"Russia FSB relies on Ukrainian minors for criminal activities disguised as 'quest games.'"

Views expressed in this cybersecurity, cyber espionage, and cyber crime update are those of the reporters and correspondents.  Accessed on 17 December 2024, 1327 UTC.

Content and Source:  Email subscription via https://feedly.com.   https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2Ffeed

Please scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://hawaiisciencejournal.blogspot.com).

Security Affairs

69K followers24 articles per week#security#tech

10

Today

Russia FSB relies on Ukrainian minors for criminal activities disguised as “quest games”

by Pierluigi Paganini / 2h

Ukraine’s SBU uncovered an FSB espionage campaign recruiting minors for criminal activities disguised as “quest games.” The Security Service of Ukraine (SBU or SSU) uncovered a new espionage campaign linked to Russia’s intelligence agency Federal Security Service (FSB), which consists of involving minor Ukrainians in criminal activities under the guise of “quest games”. In Kharkiv, Ukrainian law

Yesterday

U.S. CISA adds Microsoft Windows Kernel-Mode Driver and Adobe ColdFusion flaws to its Known Exploited Vulnerabilities catalog

2 TTPs

•

by Pierluigi Paganini / 4h

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Windows Kernel-Mode Driver and Adobe ColdFusion flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the Microsoft Windows Kernel-Mode Driver Untrusted Pointer Dereference ( CVE-2024-35250 ) and Adobe ColdFusion Improper Access Control ( CVE-2024-2076

ConnectOnCall data breach impacted over 900,000 individuals

ConnectOnCall data breach affects 900K

•

by Pierluigi Paganini / 14h

ConnectOnCall disclosed a data breach impacting over 900,000 individuals, exposing their personal information. ConnectOnCall is a telehealth platform and after-hours on-call answering service designed to enhance communication between healthcare providers and patients. It offers automated patient call tracking, HIPAA-compliant chat, and integrates with electronic health record (EHR) systems to str

Report claims that Serbian authorities abused Cellebrite tool to install NoviSpy spyware

4 TTPs

•

by Pierluigi Paganini / 16h

•

CVE-2024-43047

Researchers warn of previously undetected surveillance spyware, named NoviSpy, that was found infecting a Serbian journalist’s phone. In February 2024, Serbian journalist Slaviša Milanov was summoned to a police station after a routine traffic stop. After the police released him, Milanov noticed suspicious changes to his phone settings, such as disabled data and Wi-Fi. Then he requested help from

Dec 15, 2024

Multiple flaws in Volkswagen Group’s infotainment unit allow for vehicle compromise

5 TTPs

•

by Pierluigi Paganini / 1d

•

Skoda cars vulnerable to hacking

Researchers discovered multiple flaws in the infotainment systems of Volkswagen Group vehicles that could allow to track them in real-time. A team of security researchers from cybersecurity firm PCAutomotive discovered multiple vulnerabilities in the infotainment units used in some vehicles of the Volkswagen Group. Remote attackers can exploit the flaws to achieve certain controls and track the l

PUMAKIT, a sophisticated rootkit that uses advanced stealth mechanisms

5 TTPs

•

by Pierluigi Paganini / 1d

•

Pumakit Linux rootkit malware discovered

Researchers discovered PUMAKIT, a Linux rootkit capable of hiding files, escalating privileges, and evading system tools and detection. Elastic Security Lab researchers discovered a new loadable kernel module (LKM) rootkit called PUMAKIT that supports advanced evasion mechanisms. PUMAKIT features a multi-stage design including a dropper, memory-resident executables, and a rootkit. It leverages an

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 24

by Pierluigi Paganini / 2d

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. PROXY.AM Powered by Socks5Systemz Botnet AppLite: A New AntiDot Variant Targeting Mobile Employee Devices Inside Zloader’s Latest Trick: DNS Tunneling BSI points out pre-installed malware on IoT devices Declawing PUMAKIT Image-Based Malware Classification Using QR

Security Affairs newsletter Round 502 by Pierluigi Paganini – INTERNATIONAL EDITION

by Pierluigi Paganini / 2d

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. IOCONTROL cyberweapon used to target infrastructure in the US and Isreael U.S. CISA adds Cleo Harmony, VLTrader, and LexiCom flaw to its Known Exploited V

Dec 14, 2024

IOCONTROL cyberweapon used to target infrastructure in the US and Isreael

10 TTPs

•

by Pierluigi Paganini / 2d

•

Iranian malware IOCONTROL targets IoT systems

Iran-linked threat actors target IoT and OT/SCADA systems in US and Israeli infrastructure with IOCONTROL malware. Claroty’s Team82 obtained a sample of a custom-built IoT/OT malware called IOCONTROL used by the Iran-linked threat actors to target devices in infrastructure located in Israel and U.S.. According to the experts Iran-linked threat group CyberAv3ngers reportedly targeted fuel manageme

U.S. CISA adds Cleo Harmony, VLTrader, and LexiCom flaw to its Known Exploited Vulnerabilities catalog

CVE-2024-50623

•

by Pierluigi Paganini / 2d

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cleo Harmony, VLTrader, and LexiCom flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the vulnerability CVE-2024-50623 (CVSS score 8.8), which impacts multiple Cleo products to its Known Exploited Vulnerabilities (KEV) catalog . “Cleo has identified an unrest

End of feed