⚡ WATCH OUT — U.S. and British authorities have warned of top 12 software security vulnerabilities that Russian intelligence hackers are exploiting in various operations.

Find details here: https://thehackernews.com/2021/05/top-11-security-flaws-russian-spy.html

A major ransomware cyberattack forced Colonial Pipeline—the largest fuel pipeline operator in the United States—to shut down its entire network.

Details: https://thehackernews.com/2021/05/ransomware-cyber-attack-forced-largest.html

Four people have pleaded guilty to helping cyber criminals with bulletproof hosting used to spread malware such as Zeus, SpyEye, Citadel and Blackhole Exploit Kit.

Read: https://thehackernews.com/2021/05/four-plead-guilty-to-aiding-cyber.html

WARNING — Over 25% of Tor exit relays have been spying on users' dark web activity since an unknown threat actor managed to increase the number of servers and now control over 27% of the total Tor network exit capacity.

Details: https://thehackernews.com/2021/05/over-25-of-tor-exit-relays-are-spying.html

The United States government has declared emergency in 17 states and D.C. over a cyberattack on a major fuel pipeline company.


Read: https://thehackernews.com/2021/05/us-declares-emergency-in-17-states-over.html

Experts warn of TeaBot, a new Android banking Trojan that hijacks users' credentials and SMS messages to enable fraudulent activity against users of more than 60 banks in Spain, Germany, Italy, Belgium and the Netherlands.


Read: https://thehackernews.com/2021/05/experts-warn-of-new-android-banking.html

US intelligence agencies are warning of weaknesses in the 5G network—such as inadequate deployments and supply chain threats—that cybercriminals and nation-state adversaries can exploit to gain valuable intelligence.

Read: https://thehackernews.com/2021/05/us-intelligence-agencies-warn-about-5g.html

Alert: Hackers Exploit Adobe Reader 0-Day Vulnerability in the Wild

Read: https://thehackernews.com/2021/05/alert-hackers-exploit-adobe-reader-0.html
Also receiving critical patches today are Adobe Experience Manager, InDesign, Illustrator, Magento, Creative Cloud, Media Encoder, After Effects, and Animate.

BABUK ransomware hacker gang leaked data from the Metropolitan Police Department after talks failed over $4 million ransom demand.

Read details: https://thehackernews.com/2021/05/ransomware-gang-leaks-metropolitan.html

Patch Tuesday (May 2021)

Microsoft has released the latest Windows updates to patch a dozen newly discovered vulnerabilities, one of the most critical of which is a wormable RCE (CVE-2021-31166) in the HTTP protocol stack.
Read details - https://thehackernews.com/2021/05/latest-microsoft-windows-updates-patch.html

🔥 Attention! A set of new vulnerabilities—dubbed FragAttacks—affects nearly all Wi-Fi devices shipped in the past 24 years.

https://thehackernews.com/2021/05/nearly-all-wifi-devices-are-vulnerable.html
These flaws could let hackers forge encrypted frames in various ways, enabling code execution and exfiltration of sensitive data.

The dark web is getting loaded with bogus COVID19 test results, fraudulent vaccination cards and questionable vaccines.

Read: https://thehackernews.com/2021/05/dark-web-getting-loaded-with-bogus.html

Source code of cybersecurity company Rapid7 was accessed by hackers during a recent supply-chain attack that compromised Codecov, a popular code coverage tool.

Details: https://thehackernews.com/2021/05/rapid7-source-code-breached-in-codecov.html

Colonial Pipeline paid hackers $5 million to regain control of its data and network after a devastating cyberattack forced the company to shut down fuel pipeline operations for six days.

Read: https://thehackernews.com/2021/05/colonial-pipeline-paid-nearly-5-million.html

Magecart cybercriminals are now hiding malicious PHP shell backdoors in the website's favicon to maintain remote access and steal financial data from e-commerce users.

Read: https://thehackernews.com/2021/05/magecart-hackers-now-hide-php-based.html

Transparent Tribe APT, a Pakistan-linked hacker group known for attacking Indian diplomatic and military facilities, has increased its hacking tool arsenal with new Windows #malware.

Read: https://thehackernews.com/2021/05/pakistan-linked-hackers-added-new.html

Cybercriminals are distributing RAT and password-stealing malware filelessly using Microsoft Build Engine, an open-source development tool.

Read: https://thehackernews.com/2021/05/hackers-using-microsoft-build-engine-to.html

DarkSide, the cybercriminal group behind the recent ransomware attack on a US pipeline company, has gone underground after its servers and Bitcoins were seized.



https://thehackernews.com/2021/05/us-pipeline-ransomware-attackers-go.html

Researchers uncover an ongoing malware campaign that heavily relies on the AutoHotkey (AHK) scripting language to spread several remote-access Trojans (RAT) such as Revenge RAT, LimeRAT, AsyncRAT, Houdini, and Vjw0rm.

Read: https://thehackernews.com/2021/05/experts-warn-about-ongoing-autohotkey.html

Researchers demonstrated how attackers could upload data from non-internet-connected devices by taking advantage of the Find My Network feature in nearby Apple devices.

Read details: https://thehackernews.com/2021/05/apples-find-my-network-can-be-abused-to.html