Patch Tuesday, August 2022 — Microsoft releases security updates to address 121 newly reported vulnerabilities, including a zero-day (CVE-2022-34713) bug that the company says is being actively exploited.

Read details: https://thehackernews.com/2022/08/microsoft-issues-patches-for-121-flaws.html

CISA added a recently disclosed security flaw in UnRAR for Linux to its Known Exploited Vulnerabilities Catalog after receiving evidence of active attacks.

Read details: https://thehackernews.com/2022/08/cisa-issues-warning-on-active.html

At least 76 Cloudflare employees and their families were also targeted by hackers behind the recent Twilio security breach.

Read details: https://thehackernews.com/2022/08/hackers-behind-twilio-breach-also_10.html

Researchers detail the Maui ransomware attacks carried out by North Korean government-backed hackers.

Read details: https://thehackernews.com/2022/08/experts-uncover-details-on-maui.html

A former Twitter employee has been convicted of spying on the private information of Twitter users for Saudi Arabia.

Read details: https://thehackernews.com/2022/08/former-twitter-employee-found-guilty-of.html

GitHub now sends Dependabot alerts for vulnerable GitHub Actions to help developers fix security issues in CI/CD workflows.

Read details: https://thehackernews.com/2022/08/github-dependabot-now-alerts-developers.html

Researchers have disclosed multiple severe security vulnerabilities in the Device42 asset management platform that could allow hackers to take control of affected systems.

Read details: https://thehackernews.com/2022/08/critical-flaws-disclosed-in-device42-it.html

Hackers behind the Cuba ransomware attacks are using a new remote access trojan called ROMCOM RAT on compromised systems.

Read details: https://thehackernews.com/2022/08/hackers-behind-cuba-ransomware-attacks.html

Cisco confirmed that it was hacked by the Yanluowang ransomware gang after the hackers gained access to an employee's personal Google account, which contained all the credentials synced by the victim's browser.

Read: https://thehackernews.com/2022/08/cisco-confirms-its-been-hacked-by.html

A trio of offshoots of Conti cybercrime gang have resorted to "BazarCall" phishing attacks as an initial entry point.

Read details: https://thehackernews.com/2022/08/conti-cybercrime-cartel-using-bazarcall.html

Researchers warn of mass exploitation of the RCE vulnerability in Zimbra (CVE-2022-27925 and CVE-2022-37042), which allows attackers to gain unauthenticated remote code execution on targeted email servers.

Read details: https://thehackernews.com/2022/08/researchers-warn-of-ongoing-mass.html

Cisco releases patches for a high-severity vulnerability affecting ASA and Firepower solutions that could allow an unauthenticated, remote attacker to retrieve an RSA private key.

Read details: https://thehackernews.com/2022/08/cisco-patches-high-severity.html

Meta is testing end-to-end encryption on the Facebook Messenger platform and a new encrypted backup feature that lets users securely restore chats to a new device.

Read details: https://thehackernews.com/2022/08/facebook-testing-default-end-to-end.html

U.S. State Department on Thursday announced a $10 million reward for information about five cybercriminals linked to the Conti ransomware group.

Read details: https://thehackernews.com/2022/08/us-government-offers-10-million-reward.html

Researchers discover vulnerabilities in Xiaomi's mobile payment mechanism affecting smartphone devices powered by MediaTek chips.

Read details: https://thehackernews.com/2022/08/xiaomi-phones-with-mediatek-chips-found.html

Researchers have discovered new UEFI Secure Boot bypass vulnerabilities affecting 3 Microsoft-signed boot loaders that could allow attackers to modify the OS on load, install backdoors, and disable security controls.

Read: https://thehackernews.com/2022/08/researchers-uncover-uefi-secure-boot.html

Researchers have uncovered a new malware campaign in which Chinese "Lucky Mouse" hackers backdoor the chat app MiMi to compromise Windows, Linux, and macOS systems.

Read details: https://thehackernews.com/2022/08/chinese-hackers-backdoored-mimi-chat.html

A developer of Tornado Cash has been arrested in the Netherlands on suspicion of concealing criminal financial flows and facilitating money laundering, just days after the U.S. sanctioned the decentralized cryptocurrency mixing service.

Details: https://thehackernews.com/2022/08/tornado-cash-developer-arrested-after.html

Researchers discover a new Python package distributed via the PyPI repository that drops fileless crypto-mining malware onto Linux systems.

Read details: https://thehackernews.com/2022/08/newly-uncovered-pypi-package-drops.html

Researchers discover a new variant of SOVA Android banking trojan with upgraded capabilities i.e. intercepting two-factor authentication codes, stealing cookies & data, taking screenshots, and preventing it from being removed by its victims.

https://thehackernews.com/2022/08/sova-android-banking-trojan-returns-new.html

Russian state-sponsored actors continue to attack Ukrainian entities with information-stealing malware in what appears to be a cyber espionage campaign.

Read details: https://thehackernews.com/2022/08/russian-state-hackers-continue-to.html