Researchers warn of ongoing cyberattacks coordinated by a Chinese-speaking threat actor targeting the Afghan government.

https://thehackernews.com/2021/07/indigozebra-apt-hacking-campaign.html

🔥 WATCH OUT! Microsoft warns of critical PrintNightmare RCE vulnerability (CVE-2021-34527) being exploited in the wild.

Details: https://thehackernews.com/2021/07/microsoft-warns-of-critical.html

It is separate from the Windows Print Spooler issue (CVE-2021-1675) Microsoft patched recently.

FBI and NSA reveal hacking techniques used by Russian military hackers to target U.S. and European military, government, and political entities.

Details — https://thehackernews.com/2021/07/nsa-fbi-reveal-hacking-methods-used-by.html

Google releases updated version of Scorecards—an automated tool that scans open source software for security risks—with improved security checks and features.

Read details: https://thehackernews.com/2021/07/new-google-scorecards-tool-scans-open.html

During a supply-chain attack, hackers compromised the website of Mongolian Certificate Authority and replaced legitimate MonPass CA client software with a backdoored version to distribute malware.

Details: https://thehackernews.com/2021/07/mongolian-certificate-authority-hacked.html

A new Mirai-inspired botnet malware has been discovered in the wild that could hijack your KGUARD DVRs for use in cyberattacks.

Read: https://thehackernews.com/2021/07/new-mirai-inspired-botnet-could-be.html

⚡ Widespread supply-chain #ransomware attack hit hundreds of businesses overnight after REvil cybercriminals compromised Kaseya's IT management software and sent malicious updates to nearly 40 managed service providers (MSPs) worldwide.

Read: https://thehackernews.com/2021/07/kaseya-revil-ransomware-attack.html

🔥 Attention!!! 9 Android apps with a total of 5.8 million installs from the #Google Play store were caught stealing users' Facebook account passwords.

Here are details and a list of malicious apps: https://thehackernews.com/2021/07/android-apps-with-58-million-installs.html

<🔥> Learn to Code — Get 2021 Master Bundle of 13 Online Courses @ 99% OFF <🔥/>

Kickstart your lucrative programming career with 119 ours of video tutorials: https://thehackernews.com/2021/07/learn-to-code-get-2021-master-bundle-of.html

REvil gang exploited a zero-day vulnerability affecting VSA software in the recent massive supply-chain ransomware attack that triggered a chain of infection that compromised thousands of businesses.

Read: https://thehackernews.com/2021/07/revil-used-0-day-in-kaseya-ransomware.html

The hackers are now asking for $70 million to unlock all affected systems with a universal decryption programme.

Microsoft is urging Azure users to update the PowerShell command line tool as soon as possible to protect against a critical RCE vulnerability (CVE-2021-26701) that impacts . NET Core.

Read: https://thehackernews.com/2021/07/microsoft-urges-azure-users-to-update.html

Cybercriminals behind the notorious TrickBot malware have been linked to a new ransomware strain named "Diavol."

Read: https://thehackernews.com/2021/07/trickbot-botnet-found-deploying-new.html

[NEW] Kaseya rules out a supply-chain attack, claiming attackers exploited an undisclosed 0-day vulnerability in on-premises VSA software to infect its customers with ransomware.

Read details: https://thehackernews.com/2021/07/kaseya-rules-out-supply-chain-attack.html

⚡ Interpol arrested a hacker — using the alias Dr HeX — in Morocco, involved in nefarious cyber activities, including phishing, defacement, malware, fraud & carding, and also responsible for attacks on telecoms, banks & multinationals.

Read: https://thehackernews.com/2021/07/interpol-arrests-hacker-in-morocco-who.html

Microsoft has shipped an emergency security update to address a critical zero-day vulnerability — PrintNightmare — affecting Windows Print Spooler that could allow remote hackers to execute arbitrary code & take over vulnerable systems.

Read: https://thehackernews.com/2021/07/microsoft-issues-emergency-patch-for.html

Researchers have uncovered dozens of critically vulnerable software components hosted on NuGet that are being actively exploited by attackers to attack widely-used software built on the .NET platform.

Read details: https://thehackernews.com/2021/07/dozens-of-vulnerable-nuget-packages.html

WildPressure APT campaign targeting industrial entities in the Middle East since 2019 has resurfaced with an upgraded malware toolset to attack both Windows and #macOS computers.

Read: https://thehackernews.com/2021/07/wildpressure-apt-emerges-with-new.html

WARNING — Microsoft's emergency patch update for the PrintNightmare RCE exploit fails to fully address the Windows vulnerability & can be bypassed in certain scenarios, allowing attackers to execute arbitrary code on infected systems.

Details: https://thehackernews.com/2021/07/microsofts-emergency-patch-fails-to.html

SideCopy cyber-espionage APT group—potentially linked to Pakistan—has been observed increasingly targeting Indian government personnel with as many as 4 new custom remote-access #malware.

Details: https://thehackernews.com/2021/07/sidecopy-hackers-target-indian.html

Cybersecurity researchers uncovered a new ongoing cyberespionage campaign targeting corporate networks with malware in Spanish-speaking countries, specifically Venezuela, to spy on their victims.

Read: https://thehackernews.com/2021/07/experts-uncover-malware-attacks.html