SolarWinds issues a second hotfix for Orion Platform that replaces the compromised component introduced during the recent supply chain attack and provides several additional security enhancements.

Read: https://thehackernews.com/2020/12/solarwinds-issues-second-hotfix-for.html

High-profile ransomware campaigns have been spotted using an upgrade version of SystemBC malware that now comes with a Tor proxy and remote control tool.

Read details: https://thehackernews.com/2020/12/ransomware-attackers-using-systembc.html

A set of new 5G network vulnerabilities could let attackers track users' cellphone locations, steal subscriber data, impersonate users, cause a denial of service, and cut user access to the web.

Read more: https://thehackernews.com/2020/12/new-5g-network-flaws-let-attackers.html

BREAKING 🔥

New evidence suggests SolarWinds hackers likely compromised the software build infrastructure of Orion platform & added malicious code, which was then eventually delivered within new updates that the company compiled, signed, and delivered.

https://thehackernews.com/2020/12/new-evidence-suggests-solarwinds.html

WATCH OUT! In a newly spotted SUPPLY-CHAIN attack, attackers compromised the Vietnam Government Certification Authority server and distributed a BACKDOORED version of the digital signature toolkit to install PhantomNet malware.

Read details: https://thehackernews.com/2020/12/software-supply-chain-attack-hits.html

Microsoft says its systems were also BREACHED in the recent SolarWinds cyberattack.

Read details: https://thehackernews.com/2020/12/microsoft-says-its-systems-were-also.html

Experts believe the incident may have been far wider in scope, sophistication, and impact than previously thought.

🚨 iPhones of at least 36 journalists were hacked using a critical zero-click iMessage exploit to install NSO Group's Pegasus spyware.

Details: https://thehackernews.com/2020/12/iphones-of-36-journalists-hacked-using.html

Two critical flaws — CVSS score 10 — affect several models of Dell Wyse Thin Client devices, allowing attackers to remotely run malicious code and access arbitrary files.

Details: https://thehackernews.com/2020/12/two-critical-flaws-cvss-score-10-affect.html

CVE-2020-29491
CVE-2020-29492

Microsoft finds additional malware in #SolarWinds software, suggesting that a second hacker group may have also breached the IT company.



Read details: https://thehackernews.com/2020/12/a-second-hacker-group-may-have-also.html

International law enforcement agencies take down cybercriminals' favorite Bulletproof VPN service that was used to facilitate ransomware, web-skimming, spear-phishing, and account takeover attacks.

Read: https://thehackernews.com/2020/12/cybercriminals-favorite-bulletproof-vpn.html

A new set of critical vulnerabilities in the low-level Treck TCP/IP software library affect millions of IoT devices, allowing remote attackers to run arbitrary commands and mount denial-of-service (DoS) attacks.

Read details: https://thehackernews.com/2020/12/new-critical-flaws-in-treck-tcpip-stack.html

The FBI and Interpol have allegedly seized servers belonging to Joker's Stash, a notorious fraud bazaar known for selling compromised payment card data in underground forums.

Read: https://thehackernews.com/2020/12/law-enforcement-seizes-jokers-stash.html

North Korean Lazarus hacking group targets pharmaceutical companies and government ministries in an attempt to steal the ongoing #COVID19 vaccine research to speed up their country's vaccine development by any means available.



Read more: https://thehackernews.com/2020/12/north-korean-hackers-trying-to-steal.html

Google hackers disclose exploit for an UNPATCHED Windows vulnerability (CVE-2020-0986) that was exploited as 0-day in the wild, for which Microsoft issued an incomplete patch and then failed to patch it again under the 90-day deadline.

Read — https://thehackernews.com/2020/12/google-discloses-poorly-patched-now.html

🔥 WARNING — Hackers are abusing a weakness in Citrix NetScaler devices to launch amplified 🚀 DDoS attacks against several targets.

Read details ➤ https://thehackernews.com/2020/12/citrix-adc-ddos-attack.html

Affected Citrix customers can temporarily disable DTLS to stop the attack.

Microsoft warns of hackers attempting to target Azure cloud customers via 3rd-party partners/resellers.

https://thehackernews.com/2020/12/microsoft-warns-crowdstrike-of-hackers.html

CrowdStrike & CISA released 2 tools to help users review excessive permissions & detect compromised accounts/apps in AD or Office 365 environments.

🎄🎅🎁 Merry Christmas ! Wishing everyone a safe and happy holiday season.

In a nationwide cyber crackdown, UK police arrest 21 customers of the now-defunct 'WeLeakInfo' website who allegedly bought breached personal data for criminal activities.

Read more: https://thehackernews.com/2020/12/police-arrest-21-weleakinfo-customers.html

IMPORTANT: Patch it ASAP!

A newly spotted SolarWinds Orion API authentication bypass flaw allows remote attackers to execute commands and was likely also exploited as 0-day to install the 2nd backdoor 'SUPERNOVA.'

Details: https://thehackernews.com/2020/12/a-new-solarwinds-flaw-likely-had-let.html

Watch Out! Hackers are distributing a new credential stealer malware written in AutoHotkey (AHK) scripting language that aims to steal passwords from customers of financial institutions in the US and Canada, as well as for India's ICICI Bank.

https://thehackernews.com/2020/12/autohotkey-based-password-stealer.html