Mozilla warns that two malicious Firefox add-ons installed by over 455,000 users prevent users from downloading security updates, accessing updated blocklists, and updating remotely configured content.

Read details: https://thehackernews.com/2021/10/malicious-firefox-add-ons-block-browser.html

Over 10 MILLION users have been targeted with 151 malicious Android apps from the Google Play Store that tricked users into paying for premium subscription services without their knowledge or consent.

Details: https://thehackernews.com/2021/10/over-10-million-android-users-targeted.html

North Korean hacking group Lazarus has been observed waging two separate supply-chain attacks to gain a foothold in corporate networks and attack downstream organizations.

Read details: https://thehackernews.com/2021/10/latest-report-uncovers-supply-chain.html

A widespread malicious email campaign deploys a new malware loader that gives attackers initial access to corporate networks to spread malicious payloads like Qakbot and Cobalt Strike.

Read: https://thehackernews.com/2021/10/hackers-using-squirrelwaffle-loader-to.html

Two more malicious libraries distributed via the official NPM repository have been caught stealing credentials, installing remote access trojans, and infecting compromised systems with ransomware.

Read: https://thehackernews.com/2021/10/malicious-npm-libraries-caught.html

Cybersecurity researchers at ESET have discovered a new unique #malware loader, dubbed Wslink, that runs as a server and executes received modules in memory.

Read details: https://thehackernews.com/2021/10/new-wslink-malware-loader-runs-as.html

A researcher has cracked 70% of the 5,000 Wi-Fi networks in the Israeli city of Tel Aviv, showing how insecure Wi-Fi passwords can open the door to serious threats for individuals, small businesses and enterprises.

Read: https://thehackernews.com/2021/10/israeli-researcher-cracked-over-3500-wi.html

IMPORTANT — Google has issued an emergency update (version 95.0.4638.69) for Chrome web browser for Windows, Mac, and #Linux users to patch two zero-day vulnerabilities that are being actively exploited in the wild.

https://thehackernews.com/2021/10/google-releases-urgent-chrome-update-to.html

A Russian hacker extradited to the United States earlier this month has appeared in federal court in Ohio to face charges over his alleged involvement in the notorious TrickBot malware group.

Details: https://thehackernews.com/2021/10/russian-trickbot-gang-hacker-extradited.html

// Shrootless (CVE-2021-30892) //

Microsoft discovered a new SIP bypass vulnerability in Apple's macOS system that could allow attackers to gain root privileges and install persistent, undetectable rootkit malware.

Read details: https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html

Researchers have discovered a new Android malware strain that is capable of rooting smartphones and gaining complete control over infected devices while simultaneously evading detection.

Read: https://thehackernews.com/2021/10/this-new-android-malware-can-gain-root.html

Europol has arrested 12 hackers believed to be behind the LockerGoga, MegaCortex and Dharma ransomware attacks, which targeted large companies and critical infrastructure with over 1,800 victims in 71 countries

Read: https://thehackernews.com/2021/10/police-arrest-suspected-ransomware.html

Researchers have released details about the 'PINK' malware, which they say is the "largest botnet" observed in the wild in the last six years, infecting over 1.6 million devices.

Read details: https://thehackernews.com/2021/11/researchers-uncover-pink-botnet-malware.html

<Trojan Source Attack/>

Researchers discovered a new class of vulnerabilities that hackers could use to hide malicious code & vulnerabilities in source code of a program, effectively opening the door to more first-party and supply chain risks.

https://thehackernews.com/2021/11/new-trojan-source-technique-lets.html

Multiple critical flaws have been discovered in Hitachi Vantara's Pentaho Business Analytics software that could be abused by hackers to upload arbitrary data files and even execute arbitrary code on the app's underlying host system.

Read: https://thehackernews.com/2021/11/critical-flaws-uncovered-in-pentaho.html

Trick & Treat! 🎃

Google launches a new #bugbounty that will reward hackers with $31,337 for exploiting "already patched" Linux kernel vulnerabilities in its lab environment and $50,337 for unpatched flaws or a new exploit technique.

Details: https://thehackernews.com/2021/11/google-to-pay-hackers-31337-for.html

WARNING: A critical unauthenticated remote code execution flaw (CVE-2021-22205) affecting #GitLab CE is being actively exploited in the wild.

Details: https://thehackernews.com/2021/11/alert-hackers-exploiting-gitlab.html

Android Security Bulletin — Nov 2021

➤ There is a new zero-day vulnerability (CVE-2021-1048) that is being exploited by hackers for targeted attacks.

➤ Google has rolled out patches for this and 38 other flaws.

Read — https://thehackernews.com/2021/11/google-warns-of-new-android-0-day.html

Facebook is shutting down its decades-old "facial recognition system" and deleting a vast trove of more than a billion users' facial recognition templates, citing growing societal concerns about the use of such technology.

Read: https://thehackernews.com/2021/11/facebook-to-shut-down-facial.html

BlackMatter ransomware appears to be shutting down and meanwhile, researchers have released the latest analysis of new samples, showing how operators have been steadily adding new features and encryption capabilities over three months.

Read: https://thehackernews.com/2021/11/blackmatter-ransomware-reportedly.html