Oracle warns of three newly discovered critical vulnerabilities in Weblogic server software that can be exploited remotely without authentication.

Read: https://thehackernews.com/2021/07/oracle-warns-of-critical-remotely.html

As part of the July 2021 Patch Updates, Oracle also released 342 fixes that span multiple products.

Kaseya has received a universal REvil decryptor to help customers recover data, nearly 3 weeks after a supply-chain ransomware attack impacted the company.



https://thehackernews.com/2021/07/kaseya-gets-universal-decryptor-to-help.html

Nasty macOS malware XCSSET has been updated once again to steal sensitive data from a variety of apps, including Chrome and Telegram.

Read: https://thehackernews.com/2021/07/nasty-macos-malware-xcsset-now-targets.html

A newly discovered "PetitPotam" NTLM relay attack can be exploited by attackers to completely take over Windows domains by forcing remote servers—including Domain Controllers—to authenticate with a malicious machine.

Details: https://thehackernews.com/2021/07/new-petitpotam-ntlm-relay-attack-lets.html

Microsoft warns of a notorious cross-platform crypto-mining malware that has refined and improved its techniques to attack Windows and #Linux operating systems.

Read details: https://thehackernews.com/2021/07/microsoft-warns-of-lemonduck-malware.html

A growing number of cybercriminals are switching from conventional programming languages to "exotic" languages—such as Go, Rust, Nim, Dlang—for #malware development that can bypass security, and complicate reverse-engineering efforts.

Read: https://thehackernews.com/2021/07/hackers-turning-to-exotic-programming.html

Rapid7 has uncovered multiple flaws affecting 3 open-source projects — EspoCRM, Pimcore, Akaunting — that are used by several small & medium-sized businesses that could provide a pathway for more sophisticated attacks.

Details: https://thehackernews.com/2021/07/several-bugs-found-in-3-open-source.html

Zimbra email collaboration software, used by over 200,000 companies, has been found vulnerable to multiple flaws that could be exploited to compromise email accounts & even take full control of mail server when hosted on a cloud infrastructure.

https://thehackernews.com/2021/07/new-bug-could-let-attackers-hijack.html

An Iranian cyberespionage group spent years posing as an aerobics instructor on Facebook to infect the computer of an aerospace defense contractor with malware.

Read details: https://thehackernews.com/2021/07/hackers-posed-as-aerobics-instructors.html

Chinese cyberespionage group PKPLUG deployed a previously undocumented variant of PlugX RAT on compromised systems during the recent wave of attacks on #Microsoft Exchange servers.

Read details: https://thehackernews.com/2021/07/chinese-hackers-implant-plugx-variant.html

Here is a list of the top 30 most commonly exploited critical security vulnerabilities that hackers weaponize against broad target sets, including public and private sector organizations worldwide.

Read details: https://thehackernews.com/2021/07/top-30-critical-security.html

Vultur — a new Android remote access trojan — uses smartphone's screen recording feature to spy on its victims and steal their banking credentials.

Details: https://thehackernews.com/2021/07/new-android-malware-uses-vnc-to-spy-and.html

Two new ransomware gangs — Haron and BlackMatter — have appeared on cybercrime forums, with one professing to be a successor to DarkSide and REvil, infamous syndicates that went off the grid following major attacks on Colonial Pipeline and Kaseya.

https://thehackernews.com/2021/07/new-ransomware-gangs-haron-and.html

Hackers are using a decoy document titled "Crimea Manifesto" to infect target computers with a fully-featured VBA malware.

Details: https://thehackernews.com/2021/07/hackers-exploit-microsoft-browser-bug.html

It uses two attack vectors—malicious macros and an IE browser exploit—aiming to increase the chances of infection.

Microsoft has issued a warning about an ongoing malicious campaign employs uses fake call centers to trick users into downloading BazaLoader malware that can sniff data and install ransomware.

Read details: https://thehackernews.com/2021/07/phony-call-centers-tricking-users-into.html

A recent cyberattack that disrupted Iran's railway system and the ministry of transportation was caused by a never-before-seen reusable wiper malware called "Meteor."



Details: https://thehackernews.com/2021/07/a-new-wiper-malware-was-behind-recent.html

Researchers have discovered several malicious Python libraries hosted on the PyPI repository that aim to steal credit cards and inject code.

Read details: https://thehackernews.com/2021/07/several-malicious-typosquatted-python.html

Researchers reveal 30 new command-and-controlled servers belonging to the Russian hacking group APT29, which is currently delivering WellMess #malware as part of ongoing attacks against Windows and Linux systems.

Read details: https://thehackernews.com/2021/07/experts-uncover-several-c-servers.html

Solarmarker, a highly modular and constantly evolving information-stealing and keylogging malware, is once again on the rise, targeting #healthcare and education sectors.

Details: https://thehackernews.com/2021/08/solarmarker-infostealer-malware-once.html

A critical vulnerability in Python Package Index (PyPI) platform could have given attackers complete control over the official software repository, spawning supply-chain attacks.

Details: https://thehackernews.com/2021/08/pypi-python-package-repository-patches.html

A new APT hacker group, known as "Praying Mantis," is targeting high-profile public and private organizations in the U.S. by exploiting Microsoft IIS servers with ASP .net exploits to penetrate their networks.

Read: https://thehackernews.com/2021/08/new-apt-hacking-group-targets-microsoft.html