Researchers discover a new Python package distributed via the PyPI repository that drops fileless crypto-mining malware onto Linux systems.

Read details: https://thehackernews.com/2022/08/newly-uncovered-pypi-package-drops.html

Researchers discover a new variant of SOVA Android banking trojan with upgraded capabilities i.e. intercepting two-factor authentication codes, stealing cookies & data, taking screenshots, and preventing it from being removed by its victims.

https://thehackernews.com/2022/08/sova-android-banking-trojan-returns-new.html

Russian state-sponsored actors continue to attack Ukrainian entities with information-stealing malware in what appears to be a cyber espionage campaign.

Read details: https://thehackernews.com/2022/08/russian-state-hackers-continue-to.html

Microsoft has taken action to disrupt phishing attacks from SEABORGIUM, a "highly persistent threat actor" whose goals closely align with the interests of the Russian state.

Read details: https://thehackernews.com/2022/08/microsoft-warns-about-phishing-attacks.html

Researchers have developed a novel attack technique, dubbed ‘Evil PLC,’ that weaponizes PLCs to gain an initial foothold in technical workplaces and penetrate operational technology networks.

Read details: https://thehackernews.com/2022/08/new-evil-plc-attack-weaponizes-plcs-to.html

Researchers have uncovered details of the ÆPIC and SQUIP vulnerabilities in Intel and AMD processors that allow attackers to obtain encryption keys and other secret information.

Read: https://thehackernews.com/2022/08/pic-and-squip-vulnerabilities-found-in.html

North Korea-backed Lazarus Group has been observed attacking job seekers with #macOS malware that can run on Apple Macs with Intel and M1 chipsets.

Read details: https://thehackernews.com/2022/08/north-korea-hackers-spotted-targeting.html

Nearly 1.31 million users have been targeted by malicious or unwanted web browser extensions at least once during this year.

Read details: https://thehackernews.com/2022/08/malicious-browser-extensions-targeted.html

RubyGems, the official Ruby package manager, now requires popular package maintainers to use multi-factor authentication (MFA).

Read: https://thehackernews.com/2022/08/rubygems-makes-multi-factor.html

Google releases an important update for the Chrome browser for Mac, Linux, and Windows systems to patch several new vulnerabilities, including a zero-day that is being exploited for attacks.

Read details: https://thehackernews.com/2022/08/new-google-chrome-zero-day.html

Researchers have spotted a new Android dropper trojan that's currently in development, designed to bypass Google's new security mechanisms introduced with the latest Android 13.

Details: https://thehackernews.com/2022/08/cybercriminals-developing-bugdrop.html

Apple releases security updates for iOS, iPadOS, and macOS platforms to fix two new zero-day vulnerabilities that are exploited by threat actors to compromise users.

Read: https://thehackernews.com/2022/08/apple-releases-security-updates-to.html

Hackers associated with BazarLoader, TrickBot, and IcedID are increasingly using the Bumblebee malware loader in their campaigns to breach target networks for post-exploitation activities.

Read: https://thehackernews.com/2022/08/hackers-using-bumblebee-loader-to.html

Researchers confirm that Chinese APT41 hackers attacked at least 13 organizations in the U.S., Taiwan, India, Vietnam, and China during four separate campaigns in 2021.

Read details: https://thehackernews.com/2022/08/china-backed-apt41-hackers-targeted-13.html

Researchers detail DarkTortilla, an evasive crypter used by hackers to spread a broad array of commodity malware and targeted payloads such as Cobalt Strike and Metasploit, likely since 2015.

Read details: https://thehackernews.com/2022/08/researchers-detail-evasive-darktortilla.html

Researchers have discovered a new high-severity vulnerability in the Amazon Ring app for Android, allowing rogue apps to access sensitive information.

Read details: https://thehackernews.com/2022/08/new-amazon-ring-vulnerability-could.html

Google says it has fended off the largest ever HTTPS-based distributed denial of service (DDoS) attack to date, which peaked at 46 million requests per second.

Read details: https://thehackernews.com/2022/08/google-cloud-blocks-record-ddos-attack.html

An ongoing wave of malware attacks targeting hospitality, hotel, and travel organizations has been tied to a financially motivated cybercrime group.

Read details: https://thehackernews.com/2022/08/cybercrime-group-ta558-targeting.html

CISA has updated its Known Exploited Vulnerabilities Catalog with 7 new vulnerabilities based on evidence of active exploitation.

Read details: https://thehackernews.com/2022/08/cisa-adds-7-new-actively-exploited.html

CVE-2017-15944, CVE-2022-21971, CVE-2022-26923, CVE-2022-2856, CVE-2022-32893, CVE-2022-32894, CVE-2022-22536

A new Grandoreiro banking trojan campaign has been spotted targeting manufacturers in Spanish-speaking countries such as Spain and Mexico.

Read details: https://thehackernews.com/2022/08/new-grandoreiro-banking-malware.html