Apple releases urgent updates for iOS and macOS to patch 3 new 0-day flaws actively exploited in the wild.

Attacks involve:

CVE-2021-30860 — maliciously crafted PDFs
CVE-2021-30858 — maliciously crafted web content
CVE-2021-30869 — malicious app

https://thehackernews.com/2021/09/urgent-apple-ios-and-macos-updates.html

Cisco has released security patches for three critical flaws in IOS XE network operating system, which remote attackers may exploit to run arbitrary code with administrative rights.

Read details: https://thehackernews.com/2021/09/cisco-releases-patches-3-new-critical.html

Cybersecurity experts at Google have discovered a new technique that hackers are using to trick Windows systems into bypassing malware detection—by intentionally using malformed code signatures.

Read details: https://thehackernews.com/2021/09/google-warns-of-new-way-hackers-can.html

SonicWall has released security updates to address a critical vulnerability affecting the Secure Mobile Access (SMA) 100 series appliances that allows unauthenticated attackers to remotely gain administrative access on targeted devices.

Read: https://thehackernews.com/2021/09/sonicwall-issues-patches-for-new.html

FamousSparrow, a new APT hacker group, is responsible for a series of espionage hacks against hotels around the world, as well as governments, international organizations, engineering firms, and law firms.

Read: https://thehackernews.com/2021/09/a-new-apt-hacker-group-spying-on-hotels.html

Google releases a new version (94.0.4606.61) of Chrome browser for Windows, Mac, and Linux users that includes a security patch for a newly discovered critical zero-day vulnerability that is being actively exploited.

Details: https://thehackernews.com/2021/09/urgent-chrome-update-released-to-patch.html

A new version of Jupyter infostealer malware is being distributed via MSI installer 'to become more efficient and evasive.'

Read details: https://thehackernews.com/2021/09/a-new-jupyter-malware-version-is-being.html

< FoggyWeb >

Microsoft uncovers a new backdoor deployed by the hacker behind the SolarWinds attack, that employs multiple methods to steal credentials to gain administrative access to Active Directory Federation Services servers.

Details: https://thehackernews.com/2021/09/microsoft-warns-of-foggyweb-malware.html

Researchers have discovered a new malware, dubbed BloodyStealer, which steals account data from popular #gaming stores and apps, including Bethesda, Epic Games, GOG, Origin, Steam, Telegram, and VimeWorld.

Read details: https://thehackernews.com/2021/09/new-bloodystealer-trojan-steals-gamers.html

ALERT: Opportunistic hackers are actively exploiting a recently disclosed critical vulnerability in Atlassian Confluence on Windows and Linux to install web-shells that lead to the execution of crypto miners on compromised systems.

Details: https://thehackernews.com/2021/09/atlassian-confluence-rce-flaw-abused-in.html

FinFisher surveillance malware has been updated to infect the UEFI Bootloader on Windows devices with bootkit, signaling a shift in attack vectors that allows it to evade detection and analysis.

Read details: https://thehackernews.com/2021/09/new-finspy-malware-variant-infects.html

WARNING — Two new #Android malware distributed via Google Play Store has been targeting Brazil's new PIX Instant Payment system to drain users' bank accounts.

Read details: https://thehackernews.com/2021/09/hackers-targeting-brazils-pix-payment.html

Facebook today released "Mariana Trench," a new open-source tool it has been using internally to detect and prevent security and privacy bugs in #Android and Java applications at scale.

Read details: https://thehackernews.com/2021/09/facebook-releases-new-tool-that-finds.html

Russian authorities have arrested the founder and CEO of cybersecurity company Group-IB on suspicion of treason against the state for allegedly passing on secret information to foreign intelligence services.

Read details: https://thehackernews.com/2021/09/cybersecurity-firm-group-ibs-ceo.html

The hacking group responsible for the SolarWinds cyberattack has been linked to a new backdoor targeting high-profile victims through DNS hijacking on "government zones of a CIS member state."

Details: https://thehackernews.com/2021/09/new-tomiris-backdoor-found-linked-to.html

A new unpatched vulnerability in Microsoft Azure Active Directory (AD) can be exploited by attackers to perform undetected password brute force attacks—without generating sign-in events in the targeted organization's tenant.

Read details: https://thehackernews.com/2021/09/new-azure-ad-bug-lets-hackers-brute.html

IMPORTANT — Google has released another emergency security update for the Chrome web browser, this time to fix two new zero-day vulnerabilities that are being actively exploited in the wild.

Read details: https://thehackernews.com/2021/09/update-google-chrome-asap-to-patch-2.html

ALERT!!

This new malicious campaign is spreading a fake antivirus program that claims to detect the Pegasus Spyware and pretending to be from Amnesty International but actually infecting computers with malware.

Read details: https://thehackernews.com/2021/10/beware-of-fake-amnesty-international.html

Here's a new free online tool to discover unprotected cloud storage instances.

Read more: https://thehackernews.com/2021/09/immuniweb-launches-free-cloud-security.html

Chinese spy hackers deploy new rootkit against targeted Windows 10 users working for high-profile entities in Malaysia, Thailand, Vietnam and Indonesia, in addition to outliers in Egypt, Ethiopia and Afghanistan.

Details: https://thehackernews.com/2021/10/chinese-hackers-used-new-rootkit-to-spy.html