Google researchers share technical details of a vulnerability (CVE-2022-22620) in Apple Safari that was exploited in-the-wild earlier this year.

It was originally fixed in 2013 & reintroduced in 2016, leaving the flaw open for 5 years.

Read: https://thehackernews.com/2022/06/google-researchers-detail-5-year-old.html

A researcher has uncovered a new kind of NTLM relay attack, dubbed "DFSCoerce," that leverages the Distributed File System (DFS): Namespace Management Protocol (MS-DFSNM) to take control of Windows domains

Details: https://thehackernews.com/2022/06/new-ntlm-relay-attack-lets-attackers.html

Paige Thompson, 36, a former Amazon software engineer, has been found guilty of wire fraud and computer intrusion for her role in stealing the personal information of more than 100 million Capital One customers.

Read: https://thehackernews.com/2022/06/former-amazon-employee-found-guilty-in.html

Researchers uncover a set of 56 vulnerabilities affecting devices from 10 operational technology vendors (OT) — widely used in industries such as oil and gas, chemical, nuclear, power generation and distribution and building automation.

Read: https://thehackernews.com/2022/06/researchers-disclose-56-vulnerabilities.html

ToddyCat, a new APT hacker group, has been observed attacking MS Exchange servers belonging to high-profile organizations in Europe and Asia.

Read details: https://thehackernews.com/2022/06/new-toddycat-hacker-group-on-experts.html

RIG Exploit Kit replaces the Raccoon stealer trojan with Dridex financial malware after one of its developers was killed in the Russian-Ukrainian war.

Read details: https://thehackernews.com/2022/06/rig-exploit-kit-now-infects-victims-pcs.html

Europol dismantled an organized cybercrime group engaged in phishing, fraud, scams, and money laundering activities.

Details: https://thehackernews.com/2022/06/europol-busts-phishing-gang-responsible.html

A newly discovered Magecart attack has been linked to the infrastructure of an ongoing skimming campaign.

Read: https://thehackernews.com/2022/06/newly-discovered-magecart.html

Ukrainian CERT has warned of a new series of Russian cyberattacks exploiting the "Follina" vulnerability in the Windows operating system to deploy password-stealing malware.

Read details: https://thehackernews.com/2022/06/russian-hackers-exploiting-microsoft.html

Researchers demonstrate 5 cryptographic attacks to break the encryption of the cloud storage service "MEGA," allowing compromise of user confidentiality.

https://thehackernews.com/2022/06/researchers-uncover-ways-to-break.html

—RSA Key Recovery
—Plaintext Recovery
—Framing Attack
—Integrity Attack
—GaP-Bleichenbacher Attack

A critical PHP vulnerability leaves QNAP's network attached storage (NAS) devices vulnerable to remote attackers, allowing them to execute malicious code on the affected systems.

Read details: https://thehackernews.com/2022/06/critical-php-vulnerability-exposes-qnap.html

Tropic Trooper Chinese hacker group has been spotted using a new malware coded in the Nim programming language, and distributed hidden inside an "SMS bomber" tool.

Read details: https://thehackernews.com/2022/06/chinese-hackers-distributing-sms-bomber.html

Israeli surveillanceware vendor NSO Group admitted to the European Union lawmakers that its Pegasus spyware tool was used by at least 5 countries in the region.

Read: https://thehackernews.com/2022/06/nso-confirms-pegasus-spyware-used-by-at.html

CISA and the Coast Guard have issued a joint advisory warning of ongoing attempts by hackers to exploit the Log4Shell vulnerability in VMware Horizon servers to steal sensitive data from targeted networks.

Read: https://thehackernews.com/2022/06/log4shell-still-being-exploited-to-hack.html

Chinese state-sponsored hackers are using ransomware as a ruse to carry out cyberespionage attacks and hide their true intentions.

Read details: https://thehackernews.com/2022/06/state-backed-hackers-using-ransomware.html

Researchers are warning of a new malware tool available on cybercrime forums that allows cybercriminals to easily create malicious Windows shortcut (.LNK) files.

Read details: https://thehackernews.com/2022/06/new-quantum-builder-lets-attackers.html

Researchers have identified multiple malicious Python packages designed to steal AWS credentials and environment variables.

https://thehackernews.com/2022/06/multiple-backdoored-python-libraries.html

What is more worrying is that they upload sensitive, stolen data to a publicly accessible server.

Google believes that ISPs may have helped attackers infect the Android and iPhone smartphones of high-profile victims with "Hermit" spyware.

Read details: https://thehackernews.com/2022/06/google-says-isps-helped-attackers.html

Researchers reveal that ransomware hackers used a zero-day vulnerability in Mitel VoIP appliances as an entry point to infiltrate an undisclosed company.

Read details: https://thehackernews.com/2022/06/hackers-exploit-mitel-voip-zero-day-bug.html

Researchers warn of a new malware campaign driven by "Matanbuchus," a malware-as-a-service (Maas) that spreads via phishing campaigns and drops the Cobalt Strike post-exploitation framework on targeted machines.

Read: https://thehackernews.com/2022/06/researchers-warn-of-matanbuchus-malware.html

If you're using Google Analytics, you're likely breaking EU data protection laws.

Following in the footsteps of Austria and France, the Italian watchdog has also found that the use of Google Analytics to be non-compliant with EU regulations.

https://thehackernews.com/2022/06/italy-data-protection-authority-warns.html