⚡ Researchers have discovered a new UEFI firmware rootkit malware, dubbed "CosmicStrand," that Chinese hackers have been using for at least 2 years to attack targeted victims in China, Vietnam, Iran and Russia.

Details: https://thehackernews.com/2022/07/experts-uncover-new-cosmicstrand-uefi.html

Microsoft has added default protection against Remote Desktop Protocol (RDP) brute-force attacks in the latest builds for the Windows 11 operating system.

Read details: https://thehackernews.com/2022/07/microsoft-adds-default-protection.html

WARNING: Hackers exploit a new zero-day vulnerability in the PrestaShop platform to attack online shopping sites and steal their customers' payment card data.

Read: https://thehackernews.com/2022/07/hackers-exploit-prestashop-zero-day-to.html

Hackers spreading the SmokeLoader backdoor disguised as free software cracks and serial generation programs are now infecting compromised systems with the "Amadey" malware that steals information.

Read: https://thehackernews.com/2022/07/smokeloader-infecting-targeted-systems.html

Two new critical vulnerabilities, CVE-2022-34907 & CVE-2022-34906, identified in FileWave's mobile device management (MDM) system could allow remote attackers to take full control of devices managed by over 1,000 organizations.

Details: https://thehackernews.com/2022/07/critical-filewave-mdm-flaws-open.html

Cybercriminals are increasingly leveraging WebAssembly (Wasm)-coded cryptocurrency miners to make detection and analysis by conventional antivirus scanners more difficult.

Read details: https://thehackernews.com/2022/07/hackers-increasingly-using-webassembly.html

Cybersecurity researchers have reiterated similarities between the latest variant of LockBit ransomware and BlackMatter, a rebranded variant of the DarkSide ransomware strain that ceased operations in November 2021.

Read: https://thehackernews.com/2022/07/experts-find-similarities-between.html

Microsoft warns that malicious IIS extensions are becoming increasingly popular among cyber criminals as a persistent backdoor to targeted Microsoft Exchange servers.

Read details: https://thehackernews.com/2022/07/malicious-iis-extensions-gaining.html

Researchers have discovered a new infostealer malware, dubbed "DUCKTAIL," targeting individuals and organizations operating Facebook’s Business and Ads accounts.

Read details: https://thehackernews.com/2022/07/new-ducktail-infostealer-malware.html

Researchers have discovered dozens of malware-infected Android apps that have been downloaded more than 10 million times from the Google Play Store.

Read details: https://thehackernews.com/2022/07/these-28-android-apps-with-10-million.html

U.S. State Department has announced rewards of up to $10 MILLION for information that could help disrupt North Korea's cryptocurrency theft, cyber espionage, and other illicit state-sponsored activities.

Details: https://thehackernews.com/2022/07/us-offers-10-million-reward-for.html

LibreOffice has released security updates to address 3 new vulnerabilities in the productivity software for Windows, macOS and Linux systems, one of which could be exploited to execute arbitrary code on affected systems.

Read: https://thehackernews.com/2022/07/libreoffice-releases-software-security.html

Microsoft researchers caught an Austrian company exploiting multiple Windows and Adobe zero-days in highly-targeted attacks against European and Central American entities.

Read: https://thehackernews.com/2022/07/microsoft-uncover-austrian-company.html

Google has once again postponed its plans to turn off third-party cookies in the Chrome web browser from the end of 2023 to the second half of 2024.

Read details: https://thehackernews.com/2022/07/google-delays-blocking-3rd-party.html

Researchers warn that a recently discovered critical vulnerability in Atlassian Confluence (CVE-2022-26138) is currently being exploited in the wild.

Read: https://thehackernews.com/2022/07/latest-critical-atlassian-confluence.html

Spanish law enforcement authorities have arrested 2 former employees of a Nuclear Power Plant in connection with a cyberattack on the country's radioactivity alert system.

Read details: https://thehackernews.com/2022/07/spanish-police-arrest-2-nuclear-power.html

Researchers have discovered a new vulnerability (CVE-2022-30563) in Dahua IP cameras that can be exploited by remote attackers to compromise the cameras.

Read details: https://thehackernews.com/2022/07/dahua-ip-camera-vulnerability-could-let.html

Researchers warn of an increase in phishing attacks leveraging the IPFS decentralized peer-to-peer file storage network.

Read details: https://thehackernews.com/2022/07/researchers-warns-of-increase-in.html

Over a dozen Android apps distributed via Google Play Store & masquerading as productivity & utility apps—such as document scanners, VPN services & call recorders—have been caught infecting users' devices with banking #malware.

Read: https://thehackernews.com/2022/07/over-dozen-android-apps-on-google-play.html

Atlassian Confluence hard-coded credential vulnerability is now listed in the CISA Known Exploited Vulnerabilities Catalog following reports of active exploitation.

Read details: https://thehackernews.com/2022/07/cisa-warns-of-atlassian-confluence-hard.html