Hackers have begun exploiting the latest Log4j vulnerability to infect Windows computers with the Khonsari ransomware.

Read details: https://thehackernews.com/2021/12/hackers-exploit-log4j-vulnerability-to.html

URGENT: Apache Foundation has issued a new patch (CVE-2021-45046) for Log4j utility after the previous patch for the recently disclosed Log4Shell exploit (CVE-2021-44228) was deemed incomplete in certain non-default configurations.

Details: https://thehackernews.com/2021/12/second-log4j-vulnerability-cve-2021.html

Time to update your windows for the last time this year (probably!).

Microsoft releases latest Windows security updates to patch several newly discovered flaws, including a new 0-day that attackers are exploiting to spread the Emotet malware.

https://thehackernews.com/2021/12/microsoft-issues-windows-update-to.html

Researchers discovered a new malicious module for IIS servers — dubbed Owowa — that attackers are using to steal users' Microsoft Exchange credentials and gain remote code execution ability on the underlying servers.

Details: https://thehackernews.com/2021/12/hackers-using-malicious-iis-server.html

Facebook today expanded its Bug Bounty program to reward researchers for reporting bugs that could allow attackers to bypass data scraping restrictions and also for scraped databases that are available online.

Details: https://thehackernews.com/2021/12/facebook-to-pay-hackers-for-reporting.html

Attackers have started exploiting the 2nd Log4J vulnerability (CVE-2021-45046), while a third vulnerability has already been reported and its technical details are expected to be published soon.

Details + PoC for 3rd: https://thehackernews.com/2021/12/hackers-begin-exploiting-second-log4j.html

A new fileless malware targeting Russian businesses has been spotted using the Windows OS registry as both persistent and temporary storage to evade detection.

Read details: https://thehackernews.com/2021/12/new-fileless-malware-uses-windows.html

Researchers uncover coexistence attacks on Broadcom, Cypress & Silicon Labs chips installed in billions of devices that could allow Bluetooth chips to directly extract network passwords and manipulate Wi-Fi traffic.

Details: https://thehackernews.com/2021/12/researchers-uncover-new-coexistence.html

A new variant of the Phorpiex botnet malware has been discovered in the wild, targeting cryptocurrency transactions.

Read details: https://thehackernews.com/2021/12/new-phorpiex-botnet-variant-steals-half.html

Attackers behind it have already stolen nearly half a MILLION US dollars from victims.

Kaspersky researchers uncover a mass-scale spyware campaign spreading a new botnet, dubbed "PseudoManuscrypt," that has already infected over 35,000 computers this year alone.

Read details: https://thehackernews.com/2021/12/new-pseudomanuscrypt-malware-infected.html

Facebook has banned hundreds of accounts linked to 7 "cyber mercenary" companies that spied on nearly 50,000 users—including journalists, dissidents, families of political dissidents and human rights activists.

Read: https://thehackernews.com/2021/12/facebook-bans-7-cyber-mercenaries.html

Apache Issues 3rd patch update -- version 2.17.0 -- to fix a new high-severity Log4j vulnerability (CVE-2021-45105).

Read: https://thehackernews.com/2021/12/apache-issues-3rd-patch-to-fix-new-high.html

⚡Researchers discover an entirely new ATTACK VECTOR that could allow hackers to exploit critical Log4Shell vulnerability on servers locally by using a JavaScript WebSocket connection.

Read details: https://thehackernews.com/2021/12/new-local-attack-vector-expands-attack.html

Researchers have discovered a new application in the Google Play Store that contains Joker malware and has been downloaded by over 500,000 Android users.

https://thehackernews.com/2021/12/over-500000-android-users-downloaded.html

Researchers discover new vulnerabilities in the "handover procedure" of 2G, 3G, 4G and 5G mobile networks that could allow attackers to force targeted mobile phones to connect to a fake base station and eavesdrop on communications.

Read details: https://thehackernews.com/2021/12/new-mobile-network-vulnerabilities.html

Meta sues hackers behind massive phishing attacks against Facebook, WhatsApp and Instagram users, who are operating more than 39,000 fake webpages to steal their login credentials.

Read details: https://thehackernews.com/2021/12/meta-sues-hackers-behind-facebook.html

Cyber espionage hacking group 'Tropic Trooper', equipped with new tools and techniques, is targeting transportation companies and government agencies related to transportation.

Read: https://thehackernews.com/2021/12/tropic-trooper-cyber-espionage-hackers.html

Microsoft warns that two recently reported vulnerabilities — tracked as CVE-2021-42278 and CVE-2021-42287 — in Active Directory could be exploited by attackers to take over unpatched Windows domain controllers.

Details: https://thehackernews.com/2021/12/active-directory-bugs-could-let-hackers.html

Watch Out!

Hackers are leveraging a new exploit in malware attacks to bypass security patches for a critical RCE vulnerability affecting Microsoft MSHTML, a web page rendering engine in Office documents.

Read details: https://thehackernews.com/2021/12/new-exploit-lets-malware-attackers.html

⚡ China has suspended its partnership with Alibaba Cloud Services — whose researcher discovered the critical Log4j vulnerability — because the company did not first report this flaw to the government as required by the country's new law.

Read: https://thehackernews.com/2021/12/china-suspends-deal-with-alibaba-for.html