🔥 WARNING — Hugely popular 'The Great Suspender' browser extension for Google Chrome contains malware, allowing rogue developers to execute malicious code on millions of computers.

Details: https://thehackernews.com/2021/02/warning-hugely-popular-great-suspender.html

Cybersecurity researchers reveal how the Iranian government spies on dissidents, opposition forces, and ISIS supporters, and Kurdish natives with the help of hackers and #malware.

Read more: https://thehackernews.com/2021/02/researchers-reveal-how-iran-spies-on.html

😱 Hacker broke into the computer controlling a water treatment facility in Florida and tried poisoning the supply by remotely changing a setting that drastically altered the levels of sodium hydroxide in the water.

Details: https://thehackernews.com/2021/02/hacker-tried-poisoning-water-supply.html

Ukraine authorities have shut down one of the world's largest phishing services — U-Admin — and arrested its author.

Read: https://thehackernews.com/2021/02/ukrainian-police-arrest-author-of.html
U-Admin kit was used to target financial institutions in 11 countries, causing tens of millions of dollars in losses.

Microsoft Patch Tuesday — February 2021 Edition

✅ A critical Windows zero-day vulnerability has been spotted being exploited in the wild.
✅ Patches for a total of 56 new flaws have been issued, 11 of which are listed as critical.
Read: https://thehackernews.com/2021/02/microsoft-issues-patches-for-in-wild-0.html

Apple releases a security patch for 10-year-old macOS SUDO root privilege escalation vulnerability, tracked as CVE-2021-3156, and also called "Baron Samedit."

Read details — https://thehackernews.com/2021/02/apple-patches-10-year-old-macos-sudo.html

Windows LodaRAT malware with credential-stealing and espionage capabilities has now expanded its scope to set its sights on users of Android devices.

Read more: https://thehackernews.com/2021/02/lodarat-windows-malware-now-also.html

🔥 A novel dependency confusion supply-chain attack allowed a security researcher to breach over 35 high-profile companies—including Microsoft, Apple, PayPal, Shopify, Netflix, Tesla, Uber—and achieve remote code execution.

Details: https://thehackernews.com/2021/02/dependency-confusion-supply-chain.html

In its latest cyber espionage attacks, Iranian hackers utilize a legit remote access tool, called ScreenConnect, to spy on UAE and Kuwait government agencies.

Read details: https://thehackernews.com/2021/02/iranian-hackers-utilize-screenconnect.html

It turns out that poor #password security and outdated system lead to the recent cyberattack on Florida's water treatment facility, where an attacker tried to poison the water supply.

Read details here: https://thehackernews.com/2021/02/poor-password-security-lead-to-recent.html

A researcher discovered a privacy flaw in the Telegram messenger that left media files shared over the self-destructible secret chat feature.

https://thehackernews.com/2021/02/secret-chat-in-telegram-left-self.html

In a separate issue, Telegram's macOS app stored local passcodes in plaintext.

An Employee at Russia's leading technology company 'Yandex' caught selling unauthorized access to the users' mailboxes for personal gain.

Details: https://thehackernews.com/2021/02/yandex-employee-caught-selling-access.html

Yandex discloses 4,887 email accounts were compromised.

As a new privacy feature, Apple will proxy Safe Browsing requests to preserve iOS users' privacy and hide IP addresses from Google.

Read: https://thehackernews.com/2021/02/apple-will-proxy-safe-browsing-requests.html

A malicious sticker sent on the Telegram messaging app could have exposed your secret messages, photos, and videos to remote hackers.

Read more: https://thehackernews.com/2021/02/a-sticker-sent-on-telegram-could-have.html

In a 3-year-long stealthy cyber espionage operation, Russian hackers exploit IT monitoring tool 'Centreon' to target several French entities.

Read details: https://thehackernews.com/2021/02/hackers-exploit-it-monitoring-tool.html

Researchers disclose multiple unpatched vulnerabilities affecting popular SHAREit app for Android that could be abused to leak a user's sensitive data, execute arbitrary code, and possibly lead to remote code execution.

https://thehackernews.com/2021/02/unpatched-shareit-android-app-flaw.html

Malvertisers exploited a zero-day vulnerability in WebKit-based browsers to inject malicious payloads that redirected users to fraudulent websites gift card scams.

Read details: https://t.co/em1xrNEYy8

Researchers warn of a new FUD office malware builder, called 'APOMacroSploit,' getting popular among cybercriminals and also unmasked the identity of hackers behind its development.

Read — https://t.co/rc6wffiz8t

HACKERS WANTED BY THE FBI !!!

The United States has charged 3 North Korean military hackers to steal and extort over $1.3 billion in cash and cryptocurrencies from financial institutions and businesses.
https://thehackernews.com/2021/02/us-charges-3-north-korean-hackers-over.html

🔥 First #malware tailored to run natively on Apple's M1 chips has been discovered in the wild.

Details: https://thehackernews.com/2021/02/first-malware-designed-for-apple-m1.html