Spanish authorities have arrested 16 individuals belonging to a cybercrime network that operates two BANKING TROJANS—Mekotio and Grandoreiro—targeting financial institutions in Europe.

Read: https://thehackernews.com/2021/07/16-cybercriminals-behind-mekotio-and.html

Google sheds new light on 4 zero-day vulnerabilities recently exploited in-the-wild.

Read: https://thehackernews.com/2021/07/google-details-ios-chrome-ie-zero-day.html

SonicWall has warned customers of "imminent" ransomware attacks targeting its Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products running unpatched end-of-life 8.x firmware.

Details: https://thehackernews.com/2021/07/ransomware-attacks-targeting-unpatched.html

Chinese hackers linked to LuminousMoth APT have expanded their attacks to a number of Philippine targets and other Southeast Asian government agencies.

Read: https://thehackernews.com/2021/07/chinas-cyberspies-targeting-southeast.html

Microsoft warns of a new unpatched vulnerability (CVE-2021-34481) affecting the Windows Print Spooler service.

Read: https://thehackernews.com/2021/07/microsoft-warns-of-new-unpatched.html

An attacker who successfully exploited it could execute arbitrary code with SYSTEM privileges.

Google has pushed out a new security update for the Chrome browser for Windows, Mac and Linux that fixes several vulnerabilities, including a zero-day vulnerability (CVE-2021-30563) that Google says is being exploited in the wild.

Read: https://thehackernews.com/2021/07/update-your-chrome-browser-to-patch-new.html

Facebook announced that it had taken down about 200 accounts—operated by a group of hackers in Iran—that were involved in a cyberespionage campaign targeting US military personnel and defense contractors.

Read: https://thehackernews.com/2021/07/facebook-suspends-accounts-used-by.html

Israeli firm Candiru is embroiled in a scandal for selling 0-day exploits to governments & helping them spy on 100s of dissidents, journalists, activists & politicians globally.

Details: https://thehackernews.com/2021/07/israeli-firm-helped-governments-target.html

...including, 2 Windows flaws that #Microsoft patched this week.

A critical vulnerability reported in the CloudFlare CDNJS infrastructure may have facilitated widespread supply chain attacks.

https://thehackernews.com/2021/07/cloudflare-cdnjs-bug-could-have-led-to.html

🔥 If your Instagram account has been hacked, try "Security Checkup."

Instagram has introduced a new security feature to protect users' accounts and help them recover their compromised accounts.

Learn more about it: https://thehackernews.com/2021/07/instagram-launches-security-checkup-to.html

China has issued new regulations requiring cybersecurity researchers to mandatorily share details of critical zero-day security vulnerabilities first-hand with government authorities within two days of filing a report.

Read: https://thehackernews.com/2021/07/chinas-new-law-requires-researchers-to.html

A new leak reveals how governments abused #NSO Group's Pegasus spyware to silence journalists, attack activists, and suppress dissent in several countries, including in Bahrain, Hungary, India, Mexico, Saudi Arabia & U.A.E.

Read https://thehackernews.com/2021/07/new-leak-reveals-abuse-of-pegasus.html

Yet another unpatched #vulnerability has been uncovered in Windows Printer Spooler, making it the fourth printer-related vulnerability found in recent weeks.

Read: https://thehackernews.com/2021/07/researcher-uncover-yet-another.html

Remember that fun-looking Wi-Fi name bug on iOS?

🔥 Turns out the vulnerability can not only disable the iPhone's network functionality, but can also be exploited to remotely execute malicious code on targeted Apple devices.

Details: https://thehackernews.com/2021/07/turns-out-that-low-risk-ios-wi-fi.html

Researchers have gained insight into a group of Romanian cybercriminals which have been identified carrying out cryptojacking attacks on #Linux machines with weak passwords.

Read: https://thehackernews.com/2021/07/researchers-warn-of-linux-cryptojacking.html

The United States and its global allies have officially blamed hackers affiliated with the Chinese government for the massive cyberattack on Microsoft Exchange servers.

Read: https://thehackernews.com/2021/07/us-and-global-allies-accuse-china-of.html

Researchers warn of a new malware strain, dubbed "MosaicLoader," that hides among Windows Defender exclusions to evade detection by Microsoft's antivirus program.

Read details: https://thehackernews.com/2021/07/this-new-malware-hides-itself-among.html

Millions of HP, Samsung and Xerox printers worldwide are vulnerable to a new vulnerability (CVE-2021-3438) that has gone undetected for 16 years.

Read details: https://thehackernews.com/2021/07/16-year-old-security-bug-affects.html

New Windows and Linux Flaws Give Attackers Highest System Privileges (SYSTEM / root):

1 — Microsoft has tagged this new vulnerability CVE-2021-36934, marking it as the 3rd publicly disclosed unpatched Windows bug this month.

2 — Dubbed "Sequoia," the Linux flaw (CVE-2021-33909) affects all kernel versions from 2014, including default installations of Ubuntu, Debian, Fedora and RHEL.

https://thehackernews.com/2021/07/new-windows-and-linux-flaws-give.html

Cybersecurity researchers have discovered multiple vulnerabilities in CODESYS automation software and the WAGO PLC platform that can be remotely exploited to compromise an organization's cloud operating technology infrastructure (OT).

Read: https://thehackernews.com/2021/07/several-new-critical-flaws-affect.html