🔥 Attention!!! 9 Android apps with a total of 5.8 million installs from the #Google Play store were caught stealing users' Facebook account passwords.

Here are details and a list of malicious apps: https://thehackernews.com/2021/07/android-apps-with-58-million-installs.html

<🔥> Learn to Code — Get 2021 Master Bundle of 13 Online Courses @ 99% OFF <🔥/>

Kickstart your lucrative programming career with 119 ours of video tutorials: https://thehackernews.com/2021/07/learn-to-code-get-2021-master-bundle-of.html

REvil gang exploited a zero-day vulnerability affecting VSA software in the recent massive supply-chain ransomware attack that triggered a chain of infection that compromised thousands of businesses.

Read: https://thehackernews.com/2021/07/revil-used-0-day-in-kaseya-ransomware.html

The hackers are now asking for $70 million to unlock all affected systems with a universal decryption programme.

Microsoft is urging Azure users to update the PowerShell command line tool as soon as possible to protect against a critical RCE vulnerability (CVE-2021-26701) that impacts . NET Core.

Read: https://thehackernews.com/2021/07/microsoft-urges-azure-users-to-update.html

Cybercriminals behind the notorious TrickBot malware have been linked to a new ransomware strain named "Diavol."

Read: https://thehackernews.com/2021/07/trickbot-botnet-found-deploying-new.html

[NEW] Kaseya rules out a supply-chain attack, claiming attackers exploited an undisclosed 0-day vulnerability in on-premises VSA software to infect its customers with ransomware.

Read details: https://thehackernews.com/2021/07/kaseya-rules-out-supply-chain-attack.html

⚡ Interpol arrested a hacker — using the alias Dr HeX — in Morocco, involved in nefarious cyber activities, including phishing, defacement, malware, fraud & carding, and also responsible for attacks on telecoms, banks & multinationals.

Read: https://thehackernews.com/2021/07/interpol-arrests-hacker-in-morocco-who.html

Microsoft has shipped an emergency security update to address a critical zero-day vulnerability — PrintNightmare — affecting Windows Print Spooler that could allow remote hackers to execute arbitrary code & take over vulnerable systems.

Read: https://thehackernews.com/2021/07/microsoft-issues-emergency-patch-for.html

Researchers have uncovered dozens of critically vulnerable software components hosted on NuGet that are being actively exploited by attackers to attack widely-used software built on the .NET platform.

Read details: https://thehackernews.com/2021/07/dozens-of-vulnerable-nuget-packages.html

WildPressure APT campaign targeting industrial entities in the Middle East since 2019 has resurfaced with an upgraded malware toolset to attack both Windows and #macOS computers.

Read: https://thehackernews.com/2021/07/wildpressure-apt-emerges-with-new.html

WARNING — Microsoft's emergency patch update for the PrintNightmare RCE exploit fails to fully address the Windows vulnerability & can be bypassed in certain scenarios, allowing attackers to execute arbitrary code on infected systems.

Details: https://thehackernews.com/2021/07/microsofts-emergency-patch-fails-to.html

SideCopy cyber-espionage APT group—potentially linked to Pakistan—has been observed increasingly targeting Indian government personnel with as many as 4 new custom remote-access #malware.

Details: https://thehackernews.com/2021/07/sidecopy-hackers-target-indian.html

Cybersecurity researchers uncovered a new ongoing cyberespionage campaign targeting corporate networks with malware in Spanish-speaking countries, specifically Venezuela, to spy on their victims.

Read: https://thehackernews.com/2021/07/experts-uncover-malware-attacks.html

How to Mitigate Microsoft Print Spooler Vulnerability – PrintNightmare (CVE-2021-34527)
https://thehackernews.com/2021/07/how-to-mitigate-microsoft-print-spooler.html

New security flaws have been discovered in the Sage X3 enterprise resource planning (ERP) product, two of which could be chained together to allow adversaries to execute malicious commands and take control of vulnerable systems.

Read: https://thehackernews.com/2021/07/critical-flaws-reported-in-sage-x3.html

Cybercriminals are using a new trick which involves sending non-malicious office documents that disable macro security warnings before downloading malware and infecting victims' machines.

Read: https://thehackernews.com/2021/07/hackers-use-new-trick-to-disable-macro.html

Multiple vulnerabilities have been disclosed in Philips Clinical Collaboration Platform Portal ( aka Vue PACS medical imaging systems), some of which could be exploited by an attacker to take control of an affected system.

https://thehackernews.com/2021/07/critical-flaws-reported-in-philips-vue.html

In an attempt to hide their activities, the Magecart group of hackers are now encoding stolen credit card information into images—hosted on the backdoored e-commerce server—before exfiltrating the data.

Read details: https://thehackernews.com/2021/07/magecart-hackers-hide-stolen-credit.html

Kaseya has released security updates to address critical vulnerabilities in its Virtual System Administrator (VSA) software that hackers exploited in a widespread ransomware attack targeting 1,500 businesses worldwide.

Details — https://thehackernews.com/2021/07/kaseya-releases-patches-for-flaws.html

Cybercriminals compromised Chinese online gambling sites to spread the BIOPASS RAT malware, which uses OBS Studio's live-streaming app to capture victims' screens.

Read details: https://thehackernews.com/2021/07/hackers-spread-biopass-malware-via.html

🔥 Microsoft has found a new critical zero-day RCE vulnerability (CVE-2021-35211) affecting SolarWinds Serv-U that is being actively exploited by hackers.

Details — https://thehackernews.com/2021/07/a-new-critical-solarwinds-zero-day.html