FBI seizes SSNDOB darknet marketplace for selling personal information such as credit card and Social Security numbers of about 24 million people, generating $19 million in revenue for its operators.

Details: https://thehackernews.com/2022/06/fbi-seizes-ssndob-id-theft-service-for.html

U.S. cybersecurity and intelligence agencies have warned that Chinese state-sponsored cyber actors have been exploiting vulnerabilities in networks to attack organizations in the private and public sectors since at least 2020.

Read details: https://thehackernews.com/2022/06/us-agencies-warn-about-chinese-hackers.html

Emotet botnet malware has been upgraded with a new module for stealing victims' credit card data stored in the Chrome web browser.

Read details: https://thehackernews.com/2022/06/new-emotet-variant-stealing-users.html

Researchers uncover a decade-long Chinese cyber espionage campaign targeting government, educational and telecommunications institutions, primarily in Southeast Asia and Australia.

Read: https://thehackernews.com/2022/06/a-decade-long-chinese-espionage.html

Researchers have uncovered “Symbiote,” what they call a "nearly-impossible-to-detect" Linux malware that’s targeting the financial sector in Latin America.

Read details: https://thehackernews.com/2022/06/symbiote-stealthy-linux-malware.html

Researchers propose a new privacy-focused framework for IoT devices — dubbed "Peekaboo" — that gives users control over what data can be processed and shared with external servers.

Read details: https://thehackernews.com/2022/06/new-privacy-framework-for-iot-devices.html

Experts disclose critical flaws in Carrier's LenelS2 HID Mercury access control system—widely used in healthcare, education and government facilities—which could allow attackers to remotely unlock and lock doors and modify user accounts.

https://thehackernews.com/2022/06/researchers-disclose-critical-flaws-in.html

Researchers say cybercriminals use spoofed emails and fake login pages to impersonate popular cryptocurrency platforms such as Binance, Celo, and Trust Wallet, in order to steal login details and deceptively transfer virtual funds.

Read: https://thehackernews.com/2022/06/researchers-detail-how-cyber-criminals.html

A new study has shown for the first time that the Bluetooth signals constantly emitted by our smartphones have a unique fingerprint that can be used to fingerprint and track individuals' movements.

Details: https://thehackernews.com/2022/06/researchers-find-bluetooth-signals-can.html

MIT researchers demonstrated multiple PoC attacks for a novel hardware attack method, dubbed PACMAN, that targets Apple's M1 processor chipsets and potentially allows attackers to execute arbitrary code on targeted systems.

https://thehackernews.com/2022/06/mit-researchers-discover-new-flaw-in.html

Lyceum group of Iranian state-sponsored hackers has recently been spotted using a new custom .NET-based DNS backdoor in its recent campaigns targeting the Middle East.

Read details: https://thehackernews.com/2022/06/iranian-hackers-spotted-using-new-dns.html

New variants of Hello XD ransomware now install a secret backdoor on targeted Windows and Linux systems to gain persistent remote access as part of its double extortion scheme.

Read details: https://thehackernews.com/2022/06/hello-xd-ransomware-installing-backdoor.html

Researchers have disclosed details of two new flaws (CVE-2022-29854 and CVE-2022-29855) in Mitel desk phones that could allow an attacker to gain root permissions.

Read: https://thehackernews.com/2022/06/researchers-disclose-rooting-backdoor.html

Chinese APT hackers known as "Gallium" have been spotted using a new remote access trojan, dubbed "PingPull," in their espionage attacks on companies in Southeast Asia, Europe & Africa.

Read details: https://thehackernews.com/2022/06/chinese-gallium-hackers-using-new.html

Chinese-speaking, technically sophisticated, "SeaFlower" threat actors are targeting cryptocurrency users with backdoored versions of Web3 wallets for Android and #iOS devices in an effort to steal their funds.

Read: https://thehackernews.com/2022/06/chinese-hackers-distribute-backdoored.html

Quick and Simple: BPFDoor Explained

Read: https://thehackernews.com/2022/06/quick-and-simple-bpfdoor-explained.html

Researchers detail the workings of a fully-featured malware loader dubbed "PureCrypter," which is purchased by cybercriminals to spread a variety of remote access trojans and information stealers.

Read: https://thehackernews.com/2022/06/researchers-detail-purecrypter-loader.html

A new covert Linux kernel rootkit called "Syslogk" has been discovered in the wild that allows attackers to remotely command the malware using "magic network packets."

Read details: https://thehackernews.com/2022/06/new-syslogk-linux-rootkit-lets.html

An unpatched security bug in Travis CI API has left thousands of developers' tokens exposed to potential attacks, effectively allowing attackers to breach cloud infrastructures, make unauthorized code changes, and launch supply-chain attacks.

https://thehackernews.com/2022/06/unpatched-travis-ci-api-bug-exposes.html

Researchers release technical details for the 'SynLapse' vulnerability that could have allowed an attacker to perform an RCE and gain access to another Microsoft Azure client’s cloud environment.

https://thehackernews.com/2022/06/technical-details-released-for-synlapse.html

A new, high-severity vulnerability has been discovered in the Zimbra email suite that allows unauthenticated attackers to steal users' plaintext passwords without requiring user interaction.

Read: https://thehackernews.com/2022/06/new-zimbra-email-vulnerability-could.html