Watch Out!!! Microsoft warns of nasty malware, dubbed "Adrozek," that's targeting all major web browsers—including Google Chrome, Mozilla Firefox, Microsoft Edge, Yandex Browser—to hijack search engine results pages for malicious intent.

https://thehackernews.com/2020/12/watch-out-adrozek-malware-hijacking.html

Mount Locker ransomware—file-encrypting and data-stealing malware behind a series of breaches on corporate networks—has developed new capabilities, including to allow its ransomware-as-a-service affiliates to launch double extortion attacks.

Details: https://thehackernews.com/2020/12/mount-locker-ransomware-offering-double.html

⚠️URGENT⚠️

Hackers exploit a supply-chain backdoor in SolarWinds enterprise monitoring software to breach US Treasury, Commerce Department, other government agencies, and cybersecurity firm FireEye.

Details: https://thehackernews.com/2020/12/us-agencies-and-fireeye-were-hacked.html

Researchers release a huge dataset of 20 million #malware samples, which also contains metadata, labels, and features, aiming to help research for Machine Learning based malware detection.

Learn more about SOREL-20M here: https://thehackernews.com/2020/12/sorel-20m-huge-dataset-of-20-million.html

🔥 AIR-FI: Researcher demonstrates how hackers can exfiltrate data from air-gapped computers via Wi-Fi signals as a covert channel—interestingly, using DDR SDRAM and without requiring Wi-Fi hardware on a targeted system.

Details: https://thehackernews.com/2020/12/exfiltrating-data-from-air-gapped.html

Nearly 18,000 customers of SolarWinds may have installed the backdoored version of the software, including government agencies, the company disclosed in an SEC filing.

Read details: https://thehackernews.com/2020/12/nearly-18000-solarwinds-customers.html

SolarWinds issues a second hotfix for Orion Platform that replaces the compromised component introduced during the recent supply chain attack and provides several additional security enhancements.

Read: https://thehackernews.com/2020/12/solarwinds-issues-second-hotfix-for.html

High-profile ransomware campaigns have been spotted using an upgrade version of SystemBC malware that now comes with a Tor proxy and remote control tool.

Read details: https://thehackernews.com/2020/12/ransomware-attackers-using-systembc.html

A set of new 5G network vulnerabilities could let attackers track users' cellphone locations, steal subscriber data, impersonate users, cause a denial of service, and cut user access to the web.

Read more: https://thehackernews.com/2020/12/new-5g-network-flaws-let-attackers.html

BREAKING 🔥

New evidence suggests SolarWinds hackers likely compromised the software build infrastructure of Orion platform & added malicious code, which was then eventually delivered within new updates that the company compiled, signed, and delivered.

https://thehackernews.com/2020/12/new-evidence-suggests-solarwinds.html

WATCH OUT! In a newly spotted SUPPLY-CHAIN attack, attackers compromised the Vietnam Government Certification Authority server and distributed a BACKDOORED version of the digital signature toolkit to install PhantomNet malware.

Read details: https://thehackernews.com/2020/12/software-supply-chain-attack-hits.html

Microsoft says its systems were also BREACHED in the recent SolarWinds cyberattack.

Read details: https://thehackernews.com/2020/12/microsoft-says-its-systems-were-also.html

Experts believe the incident may have been far wider in scope, sophistication, and impact than previously thought.

🚨 iPhones of at least 36 journalists were hacked using a critical zero-click iMessage exploit to install NSO Group's Pegasus spyware.

Details: https://thehackernews.com/2020/12/iphones-of-36-journalists-hacked-using.html

Two critical flaws — CVSS score 10 — affect several models of Dell Wyse Thin Client devices, allowing attackers to remotely run malicious code and access arbitrary files.

Details: https://thehackernews.com/2020/12/two-critical-flaws-cvss-score-10-affect.html

CVE-2020-29491
CVE-2020-29492

Microsoft finds additional malware in #SolarWinds software, suggesting that a second hacker group may have also breached the IT company.



Read details: https://thehackernews.com/2020/12/a-second-hacker-group-may-have-also.html

International law enforcement agencies take down cybercriminals' favorite Bulletproof VPN service that was used to facilitate ransomware, web-skimming, spear-phishing, and account takeover attacks.

Read: https://thehackernews.com/2020/12/cybercriminals-favorite-bulletproof-vpn.html

A new set of critical vulnerabilities in the low-level Treck TCP/IP software library affect millions of IoT devices, allowing remote attackers to run arbitrary commands and mount denial-of-service (DoS) attacks.

Read details: https://thehackernews.com/2020/12/new-critical-flaws-in-treck-tcpip-stack.html

The FBI and Interpol have allegedly seized servers belonging to Joker's Stash, a notorious fraud bazaar known for selling compromised payment card data in underground forums.

Read: https://thehackernews.com/2020/12/law-enforcement-seizes-jokers-stash.html

North Korean Lazarus hacking group targets pharmaceutical companies and government ministries in an attempt to steal the ongoing #COVID19 vaccine research to speed up their country's vaccine development by any means available.



Read more: https://thehackernews.com/2020/12/north-korean-hackers-trying-to-steal.html

Google hackers disclose exploit for an UNPATCHED Windows vulnerability (CVE-2020-0986) that was exploited as 0-day in the wild, for which Microsoft issued an incomplete patch and then failed to patch it again under the 90-day deadline.

Read — https://thehackernews.com/2020/12/google-discloses-poorly-patched-now.html