Researchers release technical details for the 'SynLapse' vulnerability that could have allowed an attacker to perform an RCE and gain access to another Microsoft Azure client’s cloud environment.

https://thehackernews.com/2022/06/technical-details-released-for-synlapse.html

A new, high-severity vulnerability has been discovered in the Zimbra email suite that allows unauthenticated attackers to steal users' plaintext passwords without requiring user interaction.

Read: https://thehackernews.com/2022/06/new-zimbra-email-vulnerability-could.html

< June 2022, Patch Tuesday >

Microsoft, Adobe, Citrix, Dell, Apache Projects, Cisco, Intel, AMD, SAP, Siemens, VMware and other software vendors have released security updates to address dozens of newly discovered vulnerabilities.

Read — https://thehackernews.com/2022/06/patch-tuesday-microsoft-issues-fix-for.html

Cloudflare mitigated a 26 million request/second DDoS attack — the largest HTTPS DDoS attack on record.

Read: https://thehackernews.com/2022/06/cloudflare-saw-record-breaking-ddos.html

A botnet of 5,067 devices (likely hijacked VMs & powerful servers) was involved, with each node generating ~5,200 RPS at its peak.

Researchers unveil a new class of side-channel attacks dubbed 'Hertzbleed" that affect all modern AMD and Intel processors and could allow attackers to extract cryptographic keys from remote servers that were previously considered secure.

Read: https://thehackernews.com/2022/06/new-hertzbleed-side-channel-attack.html

Researchers have discovered a new Golang-based peer-to-peer botnet malware that targets Linux servers and appears to be operated by Japanese hackers.

Read: https://t.co/zlKl1doKVE

A new strain of Android malware has been spotted in the wild, targeting online banking and cryptocurrency wallet users in Spain and Italy, and can steal credentials, cookies, and bypass multi-factor authentication codes.

Read details: https://thehackernews.com/2022/06/malibot-new-android-banking-trojan.html

Cisco releases a patch to address a critical vulnerability in the Email Security Appliance (ESA) and Secure Email and Web Manager that could be exploited by an unauthenticated, remote attacker to bypass authentication.

Read: https://thehackernews.com/2022/06/critical-flaw-in-cisco-secure-email-and.html

Researchers detail a recently reported high-severity vulnerability (CVE-2022-25845) in the Fastjson library that could potentially be exploited for remote code execution attacks.

Read: https://thehackernews.com/2022/06/high-severity-rce-vulnerability.html

Researchers warn of a potentially "dangerous feature" in Microsoft's Office 365 suite that ransomware attackers can abuse to take files stored on SharePoint or OneDrive servers hostage.

Read details: https://thehackernews.com/2022/06/a-microsoft-office-365-feature-could.html

Microsoft warns that the BlackCat ransomware crew is exploiting unpatched Exchange server vulnerabilities to gain access to targeted networks.

Read details: https://thehackernews.com/2022/06/blackcat-ransomware-gang-targeting.html

WordPress has pushed a forced automatic update for Ninja Forms, one of the most popular plugins with over a million active installations, to patch a critical vulnerability that researchers say was likely being actively exploited.

https://thehackernews.com/2022/06/over-million-wordpress-sites-forcibly.html

A Chinese hacker group exploited a critical “then-zero-day” vulnerability in Sophos's firewall to infiltrate a company in South Asia.

Read details: https://thehackernews.com/2022/06/chinese-hackers-exploited-sophos.html

Researchers have uncovered an enterprise-grade Android spyware, dubbed 'Hermit,' that is being used by the Kazakh government and entities operating within Syria and Italy to spy on targeted victims.

Details: https://thehackernews.com/2022/06/researchers-uncover-hermit-android.html

Cybercriminals are actively exploiting a recent critical flaw in Atlassian Confluence Server and Data Center products to drop cryptocurrency miners and ransomware payloads.

Read details: https://thehackernews.com/2022/06/atlassian-confluence-flaw-being-used-to.html

U.S. Law Enforcement in collaboration with other countries, took down the infrastructure of a Russian botnet called RSOCKS that used millions of hacked IoT devices, Android smartphones, and computers to act as proxies.

Read: https://thehackernews.com/2022/06/authorities-shut-down-russian-rsocks.html

Researchers have uncovered 15 new vulnerabilities in Siemens' industrial SINEC network management system that can lead to DoS attacks, credential leaks, and remote code execution attacks.

Read: https://thehackernews.com/2022/06/over-dozen-flaws-found-in-siemens.html

Cybercriminals behind BRATA have added more APT capabilities to the Android mobile malware to make their attacks on financial apps even more stealthy.

Read details: https://thehackernews.com/2022/06/brata-android-malware-gains-advanced.html

Google researchers share technical details of a vulnerability (CVE-2022-22620) in Apple Safari that was exploited in-the-wild earlier this year.

It was originally fixed in 2013 & reintroduced in 2016, leaving the flaw open for 5 years.

Read: https://thehackernews.com/2022/06/google-researchers-detail-5-year-old.html

A researcher has uncovered a new kind of NTLM relay attack, dubbed "DFSCoerce," that leverages the Distributed File System (DFS): Namespace Management Protocol (MS-DFSNM) to take control of Windows domains

Details: https://thehackernews.com/2022/06/new-ntlm-relay-attack-lets-attackers.html