs-to-its-known-exploited-vulnerabilities-catalog.html) [The ASA flaw CVE-2014-2120 is being actively exploited in the wild](https://securityaffairs.com/171631/hacking/cisco-asa-flaw-cve-2014-2120-exploited-in-the-wild.html) [DMM Bitcoin halts operations six months after a $300 million cyber heist](https://securityaffairs.com/171623/cyber-crime/dmm-bitcoin-halts-operations.html) [Energy industry contractor ENGlobal Corporation discloses a ransomware attack](https://securityaffairs.com/171617/cyber-crime/englobal-corporation-disclosed-a-ransomware-attack.html) [Poland probes Pegasus spyware abuse under the PiS government](https://securityaffairs.com/171611/intelligence/poland-probes-pegasus-spyware-abuse-under-the-pis-government.html) [BootKitty Linux UEFI bootkit spotted exploiting LogoFAIL flaws](https://securityaffairs.com/171606/malware/bootkitty-logofail-flaws.html) [Tor Project needs 200 WebTunnel bridges more to bypass Russia’ censorship](https://securityaffairs.com/171601/digital-id/tor-project-needs-200-webtunnel-bridges.html) [How threat actors can use generative artificial intelligence?](https://securityaffairs.com/171582/uncategorized/how-threat-actors-can-use-generative-artificial-intelligence.html) [Hackers stole millions of dollars from Uganda Central Bank](https://securityaffairs.com/171562/security/financially-motivated-threat-actors-hacked-ugandas-central-bank.html)**International Press — Newsletter****Cybercrime**[INTERPOL financial crime operation makes record 5,500 arrests, seizures worth over USD 400 million](https://www.interpol.int/en/News-and-Events/News/2024/INTERPOL-financial-crime-operation-makes-record-5-500-arrests-seizures-worth-over-USD-400-million)[Hackers Stole $1.49 Billion in Cryptocurrency to Date in 2024](https://www.securityweek.com/hackers-stole-1-49-billion-in-cryptocurrency-to-date-in-2024/)[US government contractor ENGlobal says operations are ‘limited’ following cyberattack](https://techcrunch.com/2024/12/03/us-government-contractor-englobal-says-operations-are-limited-following-cyberattack/)[Administrator of the largest German-speaking trading platform for illegal goods and services arrested](https://www.bka.de/DE/Presse/Listenseite_Pressemitteilungen/2024/Presse2024/241203_PM_ZIT_Crimenetwork.html)[British telecoms giant BT confirms attempted cyberattack after ransomware gang claims hack](https://therecord.media/bt-group-cyberattack-black-basta)[Criminals Use Generative Artificial Intelligence to Facilitate Financial Fraud](https://www.ic3.gov/PSA/2024/PSA241203)[Why Hackers Want Your Health Information](https://www.wsj.com/health/healthcare/why-hackers-want-your-health-information-8780ed0d?utm_medium=social)[Operation Destabilise: NCA disrupts $multi-billion Russian money laundering networks with links to, drugs, ransomware and espionage, resulting in 84 arrests](https://www.nationalcrimeagency.gov.uk/news/operation-destabilise-nca-disrupts-multi-billion-russian-money-laundering-networks-with-links-to-drugs-ransomware-and-espionage-resulting-in-84-arrests)[Why Phishers Love New TLDs Like .shop, .top and .xyz](https://krebsonsecurity.com/2024/12/why-phishers-love-new-tlds-like-shop-top-and-xyz/)[Criminals Use Generative Artificial Intelligence to Facilitate Financial Fraud](https://www.ic3.gov/PSA/2024/PSA241203)[Cyberattack targets Port of Rijeka, data stolen](https://www.worldcargonews.com/news/2024/12/cyberattack-targets-port-of-rijeka-data-stolen/)**Malware**[SmokeLoader Attack Targets Companies in Taiwan](https://www.fortinet.com/blog/threat-research/sophisticated-attack-targets-taiwan-with-smokeloader)[LogoFAIL Exploited to Deploy Bootkitty, the first UEFI bootkit for Linux](https://www.binarly.io/blog/logofail-exploited-to-deploy-bootkitty-the-first-uefi-bootkit-for-linux)[RedLine, A License to Steal: The Rudometov Story -& Operation Magnus](https://analyst1.com/redline-a-license-to-steal-the-rudometov-story-operation-magnus/)[Unveiling RevC2 and Venom Loader](https://www.zscaler.com/blogs/security-research/unveiling-revc2-and-venom-loader)[Meeten Malware: A Cross-Platform Threat to Crypto Wallets on macOS and Windows](https://www.cadosecurity.com/blog/meeten-malware-threat)[Quack now, pay later](https://securelist.ru/redline-stealer-in-activators-for-business-software/111241/)**Hacking**[Cybercriminals Use NFC Relay to Turn Stolen Credit Cards into Cash without a PIN](https://www.mobile-hacker.com/2024/12/02/cybercriminals-use-nfc-relay-to-turn-stolen-credit-cards-into-cash-without-a-pin/)[What It Costs to Hire a Hacker on the Dark Web](https://www.techrepublic.com/article/what-it-costs-to-hire-a-hacker-on-the-dark-web/)[Cisco Warns of Attacks Exploiting Decade-Old ASA Vulnerability](https://www.securityweek.com/cisco-warns-of-attacks-exploiting-decade-old-asa-vulnerability/)[Progress WhatsUp Gold NmAPI.exe Registry Overwrite Unauthenticated RCE](https://www.tenable.com/security/research/tra-2024-48)[Cloudflare’s pages.dev and workers.dev Domains Increasingly