Several poorly configured Apache Airflow instances of companies across various industries exposing their credentials for popular services such as cloud hosting providers, payment processing, and social media platforms.

Read — https://thehackernews.com/2021/10/poorly-configured-apache-airflow.html

LANTENNA Attack!

Researchers demonstrate a new mechanism for exfiltrating data from air-gapped systems—using Ethernet cables to generate wireless radio signals.

Read: https://thehackernews.com/2021/10/creating-wireless-signals-with-ethernet.html

Ukrainian authorities arrest hackers who attacked more than 100 companies in Europe and North America with ransomware malware.

Details: https://thehackernews.com/2021/10/ransomware-hackers-who-attacked-over.html

Chinese cyberespionage group APT41 has been linked to a series of seemingly disparate #malware campaigns in which phishing attacks were disguised as coming from Indian government entities.

Read details — https://thehackernews.com/2021/10/new-study-links-seemingly-disparate.html

Apache has issued urgent security patches to address 2 new security vulnerabilities—including a zero-day path traversal and file disclosure flaw (CVE-2021-41773) in HTTP servers that it said is being actively exploited in the wild.

Details: https://thehackernews.com/2021/10/apache-warns-of-zero-day-exploit-in.html

Researchers have found a previously unknown UEFI bootkit malware — dubbed "ESPecter" — that cyberespionage hackers have been using to backdoor Windows operating systems at least since 2012.

Read details: https://thehackernews.com/2021/10/researchers-discover-uefi-bootkit.html

Multiple critical vulnerabilities have been discovered in Honeywell Experion PKS and ACE Controllers that could be exploited for RCE and DoS attacks on critical processes.

https://thehackernews.com/2021/10/multiple-critical-flaws-discovered-in.html

CVE-2021-38397 (CVSS 10)
TypeCVE-2021-38395 (CVSS 9.1)
CVE-2021-38399 (CVSS 7.5)

Google will automatically enroll around 150 million users in its two-factor authentication scheme by the end of the year as part of its ongoing efforts to prevent unauthorized access to accounts and improve security.

Read details: https://thehackernews.com/2021/10/google-to-turns-on-2-factor.html

Researchers have discovered a new cyberespionage campaign targeting the aerospace and telecommunications industries, in which attackers are using Dropbox to send commands to RAT malware and store stolen data.

Read: https://thehackernews.com/2021/10/iranian-hackers-abuse-dropbox-in.html

Twitch, the popular live streaming site, has suffered a large 125GB data and source code leak as a result of a server configuration issue "that was subsequently accessed by a malicious third party."

Read details: https://thehackernews.com/2021/10/twitch-suffers-massive-125gb-data-and.html

Apple to require all third-party iOS, iPadOS and macOS app developers to mandatorily make it easy for users to delete their accounts.

Details: https://thehackernews.com/2021/10/apple-requires-devs-to-make-it-easy-for.html

U.S. Department of Justice announces a new Civil Cyber-Fraud Initiative aimed at holding government contractors accountable for #cybersecurity.

Read: https://thehackernews.com/2021/10/us-justice-dept-launches-civil-cyber.html

In addition, FCC has established new rules to prevent SIM swapping scams and port-out fraud.

A high-severity code injection #vulnerability (CVE-2021-38305) has been discovered in 23andMe's Yamale, a schema and validator for YAML used by at least 224 repositories on GitHub.

Read: https://thehackernews.com/2021/10/code-execution-bug-affects-yamale.html

A new urgent Apache patch update has been released for the actively exploited Path Traversal issue (CVE-2021-41773), which has now been identified as a critical remote code execution #vulnerability.

Details: https://thehackernews.com/2021/10/new-patch-released-for-actively.html

Researchers have detailed a new campaign targeting entities in Southeast Asia using FontOnLake, a previously unknown Linux rootkit malware that allows its operators remote access, collects credentials, and acts as a proxy server.

https://thehackernews.com/2021/10/researchers-warn-of-fontonlake-rootkit.html

Russian-language ransomware attack group FIN12 is increasingly targeting healthcare organizations.

Read details: https://thehackernews.com/2021/10/ransomware-group-fin12-aggressively.html

A prominent Togolese human rights defender has been targeted by a threat actor known for striking victims in South Asia with mobile spyware developed in India.

Read details: https://thehackernews.com/2021/10/indian-made-mobile-spyware-targeted.html

Apple has released urgent iOS 15.0.2 and iPadOS 15.0.2 updates to address a new critical 0-day vulnerability (CVE-2021-30883) that is being actively exploited in the wild.

Read details: https://thehackernews.com/2021/10/apple-releases-urgent-iphone-and-ipad.html

Ukrainian authorities arrest a hacker responsible for creating and managing a "powerful botnet" consisting of over 100,000 enslaved devices used for DDoS and spam attacks on behalf of paying customers.

Read details: https://thehackernews.com/2021/10/ukraine-arrests-operator-of-ddos-botnet.html

An Iran-linked hacking group has been conducting extensive password-spraying attacks on more than 250 Office 365 tenants, targeting the US, Israeli defense firms.

https://thehackernews.com/2021/10/microsoft-warns-of-iran-linked-hackers.html

According to Microsoft, nearly 20 of the targeted tenants were compromised successfully.

Microsoft Azure's cloud platform was hit by a record 2.4 Tbps DDoS attack targeting an unnamed customer in Europe.

Read details: https://thehackernews.com/2021/10/microsoft-fended-off-record-24-tbps.html