A widespread malicious email campaign deploys a new malware loader that gives attackers initial access to corporate networks to spread malicious payloads like Qakbot and Cobalt Strike.

Read: https://thehackernews.com/2021/10/hackers-using-squirrelwaffle-loader-to.html

Two more malicious libraries distributed via the official NPM repository have been caught stealing credentials, installing remote access trojans, and infecting compromised systems with ransomware.

Read: https://thehackernews.com/2021/10/malicious-npm-libraries-caught.html

Cybersecurity researchers at ESET have discovered a new unique #malware loader, dubbed Wslink, that runs as a server and executes received modules in memory.

Read details: https://thehackernews.com/2021/10/new-wslink-malware-loader-runs-as.html

A researcher has cracked 70% of the 5,000 Wi-Fi networks in the Israeli city of Tel Aviv, showing how insecure Wi-Fi passwords can open the door to serious threats for individuals, small businesses and enterprises.

Read: https://thehackernews.com/2021/10/israeli-researcher-cracked-over-3500-wi.html

IMPORTANT — Google has issued an emergency update (version 95.0.4638.69) for Chrome web browser for Windows, Mac, and #Linux users to patch two zero-day vulnerabilities that are being actively exploited in the wild.

https://thehackernews.com/2021/10/google-releases-urgent-chrome-update-to.html

A Russian hacker extradited to the United States earlier this month has appeared in federal court in Ohio to face charges over his alleged involvement in the notorious TrickBot malware group.

Details: https://thehackernews.com/2021/10/russian-trickbot-gang-hacker-extradited.html

// Shrootless (CVE-2021-30892) //

Microsoft discovered a new SIP bypass vulnerability in Apple's macOS system that could allow attackers to gain root privileges and install persistent, undetectable rootkit malware.

Read details: https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html

Researchers have discovered a new Android malware strain that is capable of rooting smartphones and gaining complete control over infected devices while simultaneously evading detection.

Read: https://thehackernews.com/2021/10/this-new-android-malware-can-gain-root.html

Europol has arrested 12 hackers believed to be behind the LockerGoga, MegaCortex and Dharma ransomware attacks, which targeted large companies and critical infrastructure with over 1,800 victims in 71 countries

Read: https://thehackernews.com/2021/10/police-arrest-suspected-ransomware.html

Researchers have released details about the 'PINK' malware, which they say is the "largest botnet" observed in the wild in the last six years, infecting over 1.6 million devices.

Read details: https://thehackernews.com/2021/11/researchers-uncover-pink-botnet-malware.html

<Trojan Source Attack/>

Researchers discovered a new class of vulnerabilities that hackers could use to hide malicious code & vulnerabilities in source code of a program, effectively opening the door to more first-party and supply chain risks.

https://thehackernews.com/2021/11/new-trojan-source-technique-lets.html

Multiple critical flaws have been discovered in Hitachi Vantara's Pentaho Business Analytics software that could be abused by hackers to upload arbitrary data files and even execute arbitrary code on the app's underlying host system.

Read: https://thehackernews.com/2021/11/critical-flaws-uncovered-in-pentaho.html

Trick & Treat! 🎃

Google launches a new #bugbounty that will reward hackers with $31,337 for exploiting "already patched" Linux kernel vulnerabilities in its lab environment and $50,337 for unpatched flaws or a new exploit technique.

Details: https://thehackernews.com/2021/11/google-to-pay-hackers-31337-for.html

WARNING: A critical unauthenticated remote code execution flaw (CVE-2021-22205) affecting #GitLab CE is being actively exploited in the wild.

Details: https://thehackernews.com/2021/11/alert-hackers-exploiting-gitlab.html

Android Security Bulletin — Nov 2021

➤ There is a new zero-day vulnerability (CVE-2021-1048) that is being exploited by hackers for targeted attacks.

➤ Google has rolled out patches for this and 38 other flaws.

Read — https://thehackernews.com/2021/11/google-warns-of-new-android-0-day.html

Facebook is shutting down its decades-old "facial recognition system" and deleting a vast trove of more than a billion users' facial recognition templates, citing growing societal concerns about the use of such technology.

Read: https://thehackernews.com/2021/11/facebook-to-shut-down-facial.html

BlackMatter ransomware appears to be shutting down and meanwhile, researchers have released the latest analysis of new samples, showing how operators have been steadily adding new features and encryption capabilities over three months.

Read: https://thehackernews.com/2021/11/blackmatter-ransomware-reportedly.html

A heap overflow vulnerability (CVE-2021-43267) has been reported in Linux Kernel's Transparent Inter Process Communication (TIPC) module that can be exploited either locally or remotely within a network to gain kernel privileges.

Read: https://thehackernews.com/2021/11/critical-rce-vulnerability-reported-in.html

Cisco has released security patches for flaws affecting multiple products, the most critical of which are:

—CVE-2021-40119: Hardcoded SSH Keys Bug in Policy Suite.

—Multiple flaws affecting Cisco Catalyst PON Series Switches ONT.

Read: https://thehackernews.com/2021/11/hardcoded-ssh-key-in-cisco-policy-suite.html

United States has announced a $10,000,000 reward for information leading to the identification or location of key individuals behind the Russia-linked DarkSide ransomware group.

Read — https://thehackernews.com/2021/11/us-offers-10-million-reward-for.html

CISA has ordered U.S. federal agencies to patch hundreds of actively exploited vulnerabilities discovered in 2021 by November 17, 2021, and the remaining older vulnerabilities by May 3, 2022.

Read Details — https://thehackernews.com/2021/11/us-federal-agencies-ordered-to-patch.html