A new #malware — codenamed "Capoae" — scans the web for vulnerable Linux machine and WordPress sites in order to install a backdoored plugin that runs a Golang-based crypto-mining software.

Read details: https://thehackernews.com/2021/09/new-capoae-malware-infiltrates.html

Cring Ransomware Gang Exploits 11-Year-Old ColdFusion Bug

Read: https://thehackernews.com/2021/09/cring-ransomware-gang-exploits-11-year.html

A new UNPATCHED high-severity vulnerability has been disclosed in macOS Finder on Apple machines running Big Sur and earlier versions, which could allow remote attackers to trick users into executing arbitrary commands.

Details: https://thehackernews.com/2021/09/unpatched-high-severity-vulnerability.html

VMWare warns of 19 new flaws affecting vCenter Server and Cloud Foundation appliances, the most serious of which is an arbitrary file upload vulnerability (CVE-2021-22005) that allows remote attackers to take control of affected systems.

https://thehackernews.com/2021/09/vmware-warns-of-critical-file-upload.html

A new high-severity remote code execution vulnerability has been discovered in several Netgear router models that could be exploited by MiTM attackers to take control of affected systems.

Read details: https://thehackernews.com/2021/09/high-severity-rce-flaw-disclosed-in.html

For the first time, the U.S. Treasury has announced sanctions against a cryptocurrency exchange (Russia's SUEX) for its role in laundering financial transactions for #ransomware attackers.

Read details — https://thehackernews.com/2021/09/us-sanctions-cryptocurrency-exchange.html

Researchers reported 11 new security vulnerabilities in Nagios network management systems that could lead to pre-authenticated remote code execution with the highest privileges, credential theft, and phishing attacks.

Read details: https://thehackernews.com/2021/09/new-nagios-software-bugs-could-let.html

Microsoft reveals details of a large-scale phishing-as-a-service operation that is "responsible for many of the phishing campaigns that impact enterprises today."

https://thehackernews.com/2021/09/microsoft-warns-of-wide-scale-phishing.html

BulletProofLink offers phishing kits, email templates, hosting, and automated services.

A new insidious Android malware has been discovered targeting users in U.S. and Canada as part of a new campaign that leverages SMS text message baits linked to COVID19 rules & vaccine information to collect personal and financial data.

Read: https://thehackernews.com/2021/09/new-android-malware-targeting-us.html

A terabyte of data containing 5.5 million files was left exposed, exposing the personal and buying information of over 100,000 customers of a Colombian real estate company.

Read details: https://thehackernews.com/2021/09/colombian-real-estate-agency-leak.html

IMPORTANT — A newly disclosed unpatched weakness in all Microsoft Windows computers shipped since 2012 could allow attackers to bypass system defenses and install rootkit malware with ease.

Read details: https://thehackernews.com/2021/09/a-new-bug-in-microsoft-windows-could.html

A vulnerability in Microsoft Exchange's Autodiscover protocol exposed around 100,000 Windows domain credentials from various apps such as Outlook, mobile email clients, and others that interacted with the Exchange server.

Read details: https://thehackernews.com/2021/09/microsoft-exchange-bug-exposes-100000.html

Apple releases urgent updates for iOS and macOS to patch 3 new 0-day flaws actively exploited in the wild.

Attacks involve:

CVE-2021-30860 — maliciously crafted PDFs
CVE-2021-30858 — maliciously crafted web content
CVE-2021-30869 — malicious app

https://thehackernews.com/2021/09/urgent-apple-ios-and-macos-updates.html

Cisco has released security patches for three critical flaws in IOS XE network operating system, which remote attackers may exploit to run arbitrary code with administrative rights.

Read details: https://thehackernews.com/2021/09/cisco-releases-patches-3-new-critical.html

Cybersecurity experts at Google have discovered a new technique that hackers are using to trick Windows systems into bypassing malware detection—by intentionally using malformed code signatures.

Read details: https://thehackernews.com/2021/09/google-warns-of-new-way-hackers-can.html

SonicWall has released security updates to address a critical vulnerability affecting the Secure Mobile Access (SMA) 100 series appliances that allows unauthenticated attackers to remotely gain administrative access on targeted devices.

Read: https://thehackernews.com/2021/09/sonicwall-issues-patches-for-new.html

FamousSparrow, a new APT hacker group, is responsible for a series of espionage hacks against hotels around the world, as well as governments, international organizations, engineering firms, and law firms.

Read: https://thehackernews.com/2021/09/a-new-apt-hacker-group-spying-on-hotels.html

Google releases a new version (94.0.4606.61) of Chrome browser for Windows, Mac, and Linux users that includes a security patch for a newly discovered critical zero-day vulnerability that is being actively exploited.

Details: https://thehackernews.com/2021/09/urgent-chrome-update-released-to-patch.html

A new version of Jupyter infostealer malware is being distributed via MSI installer 'to become more efficient and evasive.'

Read details: https://thehackernews.com/2021/09/a-new-jupyter-malware-version-is-being.html

< FoggyWeb >

Microsoft uncovers a new backdoor deployed by the hacker behind the SolarWinds attack, that employs multiple methods to steal credentials to gain administrative access to Active Directory Federation Services servers.

Details: https://thehackernews.com/2021/09/microsoft-warns-of-foggyweb-malware.html

Researchers have discovered a new malware, dubbed BloodyStealer, which steals account data from popular #gaming stores and apps, including Bethesda, Epic Games, GOG, Origin, Steam, Telegram, and VimeWorld.

Read details: https://thehackernews.com/2021/09/new-bloodystealer-trojan-steals-gamers.html