Critical Security Vulnerabilities Discovered in 2 Popular Industrial Remote Access Systems (B&R Automation and MB Connect Line)—Potentially Affecting Automotive, Energy, Oil & Gas, Metal, and Packaging Sectors.

Details: https://thehackernews.com/2020/10/industrial-remote-access.html

A Russian cybercriminal—who hacked LinkedIn, Dropbox, Formspring, and stole data on over 200 million user accounts—has finally been sentenced to 88 months in the U.S. prison.

https://thehackernews.com/2020/10/russian-linkedin-hacker.html

BEWARE — Hackers have been found distributing a new stealthy Android spyware (SpyC23.A) posing as Telegram, Threema, and other popular messaging apps.

Details: https://thehackernews.com/2020/10/android-mobile-hacking.html

🔥 This is really Interesting!

Researchers fingerprint two Exploit Developers—"Volodya" (BuggiCorp) & "PlayBit"—who sold over a dozen Windows exploits to several cyber criminals & malware authors in recent years.

Read details ➤ https://thehackernews.com/2020/10/exploit-development.html

Researchers reported security flaws in top ANTIVIRUS software that could make your computers more vulnerable to hackers.

https://thehackernews.com/2020/10/antivirus-software-vulnerabilities.html

Affected vendors have released patches:
—Kaspersky
—McAfee
—Symantec
—Fortinet
—Check Point
—Trend Micro
—Avira
—Microsoft Defender

MosaicRegressor — A new rare kind of potentially dangerous UEFI bootkit found actively targeting diplomats with persistent malware.

Read details: https://thehackernews.com/2020/10/uefi-bootkit-malware.html

Cybersecurity researchers have taken the wraps off a new botnet that's hijacking Internet-connected smart devices in the wild to perform nefarious tasks, mostly DDoS attacks, and illicit cryptocurrency coin mining.

Read more: https://thehackernews.com/2020/10/p2p-iot-botnet.html

NEW: Intezer researchers reported security vulnerabilities in Microsoft Azure App Service that could allow attackers to carry out SSRF attacks, insert phishing pages or execute arbitrary code and take over the administration server.

Read more: https://thehackernews.com/2020/10/microsoft-azure-vulnerability.html

Researchers find 55 new security flaws in Apple services and software — 11 of which are critical — allowing attackers to:

✅ hack customer & employee apps,
✅ wormable iCloud account taking over,
✅ retrieve source code for internal Apple projects,
✅ hack industrial control warehouse software,
✅ take over sessions of Apple employees & accessing management tools and sensitive resources.

Read details — https://thehackernews.com/2020/10/apple-security.html

Microsoft has issued a warning about a new ransomware malware that leverages incoming call notifications and Android's Home button to lock the device behind a ransom note.

Read details: https://thehackernews.com/2020/10/android-ransomware-lock.html

Microsoft Releases "October 2020" Patch Tuesday Updates:

🔥 Windows TCP/IP RCE
🔥 MS Outlook RCE
🔥 Windows Hyper-V RCE
🔥 6 Publicly Disclosed Flaws
🔥 11 Critical Flaw Out of Total 87

Read Details: https://thehackernews.com/2020/10/windows-tcp-ip-patch-tuesday.html

FIN11 hackers have been spotted using new tactics, techniques, and procedures (TTPs) in widespread ransomware attacks.

Read details: https://thehackernews.com/2020/10/fin11-hackers-spotted-using-new.html

German police raided 15 residential and business premises linked to commercial spyware company FinFisher over illegally exporting the software abroad without proper authorization.

Details — https://thehackernews.com/2020/10/finfisher-spyware-raid.html

US Government has charged 6 Russian intelligence officers for carrying out destructive malware attacks—including BlackEnergy, Industroyer, KillDisk, NotPetya, and Olympic Destroyer.

Read more: https://thehackernews.com/2020/10/russian-hackers.html

A Windows-based remote access Trojan believed to be designed by #Pakistani hacker groups to infiltrate computers and steal users' data has resurfaced after a two-year span with retooled capabilities to target #Android and #macOS devices.

https://thehackernews.com/2020/10/windows-gravityrat-malware-now-also.html

Multiple popular mobile browsers found vulnerable to address bar spoofing flaws, leaving doors open for spear-phishing and malware attacks.

Details: https://thehackernews.com/2020/10/browser-address-spoofing-vulnerability.html

✅ Apple Safari (macOS & iOS)
✅ Opera Touch
✅ UCWeb
✅ Yandex Browser
✅ Bolt Browser
✅ RITS Browser

WARNING: New Chrome 0-day Under Active Attacks; Update Your Web Browser for Windows, Linux & Mac NOW!!!

Details: https://thehackernews.com/2020/10/chrome-zeroday-attacks.html

Microsoft, in collaboration with MITRE, IBM, NVIDIA, and Bosch, has released — Adversarial ML Threat Matrix Framework — to help security analysts detect, respond to, and remediate adversarial attacks against machine learning (ML) systems.

Details: https://thehackernews.com/2020/10/adversarial-ml-threat-matrix.html

Security Researchers Warn of Security and Privacy Risks Caused by Link Preview Feature in Popular Messaging Apps

https://thehackernews.com/2020/10/mobile-messaging-apps.html

Google removes 21 newly spotted malicious Android apps from Play Store.

List in the story; check if your smartphone has been infected — https://thehackernews.com/2020/10/google-android-malwar.html