Microsoft, in collaboration with MITRE, IBM, NVIDIA, and Bosch, has released — Adversarial ML Threat Matrix Framework — to help security analysts detect, respond to, and remediate adversarial attacks against machine learning (ML) systems.

Details: https://thehackernews.com/2020/10/adversarial-ml-threat-matrix.html

Security Researchers Warn of Security and Privacy Risks Caused by Link Preview Feature in Popular Messaging Apps

https://thehackernews.com/2020/10/mobile-messaging-apps.html

Google removes 21 newly spotted malicious Android apps from Play Store.

List in the story; check if your smartphone has been infected — https://thehackernews.com/2020/10/google-android-malwar.html

Despite recent efforts to takedown TrickBot malware, some of its new variants are actively targeting Linux users.

Read details: https://thehackernews.com/2020/10/trickbot-linux-variants-active-in-wild.html

FBI, Homeland Security, and HHS warn of an "imminent" increase in ransomware and other cyberattacks against hospitals and healthcare providers.

Read details: https://thehackernews.com/2020/10/ransomware-attack-hospital.html

KashmirBlack botnet hijacks hundreds of thousands of websites running on popular CMS platforms, including WordPress, Joomla!, PrestaShop, Magneto, Drupal, Vbulletin, OsCommerence, OpenCart, and Yeager.

Read details of the campaign here: https://thehackernews.com/2020/10/kashmirblack-botnet-hijacks-thousands.html

Attackers exploit Chrome and IE browsers flaws to install two new backdoor malware on targeted computers by tricking Korean victims into visiting some sites.

Read details: https://thehackernews.com/2020/10/browser-exploit-backdoor.html

WATCH OUT! Google disclosed details of a new zero-day flaw (CVE-2020-17087) in the Windows operating system that's being actively exploited in the wild.

Details: https://thehackernews.com/2020/11/warning-google-discloses-windows-zero.html

🔥 NAT Slipstreaming — A new technique allows attackers to bypass NAT/firewall protection and remotely access any TCP/UDP service on targeted systems just by tricking victims into visiting a website.

Read Details: https://thehackernews.com/2020/11/new-natfirewall-bypass-attack-lets.html

Another Chrome Browser 0-Day Found Being Exploited in the Wild.

https://thehackernews.com/2020/11/new-chrome-zero-day-under-active.html

Update Your #Google Chrome to Version 86.0.4240.183 for Windows, Mac, and Linux Systems.

Researchers uncover 'KGH_SPY,' a new spyware module North Korean hacking group added to its Kimsuky malware to make it more powerful against espionage targets.

Read details: https://thehackernews.com/2020/11/new-kimsuky-module-makes-north-korean.html

NEW: Gaza & Egypt-based hackers hijacked VoIP servers of over 1200 companies (across 60 countries) to profit from premium rate phone numbers.

Read details: https://thehackernews.com/2020/11/premium-rate-phone-fraudsters-hack-voip.html

Uncovered — North Korean hackers implanted a previously undiscovered #spyware, dubbed 'Torisma,' on the victims' systems compromised during JOB OFFERS-based attacks.

Read details: https://thehackernews.com/2020/11/north-korean-hackers-used-torisma.html

WARNING: Update your iOS devices now!

Apple releases emergency iOS update to patch 3 actively exploited 0-day vulnerabilities.

Read details: https://thehackernews.com/2020/11/update-your-ios-devices-now-3-actively.html

✅ CVE-2020-27930
✅ CVE-2020-27932
✅ CVE-2020-27950

Popular software products from Adobe, Apple, Google, Microsoft, Mozilla, and Samsung successfully PWNED at Tianfu Cup 2020 cybersecurity contest—with previously unseen exploits.

Read details: https://thehackernews.com/2020/11/windows-10-ios-chrome-firefox-and.html

November 2020 Patch Tuesday — Microsoft releases security updates for 112 newly discovered vulnerabilities, including an actively exploited zero-day flaw (CVE-2020-17087) disclosed by Google's security team last week.

https://thehackernews.com/2020/11/microsoft-releases-windows-security.html

In the latest wave of cyberattack against online shopping websites, Magecart 'Cardbleed' credit card hackers compromised over 2800 websites running outdated Magento e-commerce software.

Details: https://thehackernews.com/2020/11/over-2800-e-shops-running-outdated.html

🔥 Watch Out! A new PoS (point-of-sale) malware — dubbed "ModPipe — has been found stealing data from ORACLE MICROS systems at restaurants, hotels, and other hospitality establishments.

Read details: https://thehackernews.com/2020/11/new-modpipe-point-of-sale-pos-malware.html

⚡ SAD DNS Attack !!!

A series of new vulnerabilities (CVE-2020-25705) in Linux, Windows, macOS, and FreeBSD systems re-enable classic DNS cache poisoning attack, leaving millions of users vulnerable.

Details: https://thehackernews.com/2020/11/sad-dns-new-flaws-re-enable-dns-cache.html

North Korean hackers abuse legitimate security software and stolen digital certificates to target Internet users in South Korea with RAT malware.

Details: https://thehackernews.com/2020/11/trojanized-security-software-hits-south.html