Microsoft warns that two recently reported vulnerabilities — tracked as CVE-2021-42278 and CVE-2021-42287 — in Active Directory could be exploited by attackers to take over unpatched Windows domain controllers.

Details: https://thehackernews.com/2021/12/active-directory-bugs-could-let-hackers.html

Watch Out!

Hackers are leveraging a new exploit in malware attacks to bypass security patches for a critical RCE vulnerability affecting Microsoft MSHTML, a web page rendering engine in Office documents.

Read details: https://thehackernews.com/2021/12/new-exploit-lets-malware-attackers.html

⚡ China has suspended its partnership with Alibaba Cloud Services — whose researcher discovered the critical Log4j vulnerability — because the company did not first report this flaw to the government as required by the country's new law.

Read: https://thehackernews.com/2021/12/china-suspends-deal-with-alibaba-for.html

Researchers reveal details of 4 new vulnerabilities affecting Microsoft Teams conferencing software—3 of which are UNPATCHED and the company reportedly says it will not fix them, including SSRF, URL preview spoofing and DoS issues.

Details: https://thehackernews.com/2021/12/researchers-disclose-unpatched.html

A newly discovered 4-year-old flaw — dubbed NotLegit — in Microsoft's Azure app service has exposed hundreds of source code repositories associated with PHP, Node, Python, Ruby and Java applications.

Read details: https://thehackernews.com/2021/12/4-year-old-bug-in-azure-app-service.html

Cybersecurity agencies from the United States, Australia, Canada, New Zealand and the United Kingdom have issued a joint advisory following widespread exploitation of multiple Log4j vulnerabilities.

Read: https://thehackernews.com/2021/12/cisa-fbi-and-nsa-publish-joint-advisory.html

Researchers disclose details of an evasive malware campaign that uses code-signing certificates to avoid detection and deploy Cobalt Strike and BitRAT payloads on compromised systems.

Read: https://thehackernews.com/2021/12/new-blister-malware-using-code-signing.html

New ransomware variants keep popping up despite law enforcement actions.

Researchers are now warning about "Avos Locker" that uses new tactics including disabling endpoint security products on targeted systems and booting it into Safe Mode.

https://thehackernews.com/2021/12/new-ransomware-variants-flourish-amid.html

Researcher details Apple macOS vulnerability (CVE-2021-30853) that could allow malware apps to bypass Gatekeeper protection.

Read details: https://thehackernews.com/2021/12/expert-details-macos-bug-that-could-let.html

Researchers at Reasonsecurity warn that pirated copies of SpiderManNoWayHome movie, which are distributed via the torrent network, infect users' computers with crypto-mining #malware.

Read details: https://thehackernews.com/2021/12/spider-man-no-way-home-pirated.html

Researchers have discovered a new #Android banking malware that targets Brazil's Itaú Unibanco with the help of lookalike Google Play Store pages.
https://thehackernews.com/2021/12/new-android-malware-targeting-brazils.html

New vulnerabilities discovered in a network component of Garrett metal detectors that could allow remote attackers to bypass authentication, manipulate metal detector configuration, and even execute arbitrary code on the devices.

Read details: https://thehackernews.com/2021/12/garrett-walk-through-metal-detectors.html

Cybersecurity researchers reveal details about the DoubleFeature logging module in DanderSpritz, a post-exploitation framework used by Equation Group hackers.

Read: https://thehackernews.com/2021/12/experts-detail-logging-tool-of.html

Ongoing Autom cryptomining malware campaign has upgraded its arsenal while adding new defense evasion tactics that enable the threat actors to conceal the intrusions and fly under the radar.

Read: https://thehackernews.com/2021/12/ongoing-autom-cryptomining-malware.html

AQUATIC PANDA APT hackers with links to China are targeting academic institutions with the Log4Shell exploit.

Read details: https://thehackernews.com/2021/12/chinese-apt-hackers-used-log4shell.html

Researchers warn of a new rootkit malware — dubbed 'iLOBleed' — that's attacking HP Enterprise servers in-the-wild and aims to delete data from them.

Read details: https://thehackernews.com/2021/12/new-ilobleed-rootkit-targeting-hp.html

Microsoft releases a fix for the Exchange Y2K22 bug that caused emails to get stuck in queues when a date validation error occurred around the turn of the year.

Read: https://thehackernews.com/2022/01/microsoft-issues-fix-for-exchange-y2k22.html

Researchers demonstrate that electromagnetic signals emanating from IoT devices can be used as a side-channel to detect various forms of malware targeting embedded systems, even when obfuscation is used to prevent analysis.

Read details: https://thehackernews.com/2022/01/detecting-evasive-malware-on-iot.html

Beware! A new malicious campaign has been discovered that infects victims' computers with "Purple Fox" malware using a trojanized installer of the Telegram messaging app.

Read details: https://thehackernews.com/2022/01/beware-of-fake-telegram-messenger-app.html

Researchers reported a bug in Apple's HomeKit software framework — dubbed "doorLock" — that affects the iOS mobile operating system and can cause devices to crash or reboot.

Read details — https://thehackernews.com/2022/01/researchers-detail-new-homekit-doorlock.html

Researchers have developed a scalable technique (SAILFISH) for detecting state-inconsistency flaws in smart contracts, which has led to the discovery of 47 zero-day vulnerabilities in the Ethereum blockchain.

Details: https://thehackernews.com/2022/01/sailfish-system-to-find-state.html