Facebook has banned hundreds of accounts linked to 7 "cyber mercenary" companies that spied on nearly 50,000 users—including journalists, dissidents, families of political dissidents and human rights activists.

Read: https://thehackernews.com/2021/12/facebook-bans-7-cyber-mercenaries.html

Apache Issues 3rd patch update -- version 2.17.0 -- to fix a new high-severity Log4j vulnerability (CVE-2021-45105).

Read: https://thehackernews.com/2021/12/apache-issues-3rd-patch-to-fix-new-high.html

⚡Researchers discover an entirely new ATTACK VECTOR that could allow hackers to exploit critical Log4Shell vulnerability on servers locally by using a JavaScript WebSocket connection.

Read details: https://thehackernews.com/2021/12/new-local-attack-vector-expands-attack.html

Researchers have discovered a new application in the Google Play Store that contains Joker malware and has been downloaded by over 500,000 Android users.

https://thehackernews.com/2021/12/over-500000-android-users-downloaded.html

Researchers discover new vulnerabilities in the "handover procedure" of 2G, 3G, 4G and 5G mobile networks that could allow attackers to force targeted mobile phones to connect to a fake base station and eavesdrop on communications.

Read details: https://thehackernews.com/2021/12/new-mobile-network-vulnerabilities.html

Meta sues hackers behind massive phishing attacks against Facebook, WhatsApp and Instagram users, who are operating more than 39,000 fake webpages to steal their login credentials.

Read details: https://thehackernews.com/2021/12/meta-sues-hackers-behind-facebook.html

Cyber espionage hacking group 'Tropic Trooper', equipped with new tools and techniques, is targeting transportation companies and government agencies related to transportation.

Read: https://thehackernews.com/2021/12/tropic-trooper-cyber-espionage-hackers.html

Microsoft warns that two recently reported vulnerabilities — tracked as CVE-2021-42278 and CVE-2021-42287 — in Active Directory could be exploited by attackers to take over unpatched Windows domain controllers.

Details: https://thehackernews.com/2021/12/active-directory-bugs-could-let-hackers.html

Watch Out!

Hackers are leveraging a new exploit in malware attacks to bypass security patches for a critical RCE vulnerability affecting Microsoft MSHTML, a web page rendering engine in Office documents.

Read details: https://thehackernews.com/2021/12/new-exploit-lets-malware-attackers.html

⚡ China has suspended its partnership with Alibaba Cloud Services — whose researcher discovered the critical Log4j vulnerability — because the company did not first report this flaw to the government as required by the country's new law.

Read: https://thehackernews.com/2021/12/china-suspends-deal-with-alibaba-for.html

Researchers reveal details of 4 new vulnerabilities affecting Microsoft Teams conferencing software—3 of which are UNPATCHED and the company reportedly says it will not fix them, including SSRF, URL preview spoofing and DoS issues.

Details: https://thehackernews.com/2021/12/researchers-disclose-unpatched.html

A newly discovered 4-year-old flaw — dubbed NotLegit — in Microsoft's Azure app service has exposed hundreds of source code repositories associated with PHP, Node, Python, Ruby and Java applications.

Read details: https://thehackernews.com/2021/12/4-year-old-bug-in-azure-app-service.html

Cybersecurity agencies from the United States, Australia, Canada, New Zealand and the United Kingdom have issued a joint advisory following widespread exploitation of multiple Log4j vulnerabilities.

Read: https://thehackernews.com/2021/12/cisa-fbi-and-nsa-publish-joint-advisory.html

Researchers disclose details of an evasive malware campaign that uses code-signing certificates to avoid detection and deploy Cobalt Strike and BitRAT payloads on compromised systems.

Read: https://thehackernews.com/2021/12/new-blister-malware-using-code-signing.html

New ransomware variants keep popping up despite law enforcement actions.

Researchers are now warning about "Avos Locker" that uses new tactics including disabling endpoint security products on targeted systems and booting it into Safe Mode.

https://thehackernews.com/2021/12/new-ransomware-variants-flourish-amid.html

Researcher details Apple macOS vulnerability (CVE-2021-30853) that could allow malware apps to bypass Gatekeeper protection.

Read details: https://thehackernews.com/2021/12/expert-details-macos-bug-that-could-let.html

Researchers at Reasonsecurity warn that pirated copies of SpiderManNoWayHome movie, which are distributed via the torrent network, infect users' computers with crypto-mining #malware.

Read details: https://thehackernews.com/2021/12/spider-man-no-way-home-pirated.html

Researchers have discovered a new #Android banking malware that targets Brazil's Itaú Unibanco with the help of lookalike Google Play Store pages.
https://thehackernews.com/2021/12/new-android-malware-targeting-brazils.html

New vulnerabilities discovered in a network component of Garrett metal detectors that could allow remote attackers to bypass authentication, manipulate metal detector configuration, and even execute arbitrary code on the devices.

Read details: https://thehackernews.com/2021/12/garrett-walk-through-metal-detectors.html

Cybersecurity researchers reveal details about the DoubleFeature logging module in DanderSpritz, a post-exploitation framework used by Equation Group hackers.

Read: https://thehackernews.com/2021/12/experts-detail-logging-tool-of.html

Ongoing Autom cryptomining malware campaign has upgraded its arsenal while adding new defense evasion tactics that enable the threat actors to conceal the intrusions and fly under the radar.

Read: https://thehackernews.com/2021/12/ongoing-autom-cryptomining-malware.html