Cybersecurity experts at Google have discovered a new technique that hackers are using to trick Windows systems into bypassing malware detection—by intentionally using malformed code signatures.

Read details: https://thehackernews.com/2021/09/google-warns-of-new-way-hackers-can.html

SonicWall has released security updates to address a critical vulnerability affecting the Secure Mobile Access (SMA) 100 series appliances that allows unauthenticated attackers to remotely gain administrative access on targeted devices.

Read: https://thehackernews.com/2021/09/sonicwall-issues-patches-for-new.html

FamousSparrow, a new APT hacker group, is responsible for a series of espionage hacks against hotels around the world, as well as governments, international organizations, engineering firms, and law firms.

Read: https://thehackernews.com/2021/09/a-new-apt-hacker-group-spying-on-hotels.html

Google releases a new version (94.0.4606.61) of Chrome browser for Windows, Mac, and Linux users that includes a security patch for a newly discovered critical zero-day vulnerability that is being actively exploited.

Details: https://thehackernews.com/2021/09/urgent-chrome-update-released-to-patch.html

A new version of Jupyter infostealer malware is being distributed via MSI installer 'to become more efficient and evasive.'

Read details: https://thehackernews.com/2021/09/a-new-jupyter-malware-version-is-being.html

< FoggyWeb >

Microsoft uncovers a new backdoor deployed by the hacker behind the SolarWinds attack, that employs multiple methods to steal credentials to gain administrative access to Active Directory Federation Services servers.

Details: https://thehackernews.com/2021/09/microsoft-warns-of-foggyweb-malware.html

Researchers have discovered a new malware, dubbed BloodyStealer, which steals account data from popular #gaming stores and apps, including Bethesda, Epic Games, GOG, Origin, Steam, Telegram, and VimeWorld.

Read details: https://thehackernews.com/2021/09/new-bloodystealer-trojan-steals-gamers.html

ALERT: Opportunistic hackers are actively exploiting a recently disclosed critical vulnerability in Atlassian Confluence on Windows and Linux to install web-shells that lead to the execution of crypto miners on compromised systems.

Details: https://thehackernews.com/2021/09/atlassian-confluence-rce-flaw-abused-in.html

FinFisher surveillance malware has been updated to infect the UEFI Bootloader on Windows devices with bootkit, signaling a shift in attack vectors that allows it to evade detection and analysis.

Read details: https://thehackernews.com/2021/09/new-finspy-malware-variant-infects.html

WARNING — Two new #Android malware distributed via Google Play Store has been targeting Brazil's new PIX Instant Payment system to drain users' bank accounts.

Read details: https://thehackernews.com/2021/09/hackers-targeting-brazils-pix-payment.html

Facebook today released "Mariana Trench," a new open-source tool it has been using internally to detect and prevent security and privacy bugs in #Android and Java applications at scale.

Read details: https://thehackernews.com/2021/09/facebook-releases-new-tool-that-finds.html

Russian authorities have arrested the founder and CEO of cybersecurity company Group-IB on suspicion of treason against the state for allegedly passing on secret information to foreign intelligence services.

Read details: https://thehackernews.com/2021/09/cybersecurity-firm-group-ibs-ceo.html

The hacking group responsible for the SolarWinds cyberattack has been linked to a new backdoor targeting high-profile victims through DNS hijacking on "government zones of a CIS member state."

Details: https://thehackernews.com/2021/09/new-tomiris-backdoor-found-linked-to.html

A new unpatched vulnerability in Microsoft Azure Active Directory (AD) can be exploited by attackers to perform undetected password brute force attacks—without generating sign-in events in the targeted organization's tenant.

Read details: https://thehackernews.com/2021/09/new-azure-ad-bug-lets-hackers-brute.html

IMPORTANT — Google has released another emergency security update for the Chrome web browser, this time to fix two new zero-day vulnerabilities that are being actively exploited in the wild.

Read details: https://thehackernews.com/2021/09/update-google-chrome-asap-to-patch-2.html

ALERT!!

This new malicious campaign is spreading a fake antivirus program that claims to detect the Pegasus Spyware and pretending to be from Amnesty International but actually infecting computers with malware.

Read details: https://thehackernews.com/2021/10/beware-of-fake-amnesty-international.html

Here's a new free online tool to discover unprotected cloud storage instances.

Read more: https://thehackernews.com/2021/09/immuniweb-launches-free-cloud-security.html

Chinese spy hackers deploy new rootkit against targeted Windows 10 users working for high-profile entities in Malaysia, Thailand, Vietnam and Indonesia, in addition to outliers in Egypt, Ethiopia and Afghanistan.

Details: https://thehackernews.com/2021/10/chinese-hackers-used-new-rootkit-to-spy.html

Researchers have found an unpatched vulnerability in Apple Pay that attackers could exploit to make an unauthorized contactless Visa payment from a locked iPhone.

Read details: https://thehackernews.com/2021/10/apple-pay-can-be-abused-to-make.html

A new hacking group has been identified as being behind a series of attacks on the fuel, energy and aviation industries in Russia, the US, India, Nepal, Taiwan and Japan, with the aim of stealing data from compromised networks.

Details: https://thehackernews.com/2021/10/a-new-apt-hacking-group-targeting-fuel.html

Several poorly configured Apache Airflow instances of companies across various industries exposing their credentials for popular services such as cloud hosting providers, payment processing, and social media platforms.

Read — https://thehackernews.com/2021/10/poorly-configured-apache-airflow.html