U.S. seizes nearly $30 million worth of cryptocurrencies stolen by the North Korea-linked Lazarus Group from the online video game Axie Infinity.

Read: https://thehackernews.com/2022/09/us-seizes-cryptocurrency-worth-30.html

U.S. Treasury Department has imposed new sanctions on Iran for engaging in cyberattack activities against the Albanian government's computer network.

Read details: https://thehackernews.com/2022/09/us-imposes-new-sanctions-on-iran-over.html

Iranian state-linked APT42 hacker group carried out more than 30 confirmed cyberespionage attacks against activists and dissidents, as well as individuals and organizations of strategic interest to the Iranian government.

Read: https://thehackernews.com/2022/09/iranian-apt42-launched-over-30.html

Several high-severity firmware security vulnerabilities found in HP's high-end business devices remain unpatched months after being reported publicly.

Read: https://thehackernews.com/2022/09/high-severity-firmware-security-flaws.html

China has accused the elite hacking unit of the U.S. National Security Agency (NSA) of hacking Northwestern Polytechnical University, which specializes in aerospace and military research.

Read details: https://thehackernews.com/2022/09/china-accuses-nsas-tao-unit-of-hacking.html

Apple has released another round of security updates to fix several new vulnerabilities in iOS and macOS, including a new zero-day vulnerability (CVE-2022-32917) that has been exploited for attacks in the wild.

Details: https://thehackernews.com/2022/09/apple-releases-ios-and-macos-updates-to.html

Iranian state-sponsored hacking group TA453 caught posing as Western foreign policy experts to conduct cyberespionage attacks against individuals specializing in Middle Eastern affairs, nuclear security, and genomics research.

Read: https://thehackernews.com/2022/09/iranian-hackers-target-high-value.html

Government and state-owned organizations in a number of Asian countries have been targeted by a distinct group of cyberespionage hackers as part of an intelligence gathering mission.

Read: https://thehackernews.com/2022/09/asian-governments-and-organizations.html

⚠️WARNING — Hackers are actively exploiting a critical zero-day vulnerability in the WordPress e-commerce plugin WPGateway & have attacked more than 280,000 sites in the last 30 days, adding malicious admins to the successfully breached sites.

https://thehackernews.com/2022/09/over-280000-wordpress-sites-attacked.html

< September 2022, Patch Tuesday >

Microsoft issues security patches to fix 64 newly identified vulnerabilities across its software lineup, including a 0-day vulnerability that has been actively exploited in the real world.

https://thehackernews.com/2022/09/microsofts-latest-security-update-fixes.html

Researchers have detailed the inner workings of a malware called OriginLogger, which is being traded as a successor to the widespread information stealer and malware known as Agent Tesla.

Read details: https://thehackernews.com/2022/09/researchers-detail-originlogger-rat.html

SparklingGoblin APT hackers have been spotted using a new Linux variant of the SideWalk backdoor, highlighting the implant's cross-platform capabilities.

Read: https://thehackernews.com/2022/09/sparklinggoblin-apt-hackers-using-new.html

Cybercriminals behind the Lornenz ransomware attacks exploit a vulnerability in Mitel VoIP phone systems to gain a foothold in targeted companies.

Read details: https://thehackernews.com/2022/09/lorenz-ransomware-exploit-mitel-voip.html

WANTED BY THE FBI — $10 MILLION Reward!

United States charges 3 Iranian hackers for ransomware attacks against hundreds of organizations around the world and imposes sanctions on them and 7 other individuals and 2 organizations.

https://thehackernews.com/2022/09/us-charges-3-iranian-hackers-and.html

Webworm hackers have used customized versions of three older remote access trojans (RATs), including Trochilus, Gh0st, and 9002, in recent cyber espionage attacks.

Read: https://thehackernews.com/2022/09/webworm-hackers-using-modified-rats-in.html

In an ongoing #cyberespionage campaign, Gamaredon APT Russian hackers are targeting employees of Ukrainian government, defense, and law enforcement agencies with custom malware to steal information.

Read: https://thehackernews.com/2022/09/russian-gamaredon-hackers-target.html

Gamers looking for cheats on YouTube are being targeted with malicious links that install RedLine stealer malware and cryptocurency miners on gaming computers.

Read: https://thehackernews.com/2022/09/researchers-warn-of-self-spreading.html

Uber is investigating a new breach of its network after a hacker appears to have compromised an employee's Slack account and accessed other internal systems.

Read: https://thehackernews.com/2022/09/uber-says-its-investigating-potential.html

Researchers have uncovered two separate malicious cryptocurrency mining campaigns; one exploiting Oracle WebLogic to control vulnerable servers, while the other targets misconfigured Docker containers.

Read: https://thehackernews.com/2022/09/hackers-targeting-weblogic-servers-and.html

North Korean hackers have been found leveraging a "novel spear-phish method" that involves making use of trojanized versions of the PuTTY SSH and Telnet client.

Read: https://thehackernews.com/2022/09/north-korean-hackers-spreading.html

New connections between two widely used pay-per-install (PPI) malware distribution services have been discovered, revealing that PrivateLoader is the proprietary loader for Ruzki's PPI service.

Read: https://thehackernews.com/2022/09/researchers-find-link-bw-privateloader.html