LightBasin ( aka UNC1945), a highly sophisticated hacking group, has been identified as behind a series of attacks on the telecommunications sector using custom tools aimed at gathering very specific information.

Read: https://thehackernews.com/2021/10/lightbasin-hackers-breach-at-least-13.html

Researchers have discovered a new vulnerability (CVE-2021-0186) in Intel processors, dubbed 'SmashEx,' that could allow attackers to access to sensitive information stored in SGX enclaves and even execute arbitrary code on vulnerable systems.

https://thehackernews.com/2021/10/researchers-break-intel-sgx-with-new.html

Two Eastern European nationals have been sentenced in the U.S. for offering "bulletproof #hosting" services to cybercriminals, which hackers used to distribute #malware and attack financial institutions across the country.

Read: https://thehackernews.com/2021/10/two-eastern-europeans-sentenced-for.html

Watch Out!

Google warns that hackers have been hijacking accounts of high-profile YouTube creators with malware that steals browser cookies for session hijacking, a technique that can effectively circumvent 2-factor authentication.

Details: https://thehackernews.com/2021/10/hackers-stealing-browser-cookies-to.html

U.S. government has announced new regulations banning the sale of hacking software and #surveillance equipment to Russia, China and other authoritarian regimes.

Read details: https://thehackernews.com/2021/10/us-government-bans-sale-of-hacking.html

A newly discovered vulnerability in that never-ending trial version of the popular WinRAR software could allow attackers to execute arbitrary code on target systems.

Read: https://thehackernews.com/2021/10/bug-in-free-winrar-software-could-let.html

Researchers have discovered a new rootkit malware that has a valid digital signature issued by Microsoft and is targeting online gamers in China.

Read details: https://thehackernews.com/2021/10/researchers-discover-microsoft-signed.html

Cybercrime gang FIN7 created a fake cybersecurity company called "Bastion Secure" to recruit IT experts and get them to launch ransomware attacks.

Read details: https://thehackernews.com/2021/10/hackers-set-up-fake-company-to-get-it.html

The hacker group "Lone Wolf" uses political and government-themed malicious domains to target entities in India and Afghanistan with commodity RATs.

Read details: https://thehackernews.com/2021/10/lone-wolf-hacker-group-targeting.html

A popular JavaScript NPM library with over 6 million weekly downloads has been hijacked to publish crypto-mining malware.

Read details: https://thehackernews.com/2021/10/popular-npm-package-hijacked-to-publish.html

In a multiple-country effort, law enforcement agencies 'reportedly' hacked the infrastructure of REvil ransomware group and forced it offline.

Read details: https://thehackernews.com/2021/10/feds-reportedly-hacked-revil-ransomware.html

Microsoft's threat intelligence team has uncovered "a series of large-scale credential phishing campaigns" using a custom phishing kit called "TodayZoo."

Read details: https://thehackernews.com/2021/10/microsoft-warns-of-todayzoo-phishing.html

New York Times journalist Ben Hubbard was repeatedly targeted with Israel-based NSO Groups Pegasus spyware over a three-year period after reporting on Saudi Arabia.

Read details: https://thehackernews.com/2021/10/nyt-journalist-repeatedly-hacked-with.html

Watch Out! Hackers are actively exploiting a critical vulnerability in multiple versions of a time and billing system called BillQuick to deploy ransomware on vulnerable systems.

Read details: https://thehackernews.com/2021/10/hackers-exploited-popular-billquick.html

Microsoft warns of continued supply-chain attacks by hacker group Nobelium, which has compromised 14 downstream customers of several cloud service providers, managed service providers and other IT service companies.

Read: https://thehackernews.com/2021/10/microsoft-warns-of-continued-supply.html

< Gummy Browsers >

Researchers find a new way that could let attackers collect browser’s fingerprinting information and spoof it without the victim’s awareness.

Read details: https://thehackernews.com/2021/10/new-attack-let-attacker-collect-and.html

Mozilla warns that two malicious Firefox add-ons installed by over 455,000 users prevent users from downloading security updates, accessing updated blocklists, and updating remotely configured content.

Read details: https://thehackernews.com/2021/10/malicious-firefox-add-ons-block-browser.html

Over 10 MILLION users have been targeted with 151 malicious Android apps from the Google Play Store that tricked users into paying for premium subscription services without their knowledge or consent.

Details: https://thehackernews.com/2021/10/over-10-million-android-users-targeted.html

North Korean hacking group Lazarus has been observed waging two separate supply-chain attacks to gain a foothold in corporate networks and attack downstream organizations.

Read details: https://thehackernews.com/2021/10/latest-report-uncovers-supply-chain.html

A widespread malicious email campaign deploys a new malware loader that gives attackers initial access to corporate networks to spread malicious payloads like Qakbot and Cobalt Strike.

Read: https://thehackernews.com/2021/10/hackers-using-squirrelwaffle-loader-to.html

Two more malicious libraries distributed via the official NPM repository have been caught stealing credentials, installing remote access trojans, and infecting compromised systems with ransomware.

Read: https://thehackernews.com/2021/10/malicious-npm-libraries-caught.html