EventBot — A new Android malware spotted in-the-wild steals infected users' BANKING passwords, exfiltrate private DATA, and capture KEYSTROKES to spy on accounts and the content of other apps installed on the targeted devices.

Read: https://thehackernews.com/2020/04/android-banking-keylogger.html

🔥 WARNING — Here’s a new CVSS 10 Bug.

A newly disclosed critical SaltStack RCE (as root) vulnerability (CVE-2020-11651) affects thousands of servers (~6000) deployed in data centers and cloud environments.

Read details — https://thehackernews.com/2020/05/saltstack-rce-vulnerability.html

WARNING — Just within a day after public disclosure of SaltStack RCE vulnerability (CVE-2020-11651), hackers have started exploiting unpatched servers.

✅ LineageOS [hacked]
✅ Ghost CMS [hacked]
✅ DigiCert [hacked]

Read more: https://thehackernews.com/2020/05/saltstack-rce-exploit.html

Now this 👇 is Interesting!

A researcher demonstrated a malware that jumps air-gapped — also audio gapped — devices (PC, servers, IoT, embedded devices) by turning their power-supplies into out-of-band speakers.

Read details + watch demo ➤
https://thehackernews.com/2020/05/air-gap-malware-power-speaker.html

Attention Xiaomi Users!

You Should immediately change the newly introduced PRIVACY setting in your Mi/Mi Pro and Mint browsers to prevent the company from spying on your web history and online activities when browsing in INCOGNITO mode.

Read details:
https://thehackernews.com/2020/05/xiaomi-browser-history.html

{new} 🔥 Watch Out Enterprises!

Citrix ShareFile platform contains critical vulnerabilities that could let unauthenticated attackers steal proprietary, sensitive business data from on-premise storage zone controllers.

Details — https://thehackernews.com/2020/05/citrix-sharefile-vulnerability.html

Facebook launches 'Discover,' a new, yet another, free Internet service in partnership with mobile carriers across the world.

Unlike previous projects, Discover:

✅ Treats all websites equally,
✅ Accesses sites through a secure web proxy,
✅ Lets users browse text-based sites.

Read details:
https://thehackernews.com/2020/05/facebook-discover-free-internet.html

A Chinese APT group has recently been spotted targeting government entities in the Asia-Pacific region as part of a stealthy cyber-espionage campaign that went undetected for the last 5 years.

Read details ➤ https://thehackernews.com/2020/05/asia-pacific-cyber-espionage.html

Digital Ocean — one of the largest modern web hosting companies — recently suffered a data leak incident that exposed some of its customers' data to unauthorized third parties, at least 15 times.

Read more: https://thehackernews.com/2020/05/digitalocean-data-breach.html

⚡ ThunderSpy 🕵️‍♂️

7 new unpatchable hardware vulnerabilities affect all Thunderbolt-equipped computers sold in the last 9 years, letting attackers steal data from encrypted systems—when locked or in sleep mode—through 'evil maid' scenarios.

Read: https://thehackernews.com/2020/05/thunderbolt-vulnerabilities.html

Watch Out !!!

If you are running a vBulletin forum website, make sure to install a newly issued security patch update that fixes an undisclosed critical vulnerability (CVE-2020-12720) in the popular forum software.

Read here: https://thehackernews.com/2020/05/vBulletin-access-vulnerability.html

Over 4000 Android apps are 'unknowingly' leaking sensitive information on their millions of users through misconfigured (publicly accessible) Google cloud-hosted Firebase databases, a recent assessment of just 15,000 apps revealed.

Read details: https://thehackernews.com/2020/05/android-firebase-database-security.html

Kali Linux version 2020.2 has been released with:

✅ KDE Plasma Makeover & Login
✅ PowerShell by Default
✅ Kali on ARM Improvements
✅ Lessons From The Installer Changes
✅ New Key Packages & Icons
✅ Behind the Scenes, Infrastructure Improvements

https://twitter.com/TheHackersNews/status/1260254183644487680

On the 3rd anniversary of global WannaCry ransomware outbreak, U.S. Defense, FBI & CISA released a joint report exposing 3 new sophisticated malware North Korean state-sponsored hackers are using against its targets.

Read more: https://thehackernews.com/2020/05/fbi-north-korean-malware.html

Researcher at ESET spotted a new piece of malware that he claimed to be tailored for attacking computers protected insider "Air‑Gapped networks."

Read more about 'Ramsay malware' —
https://thehackernews.com/2020/05/airgap-network-malware.html

Remember the Reverse RDP Attacks?

A path traversal vulnerability in Windows RDP client that could let a server reversibly compromise a client system that connects to it.

Microsoft issued a patch for it in July 2019, which was bypassed and re-patched in February 2020, which apparently is still incomplete and leaves dozens of 3rd party RDP clients vulnerable that uses Microsoft API function.

https://thehackernews.com/2020/05/reverse-rdp-attack-patch.html

A new variant of COMpfun cyber-espionage malware interprets HTTP status codes to learn what to do with the hacked computers—belonging to diplomatic entities in Europe.

Read more: https://thehackernews.com/2020/05/malware-http-codes.html

This is interesting...

Even a guest account on Windows can brute-force to crack password for any local account, including the administrator, through LogonUserW API because it offers unrestricted login attempts.

Here's a PoC tool: https://github.com/DarkCoderSc/win-brute-logon

A New Impersonation Vulnerability in Bluetooth Exposes Over A Billion Modern Devices to Hackers

Read details: https://thehackernews.com/2020/05/hacking-bluetooth-vulnerability.html

British airline EasyJet suffers a data breach exposing email address and travel details of over 9 million customers, including credit card details for a very few of them.

Read details: https://thehackernews.com/2020/05/easyjet-data-breach-hacking.html

Two unprotected AWS-hosted servers owned by the biggest Brazilian cosmetics company "Natura" exposed over 192 million records, containing personal information for 250,000 customers and payment account detail for at least 40,000 users.

Details: https://thehackernews.com/2020/05/natura-data-breach.html