A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Pro-Russia group NoName targeted the websites of Italian airports North Korea actors use OtterCookie malware in Contagious Interview […

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Pro-Russia group NoName targeted the websites of Italian airports

North Korea actors use OtterCookie malware in Contagious Interview campaign

Experts warn of a surge in activity associated FICORA and Kaiten botnets

Palo Alto Networks fixed a high-severity PAN-OS flaw

Brazilian citizen charged for threatening to release data stolen from a company in 2020

A new Mirai botnet variant targets DigiEver DS-2105 Pro DVRs

A ransomware attack disrupted services at Pittsburgh Regional Transit

A cyber attack hit Japan Airlines delaying ticket sales for flights

Apache fixed a critical SQL Injection in Apache Traffic Control

BellaCPP, Charming Kitten’s BellaCiao variant written in C++

DMM Bitcoin $308M Bitcoin heist linked to North Korea

Adobe is aware that ColdFusion bug CVE-2024-53961 has a known PoC exploit code

Apache Foundation fixed a severe Tomcat vulnerability

Italy’s data protection watchdog fined OpenAI €15 million over ChatGPT’s data management violations

U.S. CISA adds Acclaim Systems USAHERDS flaw to its Known Exploited Vulnerabilities catalog

U.S. Court rules against NSO Group in WhatsApp spyware Lawsuit

Lazarus APT targeted employees at an unnamed nuclear-related organization

US charged Dual Russian and Israeli National as LockBit Ransomware developer

International Press – Newsletter

Cybercrime  

Phishing platform Rockstar 2FA trips, and “FlowerStorm” picks up the pieces  

Pittsburgh Regional Transit attributes recent service disruptions to ransomware attack  

Brazilian Man Charged With Making Extortionate Threats To Publicize Stolen Data Obtained By Unlawful Computer Intrusion  

Malware

Now You See Me, Now You Don’t: Using LLMs to Obfuscate Malicious JavaScript

Analyzing Malicious Intent in Python Code: A Case Study      

DigiEver Fix That IoT Thing!  

Hacking

The Insecure IoT Cloud Strikes Again: RCE on Ruijie Cloud-Connected Devices  

Cybersecurity firm’s Chrome extension hijacked to steal users’ data

Japan Airlines was hit by a cyberattack, delaying flights during the year-end holiday season  

Hackers exploit DoS flaw to disable Palo Alto Networks firewalls

Intelligence and Information Warfare 

Ukraine’s state registers hit with one of Russia’s largest cyberattacks, officials say

Lazarus group evolves its infection chain with old and new malware    

FBI, DC3, and NPA Identification of North Korean Cyber Actors, Tracked as TraderTraitor, Responsible for Theft of $308 Million USD from Bitcoin.DMM.com  

BellaCPP: Discovering a new BellaCiao variant written in C++

OtterCookie, a new malware used by Contagious Interview

Recent Cases of Watering Hole Attacks, Part 2  

Cybersecurity

U.S. Judge Rules Against NSO Group in WhatsApp Pegasus Spyware Case

Italy fines OpenAI over ChatGPT privacy rules breach  

Adobe Patches ColdFusion Flaw at High Risk of Exploitation  

The Intersection of AI and OSINT: Advanced Threats On The Horizon

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Source: SecurityAffairs
Source Link: https://securityaffairs.com/172413/breaking-news/security-affairs-newsletter-round-504-by-pierluigi-paganini-international-edition.html