— Glowworm Attack —

Experts demonstrate a novel technique that uses the optical emanations from a device's power indicator LED to recover sounds from connected peripherals and spy on electronic conversations from up to 35 meters away.

Read: https://thehackernews.com/2021/08/new-glowworm-attack-recovers-devices.html

New AdLoad malware variant bypasses Apple's security defenses to target macOS systems.

Read: https://thehackernews.com/2021/08/new-adload-variant-bypasses-apples.html

Researchers discover dozens of STARTTLS #encryption related vulnerabilities affecting several popular email client software and services.

Details: https://thehackernews.com/2021/08/dozens-of-starttls-related-flaws-found.html

Apple Mail, Gmail, Mozilla Thunderbird, Claws Mail, Mutt, Exim, Samsung Email and Yandex are some of them.

Researchers warn about weaknesses in the implementation of the TCP protocol in firewalls and middleboxes that attackers can exploit to launch reflected DoS amplification attacks.

Read details: https://thehackernews.com/2021/08/attackers-can-weaponize-firewalls-and.html

A new social engineering-driven malvertising campaign has been found targeting cryptocurrency users with the Cinobi banking trojan.

https://thehackernews.com/2021/08/malicious-ads-target-cryptocurrency.html

Rapid7 discloses a new UNPATCHED vulnerability (CVE-2021-22123) in Fortinet's Fortiweb Web Application Firewall (WAF) appliances that could be exploited by a remote, authenticated attacker to execute malicious commands on the system.

Read: https://thehackernews.com/2021/08/unpatched-remote-hacking-zero-day-flaw.html

North Korean APT hackers have been found using IE browser exploits to infect victims with custom implants as part of a strategic web compromise (SWC) targeting an South Korean online newspaper.

Read: https://thehackernews.com/2021/08/nk-hackers-deploy-browser-exploit-on.html

Researchers reveal IT and communications companies in Israel were at the center of a supply-chain attack campaign led by an Iranian threat actor known as Siamesekitten APT.

Read: https://thehackernews.com/2021/08/iranian-hackers-target-several-israeli.html

Blackberry's QNX Real-Time Operating System (RTOS) — embedded in millions of vehicles, industrial equipment and healthcare devices — is vulnerable to BadAlloc vulnerability, which could let attackers gain control of a wide range of products.

https://thehackernews.com/2021/08/badalloc-flaw-affects-blackberry-qnx.html

FireEye has disclosed a new critical vulnerability (CVE-2021-28372) in the ThroughTek Kalay P2P SDK that could allow remote attackers to take control of affected devices, spy on camera audio and video feeds, and compromise device credentials.

https://thehackernews.com/2021/08/critical-throughtek-sdk-bug-could-let.html

Researchers have discovered new evidence that links Diavol ransomware to TrickBot malware syndicate.

Read details: https://thehackernews.com/2021/08/researchers-find-new-evidence-linking.html

Cisco has informed its customers that it will not provide a patch for a newly discovered critical vulnerability (CVE-2021-34730) affecting its small business routers as the devices reach the end of their lifecycle.

Read: https://thehackernews.com/2021/08/critical-flaw-found-in-older-cisco.html

Mozi, a peer-to-peer #botnet known for targeting IoT devices, has gained new capabilities that give it the ability to persist on network gateways manufactured by Netgear, Huawei and ZTE.

Read: https://thehackernews.com/2021/08/mozi-iot-botnet-now-also-targets.html

A Nigerian cybercrime group has been spotted recruiting employees of several companies by offering them $1 million in Bitcoin in exchange for deploying ransomware on their companies' networks as part of an insider threat scheme.

Read: https://thehackernews.com/2021/08/cybercrime-group-asking-insiders-for.html

Cloudflare says it mitigated the largest ever volumetric DDoS attack recorded to date, involving a record high of 17.2 million requests-per-second.

Read details: https://thehackernews.com/2021/08/cloudflare-mitigated-one-of-largest.html

ShadowPad, a privately sold modular malware platform, is becoming a favorite of Chinese cyberespionage groups.

Details: https://thehackernews.com/2021/08/shadowpad-malware-is-becoming-favorite.html

It was the main backdoor used in multiple espionage campaigns, including the CCleaner, NetSarang, and ASUS Supply-Chain attacks.

WARNING — Multiple threat actors are extensively exploiting the ProxyShell vulnerabilities in-the-wild and have already compromised over 1900 Microsoft Exchange servers.

Read details: https://thehackernews.com/2021/08/microsoft-exchange-under-attack-with.html

In a new report, researchers warn of the top 15 security vulnerabilities that attackers have exploited millions of times in-the-wild to hack hundreds of thousands of Linux systems.

Read: https://thehackernews.com/2021/08/top-15-vulnerabilities-attackers.html

Activists in Bahrain were targeted by Pegasus spyware using a new zero-day iPhone exploit devised by the NSO Group.

Read details: https://thehackernews.com/2021/08/bahraini-activists-targeted-using-new.html

Researchers warn of 4 emerging ransomware cybercrime groups that could pose a threat to a number of businesses.

Read: https://thehackernews.com/2021/08/researchers-warn-of-4-new-ransomware.html