Ukraine has arrested the cybercriminal gang behind Clop ransomware attacks, responsible for $500 million in damages.

Details: https://thehackernews.com/2021/06/ukraine-police-arrest-cyber-criminals.html

Researchers have disclosed a new executable image tampering attack — dubbed "Process Ghosting" — that could be exploited by attackers to circumvent security measures and execute malware code on a Windows system.

Details: https://thehackernews.com/2021/06/researchers-uncover-process-ghosting.html

Telegram and Psiphon VPN users in #Iran are being targeted by new spyware from Ferocious Kitten—a covert surveillance APT group that's been in play for six years.

Details: https://thehackernews.com/2021/06/a-new-spyware-is-targeting-telegram-and.html

APT hacker group "TA402/Molerats" has resurfaced after a two-month hiatus to target government institutions in the Middle East and global government agencies linked to geopolitics in the region.

Details: https://thehackernews.com/2021/06/molerats-hackers-return-with-new.html

URGENT — A new #browser 0-day #vulnerability has been found being exploited in the wild.

Details: https://thehackernews.com/2021/06/update-your-chrome-browser-to-patch-yet.html

Users of Windows, Mac, and Linux should update their software right away.

Russian communications regulator Roskomnadzor bans VyprVPN and Opera VPN services in the country for failing to comply with a blacklisting request, and it is likely that more services will be blocked in the near future.

Details: https://thehackernews.com/2021/06/russia-bans-vyprvpn-opera-vpn-services.html

As cyberattacks on the software supply-chain become a major concern, Google is introducing a new security framework—called SLSA—to ensure the integrity of packages and prevent unauthorized changes.

Details:
https://thehackernews.com/2021/06/google-releases-new-framework-to.html

Researchers warn of increased cyber-espionage activities by Chinese state-sponsored hackers in neighboring countries.

Cyberattacks on Central Asia, India and Pakistan were carried out by suspected hackers from the PLA's 69010 cyber offensive unit and affected India's largest energy company NTPC as well as BSNL, the national telecommunications company.

Read: https://thehackernews.com/2021/06/cyber-espionage-by-chinese-hackers-in.html

South Korea's ⚡ Atomic Energy Research Institute has disclosed a hack of its internal network that, according to the Ministry of Science, could be the work of North Korean hackers exploiting a #vulnerability in an unnamed VPN software.

Read: https://thehackernews.com/2021/06/north-korea-exploited-vpn-flaw-to-hack.html

A team of researchers has developed the "DroidMorph" tool to illustrate how popular antivirus apps for Android continue to remain vulnerable against different permutations of malware.

Read: https://thehackernews.com/2021/06/droidmorph-shows-popular-android.html

NVIDIA Jetson series chipsets have been found vulnerable to 26 new vulnerabilities, the most serious of which can enable attackers to escalate privileges, cause DoS, and steal information.

Details: https://thehackernews.com/2021/06/nvidia-jetson-chipsets-found-vulnerable.html

Researchers are warning of wormable DarkRadiation ransomware that's targeting RedHat, Debian-based Linux distributions and Docker cloud containers.

Details: https://thehackernews.com/2021/06/wormable-darkradiation-ransomware.html

An unpatched critical #vulnerability affects Pling-based marketplace software for Linux systems that could potentially be exploited to launch supply-chain and RCE attacks.

Details: https://thehackernews.com/2021/06/unpatched-critical-flaw-affects-pling.html

A memory leak vulnerability [CVE-2021-20019] affecting SonicWall VPN appliances was left unpatched amidst 0-day attacks that could allow remote attackers access to sensitive data.

Read: https://thehackernews.com/2021/06/sonicwall-left-vpn-flaw-partially.html

Security patches have now been released.

Important — Update your Tor browser to the latest version to patch a new privacy vulnerability that can be exploited remotely to track users' online activity.

Details: https://thehackernews.com/2021/06/patch-tor-browser-bug-to-prevent.html

A hacker with suspected ties to Pakistan targeted an Indian power transmission and generation organization with ReverseRat malware.

Read: https://thehackernews.com/2021/06/pakistan-linked-hackers-targeted-indian.html

Experts say this attacker targets South and Central Asia governments and energy companies.

John David McAfee, a controversial mogul and antivirus pioneer, committed suicide in a Barcelona jail cell in Barcelona, just hours after reports that he would be extradited to face federal charges.



Details: https://thehackernews.com/2021/06/antivirus-pioneer-john-mcafee-found.html

VMware has released security patches for Carbon Black App Control to fix a critical vulnerability (CVE-2021-21998, CVSS 9.4) that could allow attackers to access targeted servers without authentication.

Details: https://thehackernews.com/2021/06/critical-auth-bypass-bug-affects-vmware.html

The BIOSConnect feature of Dell systems contains several high-risk vulnerabilities that could lead to the execution of arbitrary code at the BIOS /UEFI level.

https://thehackernews.com/2021/06/bios-disconnect-new-high-severity-flaws.html

At least 128 Dell laptop, desktop and tablet models are affected by this issue.

Researchers demonstrated 1-click exploit for Atlassian's project and #software development platform that could potentially be exploited to take over an account and control apps connected via SSO functionality.

Read: https://thehackernews.com/2021/06/one-click-exploit-could-have-let.html