Nearly 18,000 customers of SolarWinds may have installed the backdoored version of the software, including government agencies, the company disclosed in an SEC filing.

Read details: https://thehackernews.com/2020/12/nearly-18000-solarwinds-customers.html

SolarWinds issues a second hotfix for Orion Platform that replaces the compromised component introduced during the recent supply chain attack and provides several additional security enhancements.

Read: https://thehackernews.com/2020/12/solarwinds-issues-second-hotfix-for.html

High-profile ransomware campaigns have been spotted using an upgrade version of SystemBC malware that now comes with a Tor proxy and remote control tool.

Read details: https://thehackernews.com/2020/12/ransomware-attackers-using-systembc.html

A set of new 5G network vulnerabilities could let attackers track users' cellphone locations, steal subscriber data, impersonate users, cause a denial of service, and cut user access to the web.

Read more: https://thehackernews.com/2020/12/new-5g-network-flaws-let-attackers.html

BREAKING 🔥

New evidence suggests SolarWinds hackers likely compromised the software build infrastructure of Orion platform & added malicious code, which was then eventually delivered within new updates that the company compiled, signed, and delivered.

https://thehackernews.com/2020/12/new-evidence-suggests-solarwinds.html

WATCH OUT! In a newly spotted SUPPLY-CHAIN attack, attackers compromised the Vietnam Government Certification Authority server and distributed a BACKDOORED version of the digital signature toolkit to install PhantomNet malware.

Read details: https://thehackernews.com/2020/12/software-supply-chain-attack-hits.html

Microsoft says its systems were also BREACHED in the recent SolarWinds cyberattack.

Read details: https://thehackernews.com/2020/12/microsoft-says-its-systems-were-also.html

Experts believe the incident may have been far wider in scope, sophistication, and impact than previously thought.

🚨 iPhones of at least 36 journalists were hacked using a critical zero-click iMessage exploit to install NSO Group's Pegasus spyware.

Details: https://thehackernews.com/2020/12/iphones-of-36-journalists-hacked-using.html

Two critical flaws — CVSS score 10 — affect several models of Dell Wyse Thin Client devices, allowing attackers to remotely run malicious code and access arbitrary files.

Details: https://thehackernews.com/2020/12/two-critical-flaws-cvss-score-10-affect.html

CVE-2020-29491
CVE-2020-29492

Microsoft finds additional malware in #SolarWinds software, suggesting that a second hacker group may have also breached the IT company.



Read details: https://thehackernews.com/2020/12/a-second-hacker-group-may-have-also.html

International law enforcement agencies take down cybercriminals' favorite Bulletproof VPN service that was used to facilitate ransomware, web-skimming, spear-phishing, and account takeover attacks.

Read: https://thehackernews.com/2020/12/cybercriminals-favorite-bulletproof-vpn.html

A new set of critical vulnerabilities in the low-level Treck TCP/IP software library affect millions of IoT devices, allowing remote attackers to run arbitrary commands and mount denial-of-service (DoS) attacks.

Read details: https://thehackernews.com/2020/12/new-critical-flaws-in-treck-tcpip-stack.html

The FBI and Interpol have allegedly seized servers belonging to Joker's Stash, a notorious fraud bazaar known for selling compromised payment card data in underground forums.

Read: https://thehackernews.com/2020/12/law-enforcement-seizes-jokers-stash.html

North Korean Lazarus hacking group targets pharmaceutical companies and government ministries in an attempt to steal the ongoing #COVID19 vaccine research to speed up their country's vaccine development by any means available.



Read more: https://thehackernews.com/2020/12/north-korean-hackers-trying-to-steal.html

Google hackers disclose exploit for an UNPATCHED Windows vulnerability (CVE-2020-0986) that was exploited as 0-day in the wild, for which Microsoft issued an incomplete patch and then failed to patch it again under the 90-day deadline.

Read — https://thehackernews.com/2020/12/google-discloses-poorly-patched-now.html

🔥 WARNING — Hackers are abusing a weakness in Citrix NetScaler devices to launch amplified 🚀 DDoS attacks against several targets.

Read details ➤ https://thehackernews.com/2020/12/citrix-adc-ddos-attack.html

Affected Citrix customers can temporarily disable DTLS to stop the attack.

Microsoft warns of hackers attempting to target Azure cloud customers via 3rd-party partners/resellers.

https://thehackernews.com/2020/12/microsoft-warns-crowdstrike-of-hackers.html

CrowdStrike & CISA released 2 tools to help users review excessive permissions & detect compromised accounts/apps in AD or Office 365 environments.

🎄🎅🎁 Merry Christmas ! Wishing everyone a safe and happy holiday season.

In a nationwide cyber crackdown, UK police arrest 21 customers of the now-defunct 'WeLeakInfo' website who allegedly bought breached personal data for criminal activities.

Read more: https://thehackernews.com/2020/12/police-arrest-21-weleakinfo-customers.html

IMPORTANT: Patch it ASAP!

A newly spotted SolarWinds Orion API authentication bypass flaw allows remote attackers to execute commands and was likely also exploited as 0-day to install the 2nd backdoor 'SUPERNOVA.'

Details: https://thehackernews.com/2020/12/a-new-solarwinds-flaw-likely-had-let.html