Security Affairs newsletter Round 583 by Pierluigi Paganini – INTERNATIONAL EDITION

A recent FBI alert reveals that Russian intelligence agencies are leveraging Signal recovery keys to intercept messages, marking a significant escalation in state-sponsored cyber activity. This tactic enables attackers to bypass end-to-end encryption, compromising the security of sensitive communications. Meanwhile, the hospitality sector is being targeted by a phishing campaign utilizing fake guest complaint emails, highlighting the ongoing threat of social engineering attacks. Additionally, a fourth Linux kernel flaw, dubbed DirtyClone, has been discovered in six weeks, allowing attackers to escalate privileges to root level. The Chinese APT group CL-STA-1062 is also expanding its attacks on Southeast Asian critical infrastructure¹. This shift in state-aligned activity necessitates a revised threat model, one that accounts for geopolitical motivations rather than solely criminal intent. This matters to cybersecurity practitioners because it requires a distinct approach to mitigating threats, one that acknowledges the complex interplay between nation-state actors and global security.