SonicWall urges customers to immediately patch/update their SMA 100 series appliances to the latest version in order to prevent exploitation of newly discovered multiple critical & high-severity security vulnerabilities.

Details: https://thehackernews.com/2021/12/sonicwall-urges-customers-to.html

A number of malicious NPM javascript packages in the open-source repository have been caught hijacking Discord servers.

Read: https://thehackernews.com/2021/12/over-dozen-malicious-npm-packages.html

Researchers have discovered at least 300,000 IP addresses associated with vulnerable MikroTik network devices that can be hacked remotely using previously known critical vulnerabilities.

Read details: https://thehackernews.com/2021/12/over-300000-mikrotik-devices-found.html

Russian government has blocked Tor privacy service as part of its latest move towards censorship.

Read details: https://thehackernews.com/2021/12/russia-blocks-tor-privacy-service-in.html

ALERT! In a massive ongoing cyber attack, nearly 1.6 million WordPress websites were hit with 13.7 million malicious requests from over 16,000 different IP addresses.

Read details: https://thehackernews.com/2021/12/16-million-wordpress-sites-under.html

Researchers have spotted a new Rust-based "very sophisticated #ransomware" — dubbed BlackCat — in the wild.

Read details: https://thehackernews.com/2021/12/blackcat-new-rust-based-ransomware.html

Log4Shell / CVE-2021-44228 / CVSS 10

A new highly critical RCE vulnerability in the Java-based Log4J logging library affects a large number of applications and services on the Internet.

Details — https://thehackernews.com/2021/12/extremely-critical-log4j-vulnerability.html

Several hackers are actively weaponizing unpatched servers affected by the recently disclosed "Log4Shell" vulnerability in Apache Log4j to install cryptocurrency miners, Cobalt Strike, and recruit the devices into a botnet.

Details: https://thehackernews.com/2021/12/apache-log4j-vulnerability-log4shell.html

Microsoft describes the "distinct building blocks" of the decade-old but still widely used banking malware Qakbot to proactively and effectively detect and block the threat.

Read details: https://thehackernews.com/2021/12/microsoft-details-building-blocks-of.html

Researchers warn of the rise of Karakurt, a new hacking group focused on data theft and extortion.

Read details: https://thehackernews.com/2021/12/karakurt-new-emerging-data-theft-and.html

⚡ALERT — Update your Google Chrome web browser for Windows, Mac, and Linux immediately to patch a new zero-day vulnerability — 17th this year — discovered in the wild along with 4 others.

Read details: https://thehackernews.com/2021/12/update-google-chrome-to-patch-new-zero.html

Apple has released a new iOS update for iPhones to patch several critical security issues, including an exploit chain for a recently demonstrated remote jailbreak attack.

Read details: https://thehackernews.com/2021/12/latest-apple-ios-update-patches-remote.html

A ransomware affiliate has been arrested in Romania, and in Ukraine, 51 people have been arrested for selling stolen personal data of 300 million users.

Read details: https://thehackernews.com/2021/12/ransomware-affiliate-arrested-in.html

Hackers have begun exploiting the latest Log4j vulnerability to infect Windows computers with the Khonsari ransomware.

Read details: https://thehackernews.com/2021/12/hackers-exploit-log4j-vulnerability-to.html

URGENT: Apache Foundation has issued a new patch (CVE-2021-45046) for Log4j utility after the previous patch for the recently disclosed Log4Shell exploit (CVE-2021-44228) was deemed incomplete in certain non-default configurations.

Details: https://thehackernews.com/2021/12/second-log4j-vulnerability-cve-2021.html

Time to update your windows for the last time this year (probably!).

Microsoft releases latest Windows security updates to patch several newly discovered flaws, including a new 0-day that attackers are exploiting to spread the Emotet malware.

https://thehackernews.com/2021/12/microsoft-issues-windows-update-to.html

Researchers discovered a new malicious module for IIS servers — dubbed Owowa — that attackers are using to steal users' Microsoft Exchange credentials and gain remote code execution ability on the underlying servers.

Details: https://thehackernews.com/2021/12/hackers-using-malicious-iis-server.html

Facebook today expanded its Bug Bounty program to reward researchers for reporting bugs that could allow attackers to bypass data scraping restrictions and also for scraped databases that are available online.

Details: https://thehackernews.com/2021/12/facebook-to-pay-hackers-for-reporting.html

Attackers have started exploiting the 2nd Log4J vulnerability (CVE-2021-45046), while a third vulnerability has already been reported and its technical details are expected to be published soon.

Details + PoC for 3rd: https://thehackernews.com/2021/12/hackers-begin-exploiting-second-log4j.html

A new fileless malware targeting Russian businesses has been spotted using the Windows OS registry as both persistent and temporary storage to evade detection.

Read details: https://thehackernews.com/2021/12/new-fileless-malware-uses-windows.html

Researchers uncover coexistence attacks on Broadcom, Cypress & Silicon Labs chips installed in billions of devices that could allow Bluetooth chips to directly extract network passwords and manipulate Wi-Fi traffic.

Details: https://thehackernews.com/2021/12/researchers-uncover-new-coexistence.html