Newly discovered flaws in commercial Bluetooth stacks affect millions of smartphones, laptops and industrial and consumer IoT devices.

Read: https://thehackernews.com/2021/09/new-braktooth-flaws-leave-millions-of.html

Dubbed "BrakTooth," it could allow attackers to run arbitrary code on the device or, worse, crash it.

Cisco has released a patch for a critical vulnerability in its Enterprise NFVIS software, which could be exploited by an attacker to take control of affected systems.

Read: https://thehackernews.com/2021/09/cisco-issues-patch-for-critical.html

A proof-of-concept (PoC) exploit is available publicly.

FIN7 hackers are using Windows 11-themed Word documents to drop malicious payloads, including a JavaScript backdoor.

https://thehackernews.com/2021/09/fin7-hackers-using-windows-11-themed.html

The attack targeted a US-based point-of-sale (PoS) service provider as part of spear-phishing campaigns.

New malware family — PRIVATELOG, and its installer, STASHLOG — relies on the Common Log File System (CLFS) to hide a second stage payload in registry transaction files and avoid detection.

Read more: https://thehackernews.com/2021/09/this-new-malware-family-using-clfs-log.html

U.S. Cyber Command warns of ongoing attacks exploiting a recently disclosed vulnerability (CVE-2021-26084) in #Atlassian Confluence that could be exploited by unauthenticated attackers to take control of vulnerable systems.

Details: https://thehackernews.com/2021/09/us-cyber-command-warns-of-ongoing.html

Microsoft shares technical details of an actively exploited vulnerability affecting SolarWinds Serv-U FTP server software that it attributes to hackers from China.

Read details: https://thehackernews.com/2021/09/microsoft-says-chinese-hackers-were.html

Apple is temporarily delaying its controversial plans to scan users' devices for child sexual abuse material after receiving blowback over fears that the tool could be used as a weapon for mass surveillance and erode users' privacy.

Read: https://thehackernews.com/2021/09/apple-delays-plans-to-scan-devices-for.html

One of the 3 newly discovered vulnerabilities in NETGEAR Smart Switches, an attacker could bypass authentication and gain complete control of the affected device.

Patch and PoC released - https://thehackernews.com/2021/09/critical-auth-bypass-bug-affect-netgear.html

As part of an ongoing campaign, cybercriminals are using traffic exchange networks as a broad and fast way to distribute malware (click fraud bots, information stealers, ransomware) disguised as cracked versions of popular applications.

Read: https://thehackernews.com/2021/09/traffic-exchange-networks-distributing.html

Despite "no log" policy, ProtonMail shares an activist's IP address and device type with law enforcement agencies.

https://thehackernews.com/2021/09/protonmail-shares-activists-ip-address.html

If Swiss authorities agree to assist foreign agencies, the company has to comply, and it could even be forced to hand over data.

Hackers exploited a recently disclosed vulnerability in Atlassian's Confluence to break into a Jenkins project infrastructure server.

https://thehackernews.com/2021/09/latest-atlassian-confluence-flaw.html

"At this time we have no reason to believe that any Jenkins releases, plugins, or source code have been affected"

Microsoft has issued an advisory WARNING its users about a new actively exploited ZERO-DAY vulnerability (CVE-2021-40444 // CVSS score: 8.8) that attackers are using to hijack Windows systems by leveraging weaponized Office documents.

Details: https://thehackernews.com/2021/09/new-0-day-attack-targeting-windows.html

Researchers uncover a year-long mobile spying campaign targeting the Kurdish ethnic group using Android backdoors disguised as legitimate apps.

Read: https://thehackernews.com/2021/09/experts-uncover-mobile-spyware-attacks.html

HAProxy, a popular load balancer and proxy server, has been found vulnerable to HTTP request smuggling attacks due to an integer overflow vulnerability that could allow unauthorized access to sensitive data and execution of arbitrary commands.

https://thehackernews.com/2021/09/haproxy-found-vulnerable-to-critical.html

CISA warns of a zero-day vulnerability (CVE-2021-40539) affecting Zoho ManageEngine ADSelfService Plus that has been actively exploited in the wild.

Details: https://thehackernews.com/2021/09/cisa-warns-of-actively-exploited-zoho.html

The authentication bypass flaw could lead to arbitrary remote code execution attacks.

Hackers leak hundreds of thousands of VPN login credentials belonging to users of nearly 87,000 #Fortinet FortiGate devices.

Read: https://thehackernews.com/2021/09/hackers-leak-vpn-account-passwords-from.html

REvil ransomware group has returned after a two-month hiatus following its highly publicized attack against Kaseya.

Read: https://thehackernews.com/2021/09/russian-ransomware-group-revil-back.html

A critical cross-account takeover #vulnerability in Microsoft's Azure Container Instances service could have allowed attackers to execute code on other customers' containers, exfiltrate secrets or deploy cryptominers.

Details: https://thehackernews.com/2021/09/microsoft-warns-of-cross-account.html

A previously unknown backdoor #malware targeting an unidentified computer retail firm in the United States has been linked to a long-standing Chinese espionage group called Grayfly.

Read details: https://thehackernews.com/2021/09/experts-link-sidewalk-malware-attacks.html

Several banking, cryptocurrency wallets, and shopping apps are the target of a newly discovered Android trojan that could enable attackers to siphon sensitive data from infected devices, including credentials and open the door for on-device fraud.

https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html

Whatsapp has finally closed a major privacy loophole and soon users will be able to end-to-end encrypt their chat backups to iCloud or Google Drive.

Read: https://thehackernews.com/2021/09/whatsapp-to-finally-let-users-encrypt.html