Uber is investigating a new breach of its network after a hacker appears to have compromised an employee's Slack account and accessed other internal systems.

Read: https://thehackernews.com/2022/09/uber-says-its-investigating-potential.html

Researchers have uncovered two separate malicious cryptocurrency mining campaigns; one exploiting Oracle WebLogic to control vulnerable servers, while the other targets misconfigured Docker containers.

Read: https://thehackernews.com/2022/09/hackers-targeting-weblogic-servers-and.html

North Korean hackers have been found leveraging a "novel spear-phish method" that involves making use of trojanized versions of the PuTTY SSH and Telnet client.

Read: https://thehackernews.com/2022/09/north-korean-hackers-spreading.html

New connections between two widely used pay-per-install (PPI) malware distribution services have been discovered, revealing that PrivateLoader is the proprietary loader for Ruzki's PPI service.

Read: https://thehackernews.com/2022/09/researchers-find-link-bw-privateloader.html

A recent breach at password management solution LastPass gave hackers access to the company's systems for a 4-days, but "there is no evidence that customer data or encrypted password vaults were accessed."

Read: https://thehackernews.com/2022/09/hackers-had-access-to-lastpasss.html

Uber claims to have found "no evidence" that users' private data was compromised in the recent breach, but screenshots and information from other sources suggest there may be more to this story.

Read: https://thehackernews.com/2022/09/uber-claims-no-sensitive-data-exposed.html

Microsoft warns of an ongoing large-scale CLICK fraud campaign targeting gamers by secretly installing browser extensions on compromised systems.

Read: https://thehackernews.com/2022/09/microsoft-warns-of-large-scale-click.html

Bitdefender has released a free decryptor for LockerGoga ransomware in collaboration with Europol and Zurich law enforcement.

Read: https://thehackernews.com/2022/09/europol-and-bitdefender-release-free.html

After Conti group officially withdrew from the threat landscape, ransomware-as-a-service groups such as Quantum and BlackCat have recently been spotted using the Emotet botnet to expand their reach.

Read: https://thehackernews.com/2022/09/emotet-botnet-started-distributing.html

American video game publisher Rockstar Games has confirmed that a hacker illegally downloaded early footage of Grand Theft Auto VI.

Read: https://thehackernews.com/2022/09/rockstar-games-confirms-hacker-stole.html

Uber says the hacker responsible for the latest security breach is linked to the Lapsus$ extortion group.

Read: https://thehackernews.com/2022/09/uber-blames-lapsus-hacking-group-for.html

Researchers have discovered a threat cluster associated with Sandworm that continues to attack Ukraine with off-the-shelf #malware masquerading as telecommunications providers.

Read: https://thehackernews.com/2022/09/russian-sandworm-hackers-impersonate.html

CISA and Claroty researchers warn of newly identified critical remotely exploitable vulnerabilities in Dataprobe's popular iBoot-PDU power distribution unit product, mostly used in industrial environments and data centers.

Read: https://thehackernews.com/2022/09/critical-remote-hack-flaws-found-in.html

Researchers recorded a massive DDoS attack involving more than 25.3 billion requests from nearly 170,000 IPs that included routers, security cameras and compromised servers in more than 180 countries, including the U.S., Indonesia and Brazil.

https://thehackernews.com/2022/09/record-ddos-attack-with-253-billion.html

U.S. Federal Communications Commission (FCC) has added two more Chinese telecommunication companies, ComNet & China Unicom, to its list of communications equipment and services deemed a threat to national security.

Read: https://thehackernews.com/2022/09/us-adds-2-more-chinese-telecom-firms-to.html

Hackers stole $160 million worth of digital assets from crypto trading platform Wintermute.

Read: https://thehackernews.com/2022/09/crypto-trading-firm-wintermute-loses.html

Researchers found over 39,000 unauthenticated Redis database instances exposed on the Internet, nearly 50% of which showed signs of attempted compromise.

Read: https://thehackernews.com/2022/09/over-39000-unauthenticated-redis.html

Hackers are actively exploiting an unauthenticated RCE vulnerability (CVE-2022-26134) in unpatched Atlassian Confluence servers to deploy cryptocurrency mining malware.

Read: https://thehackernews.com/2022/09/hackers-targeting-unpatched-atlassian.html

A 15-year-old unpatched Python vulnerability potentially affects as many as 350,000 open-source projects, leaving them vulnerable to code execution attacks.

Read: https://thehackernews.com/2022/09/15-year-old-unpatched-python.html

Researchers have uncovered a new vulnerability in Oracle Cloud Infrastructure (OCI) that could be exploited by users to access the virtual disks of other Oracle customers.

Read: https://thehackernews.com/2022/09/researchers-disclose-critical.html

A malicious NPM package masquerading as Material Tailwind has been discovered, indicating that threat actors are attempting to distribute malicious code via open source software repositories.

Read: https://thehackernews.com/2022/09/malicious-npm-package-caught-mimicking.html