Abused for Phishing](https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing)[Snowblind: The Invisible Hand of Secret Blizzard](https://blog.lumen.com/snowblind-the-invisible-hand-of-secret-blizzard/)[Windows Sockets: From Registered I/O to SYSTEM Privileges](https://blog.exodusintel.com/2024/12/02/windows-sockets-from-registered-i-o-to-system-privileges/)[BlueAlpha Abuses Cloudflare Tunneling Service for GammaDrop Staging Infrastructure](https://www.recordedfuture.com/research/bluealpha-abuses-cloudflare-tunneling-service)[Deloitte Hacked — Brain Cipher Ransomware Group Allegedly Stolen 1 TB of Data](https://cybersecuritynews.com/deloitte-hacked/amp/)[Supply Chain Attack Detected in Solana’s web3.js Library](https://socket.dev/blog/supply-chain-attack-solana-web3-js-library)**Intelligence and Information Warfare**[Former Polish spy chief arrested to testify before parliament in spyware probe](https://therecord.media/poland-former-spy-chief-testifies-pegasus-spyware)[Analysis of Threat Actor Kim Soo-ki’s Email Phishing Campaign](https://www.genians.co.kr/blog/threat_intelligence/kimsuky-cases)[Enhanced Visibility and Hardening Guidance for Communications Infrastructure](https://www.cisa.gov/resources-tools/resources/enhanced-visibility-and-hardening-guidance-communications-infrastructure)[Senators say US military is failing to secure its phones from foreign spies](https://techcrunch.com/2024/12/04/senators-say-u-s-military-is-failing-to-secure-its-phones-from-foreign-spies/)[He Got Banned From X. Now He Wants to Help You Escape, Too](https://www.wired.com/story/x-delete-posts-cyd-micah-lee/)[Dozens of Countries Hit in Chinese Telecom Hacking Campaign, Top U.S. Official Says](https://www.wsj.com/politics/national-security/dozens-of-countries-hit-in-chinese-telecom-hacking-campaign-top-u-s-official-says-2a3a5cca)[Guess Who’s Back — The Return of ANEL in the Recent Earth Kasha Spear-phishing Campaign in 2024](https://www.trendmicro.com/en_us/research/24/k/return-of-anel-in-the-recent-earth-kasha-spearphishing-campaign.html)[Frequent freeloader part I: Secret Blizzard compromising Storm-0156 infrastructure for espionage](https://www.microsoft.com/en-us/security/blog/2024/12/04/frequent-freeloader-part-i-secret-blizzard-compromising-storm-0156-infrastructure-for-espionage/)[Romania was target of ‘aggressive hybrid Russian attacks’ during elections, security council says](https://www.reuters.com/world/europe/romania-was-target-aggressive-hybrid-russian-attacks-during-elections-security-2024-12-04/)[Something to Remember Us By Device Confiscated by Russian Authorities Returned with Monokle-Type Spyware Installed](https://citizenlab.ca/2024/12/device-confiscated-by-russian-authorities-returned-with-monokle-type-spyware-installed/)[MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur’s Multi-Platform Attacks](https://www.trendmicro.com/en_us/research/24/l/earth-minotaur.html)**Cybersecurity**[Mechanized minds: AI’s hidden impact on human thought](https://bigthink.com/thinking/the-mechanized-mind-ais-hidden-impact-on-human-thought/)[Google Confirms New Gmail Security Surprise—And It’s So Simple](https://www.forbes.com/sites/daveywinder/2024/12/02/google-confirms-new-gmail-security-surprise-and-its-so-simple/)[Tor in Russia: A call for more WebTunnel bridges](https://blog.torproject.org/call-for-webtunnel-bridges/)[US agency proposes new rule blocking data brokers from selling Americans’ sensitive personal data](https://techcrunch.com/2024/12/03/us-agency-proposes-new-rule-blocking-data-brokers-from-selling-americans-sensitive-personal-data/)[Treasury Exposes Money Laundering Network Using Digital Assets to Evade Sanctions](https://home.treasury.gov/news/press-releases/jy2735)[EU’s first ever report on the state of cybersecurity in the Union](https://www.enisa.europa.eu/news/eus-first-ever-report-on-the-state-of-cybersecurity-in-the-union)[U.S. officials urge Americans to use encrypted apps amid unprecedented cyberattack](https://www.nbcnews.com/tech/security/us-officials-urge-americans-use-encrypted-apps-cyberattack-rcna182694)[The Great Pokémon Go Spy Panic](https://foreignpolicy.com/2024/11/29/pokemongo-cia-nsa-intelligence-spying/)Follow me on Twitter: [**@securityaffairs**](https://twitter.com/securityaffairs) and [**Facebook**](https://www.facebook.com/sec.affairs) and [Mastodon](https://infosec.exchange/@securityaffairs)[**Pierluigi Paganini**](http://www.linkedin.com/pub/pierluigi-paganini/b/742/559)**(** [**SecurityAffairs**](http://securityaffairs.co/wordpress/)**–** **hacking, newsletter)**
Related Tags:
Secret Blizzard
NAICS: 483 – Water Transportation
NAICS: 332 – Fabricated Metal Product Manufacturing
NAICS: 48 – Transportation
NAICS: 54 – Professional
Scientific
Technical Services
NAICS: 923 – Administration Of Human Resource Programs
NAICS: 517 – Telecommunications
NAICS: 62 – Health Care And Social Assistance
NAICS: 541 – Professional
Scientific
Technical Services
Associated Indicators: