Researchers warn of increased cyber-espionage activities by Chinese state-sponsored hackers in neighboring countries.

Cyberattacks on Central Asia, India and Pakistan were carried out by suspected hackers from the PLA's 69010 cyber offensive unit and affected India's largest energy company NTPC as well as BSNL, the national telecommunications company.

Read: https://thehackernews.com/2021/06/cyber-espionage-by-chinese-hackers-in.html

South Korea's ⚡ Atomic Energy Research Institute has disclosed a hack of its internal network that, according to the Ministry of Science, could be the work of North Korean hackers exploiting a #vulnerability in an unnamed VPN software.

Read: https://thehackernews.com/2021/06/north-korea-exploited-vpn-flaw-to-hack.html

A team of researchers has developed the "DroidMorph" tool to illustrate how popular antivirus apps for Android continue to remain vulnerable against different permutations of malware.

Read: https://thehackernews.com/2021/06/droidmorph-shows-popular-android.html

NVIDIA Jetson series chipsets have been found vulnerable to 26 new vulnerabilities, the most serious of which can enable attackers to escalate privileges, cause DoS, and steal information.

Details: https://thehackernews.com/2021/06/nvidia-jetson-chipsets-found-vulnerable.html

Researchers are warning of wormable DarkRadiation ransomware that's targeting RedHat, Debian-based Linux distributions and Docker cloud containers.

Details: https://thehackernews.com/2021/06/wormable-darkradiation-ransomware.html

An unpatched critical #vulnerability affects Pling-based marketplace software for Linux systems that could potentially be exploited to launch supply-chain and RCE attacks.

Details: https://thehackernews.com/2021/06/unpatched-critical-flaw-affects-pling.html

A memory leak vulnerability [CVE-2021-20019] affecting SonicWall VPN appliances was left unpatched amidst 0-day attacks that could allow remote attackers access to sensitive data.

Read: https://thehackernews.com/2021/06/sonicwall-left-vpn-flaw-partially.html

Security patches have now been released.

Important — Update your Tor browser to the latest version to patch a new privacy vulnerability that can be exploited remotely to track users' online activity.

Details: https://thehackernews.com/2021/06/patch-tor-browser-bug-to-prevent.html

A hacker with suspected ties to Pakistan targeted an Indian power transmission and generation organization with ReverseRat malware.

Read: https://thehackernews.com/2021/06/pakistan-linked-hackers-targeted-indian.html

Experts say this attacker targets South and Central Asia governments and energy companies.

John David McAfee, a controversial mogul and antivirus pioneer, committed suicide in a Barcelona jail cell in Barcelona, just hours after reports that he would be extradited to face federal charges.



Details: https://thehackernews.com/2021/06/antivirus-pioneer-john-mcafee-found.html

VMware has released security patches for Carbon Black App Control to fix a critical vulnerability (CVE-2021-21998, CVSS 9.4) that could allow attackers to access targeted servers without authentication.

Details: https://thehackernews.com/2021/06/critical-auth-bypass-bug-affects-vmware.html

The BIOSConnect feature of Dell systems contains several high-risk vulnerabilities that could lead to the execution of arbitrary code at the BIOS /UEFI level.

https://thehackernews.com/2021/06/bios-disconnect-new-high-severity-flaws.html

At least 128 Dell laptop, desktop and tablet models are affected by this issue.

Researchers demonstrated 1-click exploit for Atlassian's project and #software development platform that could potentially be exploited to take over an account and control apps connected via SSO functionality.

Read: https://thehackernews.com/2021/06/one-click-exploit-could-have-let.html

Recently arrested members of the Cl0p ransomware gang were involved in laundering $500 million for malicious actors through a variety of illegal activities.

Read: https://thehackernews.com/2021/06/clop-gang-members-laundered-500-million.html

Cryptocurrency exchange Binance worked with law enforcement to bring down the crime group

A supervisor for the hacker group FIN7 was sentenced to 7 years in prison for acting as a pentester to maintain a criminal scheme that allowed hackers to steal millions of debit and credit cards.

Read: https://thehackernews.com/2021/06/fin7-supervisor-gets-7-year-jail-term.html

A computer virus—dubbed "Crackonosh"—spread via cracked copies of popular software, has mined nearly 2 million worth of Monero cryptocurrency using 222,000 hacked systems.

Read: https://thehackernews.com/2021/06/crackonosh-virus-mined-2-million-of.html

Attention!

A sophisticated #cyberattack is currently underway against Zyxel firewalls and VPNs using unknown user accounts — such as "zyxel_slIvpn", "zyxel_ts" or "zyxel_vpn_test" — to establish unauthorised remote access.

Details: https://thehackernews.com/2021/06/watch-out-zyxel-firewalls-and-vpns.html

Google has extended the deadline for phasing out 3rd-party tracking cookies in its Chrome browser until the end of 2023 giving the digital advertising industry more time to develop privacy-friendly targeted ads.

Read: https://thehackernews.com/2021/06/google-extends-support-for-tracking.html

The hackers Hackers responsible for the SolarWinds breach also compromised a Microsoft customer service agent and attempted to further target company's customers.

Details — https://thehackernews.com/2021/06/solarwinds-hackers-breach-microsoft.html

Cisco Adaptive Security Appliances (ASA) have been actively targeted by hackers following the release of exploit code for a security vulnerability (CVE-2020-3580)

Read: https://thehackernews.com/2021/06/cisco-asa-flaw-under-active-attack.html