Researchers have uncovered “Symbiote,” what they call a "nearly-impossible-to-detect" Linux malware that’s targeting the financial sector in Latin America.

Read details: https://thehackernews.com/2022/06/symbiote-stealthy-linux-malware.html

Researchers propose a new privacy-focused framework for IoT devices — dubbed "Peekaboo" — that gives users control over what data can be processed and shared with external servers.

Read details: https://thehackernews.com/2022/06/new-privacy-framework-for-iot-devices.html

Experts disclose critical flaws in Carrier's LenelS2 HID Mercury access control system—widely used in healthcare, education and government facilities—which could allow attackers to remotely unlock and lock doors and modify user accounts.

https://thehackernews.com/2022/06/researchers-disclose-critical-flaws-in.html

Researchers say cybercriminals use spoofed emails and fake login pages to impersonate popular cryptocurrency platforms such as Binance, Celo, and Trust Wallet, in order to steal login details and deceptively transfer virtual funds.

Read: https://thehackernews.com/2022/06/researchers-detail-how-cyber-criminals.html

A new study has shown for the first time that the Bluetooth signals constantly emitted by our smartphones have a unique fingerprint that can be used to fingerprint and track individuals' movements.

Details: https://thehackernews.com/2022/06/researchers-find-bluetooth-signals-can.html

MIT researchers demonstrated multiple PoC attacks for a novel hardware attack method, dubbed PACMAN, that targets Apple's M1 processor chipsets and potentially allows attackers to execute arbitrary code on targeted systems.

https://thehackernews.com/2022/06/mit-researchers-discover-new-flaw-in.html

Lyceum group of Iranian state-sponsored hackers has recently been spotted using a new custom .NET-based DNS backdoor in its recent campaigns targeting the Middle East.

Read details: https://thehackernews.com/2022/06/iranian-hackers-spotted-using-new-dns.html

New variants of Hello XD ransomware now install a secret backdoor on targeted Windows and Linux systems to gain persistent remote access as part of its double extortion scheme.

Read details: https://thehackernews.com/2022/06/hello-xd-ransomware-installing-backdoor.html

Researchers have disclosed details of two new flaws (CVE-2022-29854 and CVE-2022-29855) in Mitel desk phones that could allow an attacker to gain root permissions.

Read: https://thehackernews.com/2022/06/researchers-disclose-rooting-backdoor.html

Chinese APT hackers known as "Gallium" have been spotted using a new remote access trojan, dubbed "PingPull," in their espionage attacks on companies in Southeast Asia, Europe & Africa.

Read details: https://thehackernews.com/2022/06/chinese-gallium-hackers-using-new.html

Chinese-speaking, technically sophisticated, "SeaFlower" threat actors are targeting cryptocurrency users with backdoored versions of Web3 wallets for Android and #iOS devices in an effort to steal their funds.

Read: https://thehackernews.com/2022/06/chinese-hackers-distribute-backdoored.html

Quick and Simple: BPFDoor Explained

Read: https://thehackernews.com/2022/06/quick-and-simple-bpfdoor-explained.html

Researchers detail the workings of a fully-featured malware loader dubbed "PureCrypter," which is purchased by cybercriminals to spread a variety of remote access trojans and information stealers.

Read: https://thehackernews.com/2022/06/researchers-detail-purecrypter-loader.html

A new covert Linux kernel rootkit called "Syslogk" has been discovered in the wild that allows attackers to remotely command the malware using "magic network packets."

Read details: https://thehackernews.com/2022/06/new-syslogk-linux-rootkit-lets.html

An unpatched security bug in Travis CI API has left thousands of developers' tokens exposed to potential attacks, effectively allowing attackers to breach cloud infrastructures, make unauthorized code changes, and launch supply-chain attacks.

https://thehackernews.com/2022/06/unpatched-travis-ci-api-bug-exposes.html

Researchers release technical details for the 'SynLapse' vulnerability that could have allowed an attacker to perform an RCE and gain access to another Microsoft Azure client’s cloud environment.

https://thehackernews.com/2022/06/technical-details-released-for-synlapse.html

A new, high-severity vulnerability has been discovered in the Zimbra email suite that allows unauthenticated attackers to steal users' plaintext passwords without requiring user interaction.

Read: https://thehackernews.com/2022/06/new-zimbra-email-vulnerability-could.html

< June 2022, Patch Tuesday >

Microsoft, Adobe, Citrix, Dell, Apache Projects, Cisco, Intel, AMD, SAP, Siemens, VMware and other software vendors have released security updates to address dozens of newly discovered vulnerabilities.

Read — https://thehackernews.com/2022/06/patch-tuesday-microsoft-issues-fix-for.html

Cloudflare mitigated a 26 million request/second DDoS attack — the largest HTTPS DDoS attack on record.

Read: https://thehackernews.com/2022/06/cloudflare-saw-record-breaking-ddos.html

A botnet of 5,067 devices (likely hijacked VMs & powerful servers) was involved, with each node generating ~5,200 RPS at its peak.

Researchers unveil a new class of side-channel attacks dubbed 'Hertzbleed" that affect all modern AMD and Intel processors and could allow attackers to extract cryptographic keys from remote servers that were previously considered secure.

Read: https://thehackernews.com/2022/06/new-hertzbleed-side-channel-attack.html

Researchers have discovered a new Golang-based peer-to-peer botnet malware that targets Linux servers and appears to be operated by Japanese hackers.

Read: https://t.co/zlKl1doKVE