Patch Tuesday (May 2021)

Microsoft has released the latest Windows updates to patch a dozen newly discovered vulnerabilities, one of the most critical of which is a wormable RCE (CVE-2021-31166) in the HTTP protocol stack.
Read details - https://thehackernews.com/2021/05/latest-microsoft-windows-updates-patch.html

🔥 Attention! A set of new vulnerabilities—dubbed FragAttacks—affects nearly all Wi-Fi devices shipped in the past 24 years.

https://thehackernews.com/2021/05/nearly-all-wifi-devices-are-vulnerable.html
These flaws could let hackers forge encrypted frames in various ways, enabling code execution and exfiltration of sensitive data.

The dark web is getting loaded with bogus COVID19 test results, fraudulent vaccination cards and questionable vaccines.

Read: https://thehackernews.com/2021/05/dark-web-getting-loaded-with-bogus.html

Source code of cybersecurity company Rapid7 was accessed by hackers during a recent supply-chain attack that compromised Codecov, a popular code coverage tool.

Details: https://thehackernews.com/2021/05/rapid7-source-code-breached-in-codecov.html

Colonial Pipeline paid hackers $5 million to regain control of its data and network after a devastating cyberattack forced the company to shut down fuel pipeline operations for six days.

Read: https://thehackernews.com/2021/05/colonial-pipeline-paid-nearly-5-million.html

Magecart cybercriminals are now hiding malicious PHP shell backdoors in the website's favicon to maintain remote access and steal financial data from e-commerce users.

Read: https://thehackernews.com/2021/05/magecart-hackers-now-hide-php-based.html

Transparent Tribe APT, a Pakistan-linked hacker group known for attacking Indian diplomatic and military facilities, has increased its hacking tool arsenal with new Windows #malware.

Read: https://thehackernews.com/2021/05/pakistan-linked-hackers-added-new.html

Cybercriminals are distributing RAT and password-stealing malware filelessly using Microsoft Build Engine, an open-source development tool.

Read: https://thehackernews.com/2021/05/hackers-using-microsoft-build-engine-to.html

DarkSide, the cybercriminal group behind the recent ransomware attack on a US pipeline company, has gone underground after its servers and Bitcoins were seized.



https://thehackernews.com/2021/05/us-pipeline-ransomware-attackers-go.html

Researchers uncover an ongoing malware campaign that heavily relies on the AutoHotkey (AHK) scripting language to spread several remote-access Trojans (RAT) such as Revenge RAT, LimeRAT, AsyncRAT, Houdini, and Vjw0rm.

Read: https://thehackernews.com/2021/05/experts-warn-about-ongoing-autohotkey.html

Researchers demonstrated how attackers could upload data from non-internet-connected devices by taking advantage of the Find My Network feature in nearby Apple devices.

Read details: https://thehackernews.com/2021/05/apples-find-my-network-can-be-abused-to.html

Watch Out, Users! Bizarro banking malware has now been targeting over 70 banks in Europe and South America.

Read: https://thehackernews.com/2021/05/70-european-and-south-american-banks.html

Over 150 vulnerabilities have been discovered in 58 popular Android stalkerware apps, allowing others to take control of them and put victims' security and privacy at even greater risk.

Read: https://thehackernews.com/2021/05/experts-reveal-over-150-ways-to-steal.html

A new report uncovers how Apple gave the Chinese government access to its users' iCloud data and also allegedly censored several apps.

Read details: https://thehackernews.com/2021/05/how-apple-gave-chinese-government.html

🔥 AWESOME!!!

Google Chrome browser to offer users a new feature allowing them to identify and reset their compromised passwords for various websites with just one-click.
Read details: https://thehackernews.com/2021/05/a-simple-1-click-compromised-password.html

Mozilla has begun rolling out 'Site Isolation' security feature for its Firefox browser in nightly and beta channels that aims to protect users against a new class of attacks from malicious sites.

Read details: https://thehackernews.com/2021/05/mozilla-begins-rolling-out-site.html

Cybercriminals behind the DarkSide ransomware attacks extorted nearly $90 million in ransom from multiple victims in 9 months.

Read: https://thehackernews.com/2021/05/darkside-ransomware-gang-extorted-90.html

Google has released Android security updates, including patches for 4 zero-day vulnerabilities affecting Arm and Qualcomm components that have been exploited in the wild.

Details: https://thehackernews.com/2021/05/android-issues-patches-for-4-new-zero.html

Researchers find that the Oldsmar water plant was likely targeted by a watering hole attack via the website of an infrastructure contractor in the U.S. state of Florida.

Read: https://thehackernews.com/2021/05/watering-hole-attack-was-used-to-target.html

Personal data of over 100 million users is exposed by 23 #Android apps on the Google Play Store, potentially making them a lucrative target for malicious actors.

The list of affected apps can be found here: https://thehackernews.com/2021/05/these-23-android-apps-expose-over.html