Researchers discover new IoT RapperBot malware capable of brute-forcing SSH credentials to compromise Linux servers.

Read details: https://thehackernews.com/2022/08/new-iot-rapperbot-malware-targeting.html

Meta said it took action against two espionage operations in South Asia that used the Facebook platform to spread malware to potential targets.

Read details: https://thehackernews.com/2022/08/meta-cracks-down-on-cyber-espionage.html

A sophisticated scam-as-a-service scheme known as "Classiscam" is now targeting Singapore.

Read details: https://t.co/OIhdnnMgTh

A new botnet named Orchard has been observed using Bitcoin creator Satoshi Nakamoto's account transaction information to generate domain names to conceal its command-and-control (C2) infrastructure.

Details: https://t.co/hZ3swtxAX3

Researchers have discovered 10 new malicious Python packages distributed via the Python Package Index (PyPI) to harvest critical data points, such as users' passwords and API tokens.

Read details: https://thehackernews.com/2022/08/10-credential-stealing-python-libraries.html

Researchers have detected a wave of targeted cyberattacks on military-industrial complex enterprises and public institutions in several Eastern European countries and Afghanistan.

Read details: https://thehackernews.com/2022/08/chinese-hackers-targeted-dozens-of.html

The U.S. Treasury sanctions virtual currency mixer Tornado Cash, citing its involvement with North Korea's Lazarus Group's high-profile hacking of Ethereum bridges to launder and cash out ill-gotten gains.

Details: https://thehackernews.com/2022/08/us-sanctions-virtual-currency-mixer.html

Customer engagement platform Twilio suffered a data breach after hackers gained "unauthorised access" by tricking some employees into providing their credentials via SMS-based phishing campaigns.

Read details: https://thehackernews.com/2022/08/twilio-suffers-data-breach-after.html

Patch Tuesday, August 2022 — Microsoft releases security updates to address 121 newly reported vulnerabilities, including a zero-day (CVE-2022-34713) bug that the company says is being actively exploited.

Read details: https://thehackernews.com/2022/08/microsoft-issues-patches-for-121-flaws.html

CISA added a recently disclosed security flaw in UnRAR for Linux to its Known Exploited Vulnerabilities Catalog after receiving evidence of active attacks.

Read details: https://thehackernews.com/2022/08/cisa-issues-warning-on-active.html

At least 76 Cloudflare employees and their families were also targeted by hackers behind the recent Twilio security breach.

Read details: https://thehackernews.com/2022/08/hackers-behind-twilio-breach-also_10.html

Researchers detail the Maui ransomware attacks carried out by North Korean government-backed hackers.

Read details: https://thehackernews.com/2022/08/experts-uncover-details-on-maui.html

A former Twitter employee has been convicted of spying on the private information of Twitter users for Saudi Arabia.

Read details: https://thehackernews.com/2022/08/former-twitter-employee-found-guilty-of.html

GitHub now sends Dependabot alerts for vulnerable GitHub Actions to help developers fix security issues in CI/CD workflows.

Read details: https://thehackernews.com/2022/08/github-dependabot-now-alerts-developers.html

Researchers have disclosed multiple severe security vulnerabilities in the Device42 asset management platform that could allow hackers to take control of affected systems.

Read details: https://thehackernews.com/2022/08/critical-flaws-disclosed-in-device42-it.html

Hackers behind the Cuba ransomware attacks are using a new remote access trojan called ROMCOM RAT on compromised systems.

Read details: https://thehackernews.com/2022/08/hackers-behind-cuba-ransomware-attacks.html

Cisco confirmed that it was hacked by the Yanluowang ransomware gang after the hackers gained access to an employee's personal Google account, which contained all the credentials synced by the victim's browser.

Read: https://thehackernews.com/2022/08/cisco-confirms-its-been-hacked-by.html

A trio of offshoots of Conti cybercrime gang have resorted to "BazarCall" phishing attacks as an initial entry point.

Read details: https://thehackernews.com/2022/08/conti-cybercrime-cartel-using-bazarcall.html

Researchers warn of mass exploitation of the RCE vulnerability in Zimbra (CVE-2022-27925 and CVE-2022-37042), which allows attackers to gain unauthenticated remote code execution on targeted email servers.

Read details: https://thehackernews.com/2022/08/researchers-warn-of-ongoing-mass.html

Cisco releases patches for a high-severity vulnerability affecting ASA and Firepower solutions that could allow an unauthenticated, remote attacker to retrieve an RSA private key.

Read details: https://thehackernews.com/2022/08/cisco-patches-high-severity.html