Russian APT28 hackers spotted leveraging COVID-19 as phishing lures to deliver the Go version of Zebrocy (or Zekapab) malware.

Details: https://thehackernews.com/2020/12/russian-apt28-hackers-using-covid-19-as.html

The U.S. Federal Trade Commission (FTC) and 48 states are suing Facebook for allegedly breaking antitrust laws for illegal monopolization and neutralizing competitors using Instagram and WhatsApp.

https://thehackernews.com/2020/12/48-us-states-and-ftc-are-suing-facebook.html

Multiple critical flaws in a core networking library powering Valve's Steam online gaming platform could have allowed malicious gamers to hijack game servers remotely.

Read details: https://thehackernews.com/2020/12/valves-steam-server-bugs-couldve-let.html

Facebook tracks two hacking groups—APT32 to an IT company in Vietnam and a Bangladesh group to two non-profit organizations in the country—and blocked their malicious activities on its social media platform.

Details: https://thehackernews.com/2020/12/facebook-tracks-apt32-oceanlotus.html

Watch Out!!! Microsoft warns of nasty malware, dubbed "Adrozek," that's targeting all major web browsers—including Google Chrome, Mozilla Firefox, Microsoft Edge, Yandex Browser—to hijack search engine results pages for malicious intent.

https://thehackernews.com/2020/12/watch-out-adrozek-malware-hijacking.html

Mount Locker ransomware—file-encrypting and data-stealing malware behind a series of breaches on corporate networks—has developed new capabilities, including to allow its ransomware-as-a-service affiliates to launch double extortion attacks.

Details: https://thehackernews.com/2020/12/mount-locker-ransomware-offering-double.html

⚠️URGENT⚠️

Hackers exploit a supply-chain backdoor in SolarWinds enterprise monitoring software to breach US Treasury, Commerce Department, other government agencies, and cybersecurity firm FireEye.

Details: https://thehackernews.com/2020/12/us-agencies-and-fireeye-were-hacked.html

Researchers release a huge dataset of 20 million #malware samples, which also contains metadata, labels, and features, aiming to help research for Machine Learning based malware detection.

Learn more about SOREL-20M here: https://thehackernews.com/2020/12/sorel-20m-huge-dataset-of-20-million.html

🔥 AIR-FI: Researcher demonstrates how hackers can exfiltrate data from air-gapped computers via Wi-Fi signals as a covert channel—interestingly, using DDR SDRAM and without requiring Wi-Fi hardware on a targeted system.

Details: https://thehackernews.com/2020/12/exfiltrating-data-from-air-gapped.html

Nearly 18,000 customers of SolarWinds may have installed the backdoored version of the software, including government agencies, the company disclosed in an SEC filing.

Read details: https://thehackernews.com/2020/12/nearly-18000-solarwinds-customers.html

SolarWinds issues a second hotfix for Orion Platform that replaces the compromised component introduced during the recent supply chain attack and provides several additional security enhancements.

Read: https://thehackernews.com/2020/12/solarwinds-issues-second-hotfix-for.html

High-profile ransomware campaigns have been spotted using an upgrade version of SystemBC malware that now comes with a Tor proxy and remote control tool.

Read details: https://thehackernews.com/2020/12/ransomware-attackers-using-systembc.html

A set of new 5G network vulnerabilities could let attackers track users' cellphone locations, steal subscriber data, impersonate users, cause a denial of service, and cut user access to the web.

Read more: https://thehackernews.com/2020/12/new-5g-network-flaws-let-attackers.html

BREAKING 🔥

New evidence suggests SolarWinds hackers likely compromised the software build infrastructure of Orion platform & added malicious code, which was then eventually delivered within new updates that the company compiled, signed, and delivered.

https://thehackernews.com/2020/12/new-evidence-suggests-solarwinds.html

WATCH OUT! In a newly spotted SUPPLY-CHAIN attack, attackers compromised the Vietnam Government Certification Authority server and distributed a BACKDOORED version of the digital signature toolkit to install PhantomNet malware.

Read details: https://thehackernews.com/2020/12/software-supply-chain-attack-hits.html

Microsoft says its systems were also BREACHED in the recent SolarWinds cyberattack.

Read details: https://thehackernews.com/2020/12/microsoft-says-its-systems-were-also.html

Experts believe the incident may have been far wider in scope, sophistication, and impact than previously thought.

🚨 iPhones of at least 36 journalists were hacked using a critical zero-click iMessage exploit to install NSO Group's Pegasus spyware.

Details: https://thehackernews.com/2020/12/iphones-of-36-journalists-hacked-using.html

Two critical flaws — CVSS score 10 — affect several models of Dell Wyse Thin Client devices, allowing attackers to remotely run malicious code and access arbitrary files.

Details: https://thehackernews.com/2020/12/two-critical-flaws-cvss-score-10-affect.html

CVE-2020-29491
CVE-2020-29492

Microsoft finds additional malware in #SolarWinds software, suggesting that a second hacker group may have also breached the IT company.



Read details: https://thehackernews.com/2020/12/a-second-hacker-group-may-have-also.html

International law enforcement agencies take down cybercriminals' favorite Bulletproof VPN service that was used to facilitate ransomware, web-skimming, spear-phishing, and account takeover attacks.

Read: https://thehackernews.com/2020/12/cybercriminals-favorite-bulletproof-vpn.html