Microsoft warns that malicious IIS extensions are becoming increasingly popular among cyber criminals as a persistent backdoor to targeted Microsoft Exchange servers.

Read details: https://thehackernews.com/2022/07/malicious-iis-extensions-gaining.html

Researchers have discovered a new infostealer malware, dubbed "DUCKTAIL," targeting individuals and organizations operating Facebook’s Business and Ads accounts.

Read details: https://thehackernews.com/2022/07/new-ducktail-infostealer-malware.html

Researchers have discovered dozens of malware-infected Android apps that have been downloaded more than 10 million times from the Google Play Store.

Read details: https://thehackernews.com/2022/07/these-28-android-apps-with-10-million.html

U.S. State Department has announced rewards of up to $10 MILLION for information that could help disrupt North Korea's cryptocurrency theft, cyber espionage, and other illicit state-sponsored activities.

Details: https://thehackernews.com/2022/07/us-offers-10-million-reward-for.html

LibreOffice has released security updates to address 3 new vulnerabilities in the productivity software for Windows, macOS and Linux systems, one of which could be exploited to execute arbitrary code on affected systems.

Read: https://thehackernews.com/2022/07/libreoffice-releases-software-security.html

Microsoft researchers caught an Austrian company exploiting multiple Windows and Adobe zero-days in highly-targeted attacks against European and Central American entities.

Read: https://thehackernews.com/2022/07/microsoft-uncover-austrian-company.html

Google has once again postponed its plans to turn off third-party cookies in the Chrome web browser from the end of 2023 to the second half of 2024.

Read details: https://thehackernews.com/2022/07/google-delays-blocking-3rd-party.html

Researchers warn that a recently discovered critical vulnerability in Atlassian Confluence (CVE-2022-26138) is currently being exploited in the wild.

Read: https://thehackernews.com/2022/07/latest-critical-atlassian-confluence.html

Spanish law enforcement authorities have arrested 2 former employees of a Nuclear Power Plant in connection with a cyberattack on the country's radioactivity alert system.

Read details: https://thehackernews.com/2022/07/spanish-police-arrest-2-nuclear-power.html

Researchers have discovered a new vulnerability (CVE-2022-30563) in Dahua IP cameras that can be exploited by remote attackers to compromise the cameras.

Read details: https://thehackernews.com/2022/07/dahua-ip-camera-vulnerability-could-let.html

Researchers warn of an increase in phishing attacks leveraging the IPFS decentralized peer-to-peer file storage network.

Read details: https://thehackernews.com/2022/07/researchers-warns-of-increase-in.html

Over a dozen Android apps distributed via Google Play Store & masquerading as productivity & utility apps—such as document scanners, VPN services & call recorders—have been caught infecting users' devices with banking #malware.

Read: https://thehackernews.com/2022/07/over-dozen-android-apps-on-google-play.html

Atlassian Confluence hard-coded credential vulnerability is now listed in the CISA Known Exploited Vulnerabilities Catalog following reports of active exploitation.

Read details: https://thehackernews.com/2022/07/cisa-warns-of-atlassian-confluence-hard.html

North Korean hackers have been spotted using malicious extensions for Chromium-based web browsers (Google Chrome, Microsoft Edge, and Naver's Whale) to steal email content from Gmail and AOL accounts.

Read: https://thehackernews.com/2022/07/north-korean-hackers-using-malicious.html

Microsoft finds a potential connection between the USB-based Raspberry Robin worm and a notorious Russian cybercrime group known as Evil Corp.

Read details: https://thehackernews.com/2022/07/microsoft-links-raspberry-robin-usb.html

Operators of Gootkit access-as-a-service (AaaS) malware have resurfaced with updated techniques to compromise unsuspecting victims.

Read details: https://thehackernews.com/2022/07/gootkit-loader-resurfaces-with-updated.html

A 24-year-old Australian hacker has been charged with developing and selling the "Imminent Monitor" spyware to more than 14,500 people in 128 countries, including perpetrators of domestic violence and child sex offenders.

Read: https://thehackernews.com/2022/07/australian-hacker-charged-with-creating.html

Researchers from CloudSEK found that nearly 3,200 mobile apps expose their Twitter API keys, some of which can be used to gain unauthorized access to Twitter accounts.

Read details: https://thehackernews.com/2022/08/researchers-discover-nearly-3200-mobile.html

LockBit ransomware has been observed abusing Microsoft Windows Defender tool to decrypt and load Cobalt Strike payloads on targeted computers.

Read details: https://thehackernews.com/2022/08/lockbit-ransomware-abuses-windows.html

Researchers have discovered a new "New ParseThru" parameter smuggling vulnerability affecting GoLang-based apps that can be exploited to bypass validations under certain conditions and could also be used to gain unauthorized access.

Read: https://thehackernews.com/2022/08/new-parsethru-parameter-smuggling.html