Researchers uncover "distinctive" tactics, techniques and procedures (TTPs) used by Hades ransomware operators that set them apart from the rest of the pack, attributing it to a financially motivated threat group called GOLD WINTER.

https://thehackernews.com/2021/06/experts-shed-light-on-distinctive.html

CISA has issued an advisory warning #IoT manufacturers of a critical vulnerability — CVE-2021-32934 / CVSS score: 9.1 —in ThroughTek's P2P SDK that could be exploited by attackers to eavesdrop on connected cameras.

Read: https://thehackernews.com/2021/06/critical-throughtek-flaw-opens-millions.html

New research finds that ransomware attackers are increasingly shifting from using emails as an intrusion route to purchasing access from other cybercriminal enterprises that have already infiltrated major targets.

Read: https://thehackernews.com/2021/06/ransomware-attackers-partnering-with.html

Researchers at Kaspersky have found that the malware attack against South Korean entities was the work of the nation-state hacking group called Andariel.

Details: https://thehackernews.com/2021/06/malware-attack-on-south-korean-entities.html

Ukraine has arrested the cybercriminal gang behind Clop ransomware attacks, responsible for $500 million in damages.

Details: https://thehackernews.com/2021/06/ukraine-police-arrest-cyber-criminals.html

Researchers have disclosed a new executable image tampering attack — dubbed "Process Ghosting" — that could be exploited by attackers to circumvent security measures and execute malware code on a Windows system.

Details: https://thehackernews.com/2021/06/researchers-uncover-process-ghosting.html

Telegram and Psiphon VPN users in #Iran are being targeted by new spyware from Ferocious Kitten—a covert surveillance APT group that's been in play for six years.

Details: https://thehackernews.com/2021/06/a-new-spyware-is-targeting-telegram-and.html

APT hacker group "TA402/Molerats" has resurfaced after a two-month hiatus to target government institutions in the Middle East and global government agencies linked to geopolitics in the region.

Details: https://thehackernews.com/2021/06/molerats-hackers-return-with-new.html

URGENT — A new #browser 0-day #vulnerability has been found being exploited in the wild.

Details: https://thehackernews.com/2021/06/update-your-chrome-browser-to-patch-yet.html

Users of Windows, Mac, and Linux should update their software right away.

Russian communications regulator Roskomnadzor bans VyprVPN and Opera VPN services in the country for failing to comply with a blacklisting request, and it is likely that more services will be blocked in the near future.

Details: https://thehackernews.com/2021/06/russia-bans-vyprvpn-opera-vpn-services.html

As cyberattacks on the software supply-chain become a major concern, Google is introducing a new security framework—called SLSA—to ensure the integrity of packages and prevent unauthorized changes.

Details:
https://thehackernews.com/2021/06/google-releases-new-framework-to.html

Researchers warn of increased cyber-espionage activities by Chinese state-sponsored hackers in neighboring countries.

Cyberattacks on Central Asia, India and Pakistan were carried out by suspected hackers from the PLA's 69010 cyber offensive unit and affected India's largest energy company NTPC as well as BSNL, the national telecommunications company.

Read: https://thehackernews.com/2021/06/cyber-espionage-by-chinese-hackers-in.html

South Korea's ⚡ Atomic Energy Research Institute has disclosed a hack of its internal network that, according to the Ministry of Science, could be the work of North Korean hackers exploiting a #vulnerability in an unnamed VPN software.

Read: https://thehackernews.com/2021/06/north-korea-exploited-vpn-flaw-to-hack.html

A team of researchers has developed the "DroidMorph" tool to illustrate how popular antivirus apps for Android continue to remain vulnerable against different permutations of malware.

Read: https://thehackernews.com/2021/06/droidmorph-shows-popular-android.html

NVIDIA Jetson series chipsets have been found vulnerable to 26 new vulnerabilities, the most serious of which can enable attackers to escalate privileges, cause DoS, and steal information.

Details: https://thehackernews.com/2021/06/nvidia-jetson-chipsets-found-vulnerable.html

Researchers are warning of wormable DarkRadiation ransomware that's targeting RedHat, Debian-based Linux distributions and Docker cloud containers.

Details: https://thehackernews.com/2021/06/wormable-darkradiation-ransomware.html

An unpatched critical #vulnerability affects Pling-based marketplace software for Linux systems that could potentially be exploited to launch supply-chain and RCE attacks.

Details: https://thehackernews.com/2021/06/unpatched-critical-flaw-affects-pling.html

A memory leak vulnerability [CVE-2021-20019] affecting SonicWall VPN appliances was left unpatched amidst 0-day attacks that could allow remote attackers access to sensitive data.

Read: https://thehackernews.com/2021/06/sonicwall-left-vpn-flaw-partially.html

Security patches have now been released.

Important — Update your Tor browser to the latest version to patch a new privacy vulnerability that can be exploited remotely to track users' online activity.

Details: https://thehackernews.com/2021/06/patch-tor-browser-bug-to-prevent.html

A hacker with suspected ties to Pakistan targeted an Indian power transmission and generation organization with ReverseRat malware.

Read: https://thehackernews.com/2021/06/pakistan-linked-hackers-targeted-indian.html

Experts say this attacker targets South and Central Asia governments and energy companies.

John David McAfee, a controversial mogul and antivirus pioneer, committed suicide in a Barcelona jail cell in Barcelona, just hours after reports that he would be extradited to face federal charges.



Details: https://thehackernews.com/2021/06/antivirus-pioneer-john-mcafee-found.html