Researchers have found that the attack infrastructure used to hack Cisco in May 2022 was also used to attack the holding company of an unnamed large workforce management solutions company.

Read details: https://thehackernews.com/2022/09/infra-used-in-cisco-hack-also-targeted.html

Researchers have identified over 1,800 apps for Android and iOS containing hard-coded Amazon Web Services (AWS) credentials, posing a major security risk.

Read details: https://thehackernews.com/2022/09/over-1800-android-and-ios-apps-found.html

Researchers detail the operations and techniques used by the operators of the emerging cross-platform BianLian ransomware.

Read details: https://thehackernews.com/2022/09/researchers-detail-emerging-cross.html

Google Chrome as well as Chromium-based alternative web browsers have a "major" security issue that could allow malicious websites to overwrite the contents of the system clipboard without the user's consent.

Details: https://thehackernews.com/2022/09/google-chrome-bug-lets-sites-silently.html

Researchers have found functional similarities between a malicious component used in the Raspberry Robin infection chain and a Dridex malware loader, further strengthening the operators' ties to the Russia-based Evil Corp group.

Read: https://thehackernews.com/2022/09/new-evidence-links-raspberry-robin.html

WATCH OUT!

PyPI, Python Package Index, automatically executes code on the system when developers merely download a package.

⅓ of PyPI packages use the feature.

Using it hackers can achieve higher infection rates in supply-chain attacks.

https://thehackernews.com/2022/09/warning-pypi-feature-executes-code.html

Researchers discover a backdoor in the "Prynt information stealing malware" that its creator added to secretly steal a copy of victims' data exfiltrated by other cybercriminals.

Read details: https://thehackernews.com/2022/09/prynt-stealer-contains-backdoor-to.html

Samsung suffered a data breach that exposed personal information of some of its U.S. customers.

Read: https://thehackernews.com/2022/09/samsung-admits-data-breach-that-exposed.html

Google has released an urgent update for the Chrome browser for Windows, Mac, and Linux systems to patch a newly discovered zero-day vulnerability that attackers are exploiting in the wild.

Read details: https://thehackernews.com/2022/09/google-release-urgent-chrome-update-to.html

A new version of the notorious SharkBot Android banking trojan has once again made its way into the Google Play Store by disguising itself as an antivirus and cleaner app.

Read details: https://thehackernews.com/2022/09/fake-antivirus-and-cleaner-apps-caught.html

TikTok has denied reports of a data breach after a hacker group claimed to have gained access to information on two billion of its users.

Read details: https://thehackernews.com/2022/09/tiktok-denies-data-breach-reportedly.html

QNAP has issued an advisory urging NAS device users to update Photo Station software to the latest available version after discovering another DeadBolt ransomware attack exploiting a zero-day vulnerability.

Read details: https://thehackernews.com/2022/09/qnap-warns-of-new-deadbolt-ransomware.html

Researchers have discovered a new Android spyware that is capable of collecting extensive information and is distributed under the guise of a book that likely targets the Uyghur community in China.

Details: https://thehackernews.com/2022/09/researchers-find-new-android-spyware.html

Researchers have identified a new phishing-as-a-service (PhaaS) called "EvilProxy" that is being promoted in the dark web as a way for cybercriminals to bypass security measures employed by online services.

Read: https://thehackernews.com/2022/09/new-evilproxy-phishing-service-allowing.html

Researchers uncover "TeslaGun," a previously undocumented software control panel used by the financially motivated cybercrime group TA505 to manage its "ServHelper" backdoor malware attacks.

Read details: https://thehackernews.com/2022/09/ta505-hackers-using-teslagun-panel-to.html

Researchers uncover targeted cyberattacks by the "Worok" espionage hacking group against high-profile Asian companies and local governments.

Read details: https://thehackernews.com/2022/09/worok-hackers-target-high-profile-asian.html

A new critical remote code execution vulnerability (CVE-2022-34747) has been found in Zyxel network-attached storage (NAS) devices — Firmware patch update released.

Read: https://thehackernews.com/2022/09/critical-rce-vulnerability-affects.html

MooBot, a new variant of the Mirai botnet, has been spotted exploiting unpatched D-Link devices to include them in its army of denial-of-service bots.

Read: https://thehackernews.com/2022/09/mirai-variant-moobot-botnet-exploiting.html

North Korean hacker group Lazarus has been spotted deploying a new remote access trojan, dubbed "MagicRAT," in targeted campaigns exploiting VMware Horizon platforms.

Read details: https://thehackernews.com/2022/09/north-korean-hackers-spotted-using-new.html

Researchers discover a new stealthy malware, dubbed Shikitega, that targets Linux-based systems and IoT devices via a multi-stage infection chain and uses polymorphic encoders to evade detection.

Details: https://thehackernews.com/2022/09/new-stealthy-shikitega-malware.html