German police raided 15 residential and business premises linked to commercial spyware company FinFisher over illegally exporting the software abroad without proper authorization.

Details — https://thehackernews.com/2020/10/finfisher-spyware-raid.html

US Government has charged 6 Russian intelligence officers for carrying out destructive malware attacks—including BlackEnergy, Industroyer, KillDisk, NotPetya, and Olympic Destroyer.

Read more: https://thehackernews.com/2020/10/russian-hackers.html

A Windows-based remote access Trojan believed to be designed by #Pakistani hacker groups to infiltrate computers and steal users' data has resurfaced after a two-year span with retooled capabilities to target #Android and #macOS devices.

https://thehackernews.com/2020/10/windows-gravityrat-malware-now-also.html

Multiple popular mobile browsers found vulnerable to address bar spoofing flaws, leaving doors open for spear-phishing and malware attacks.

Details: https://thehackernews.com/2020/10/browser-address-spoofing-vulnerability.html

✅ Apple Safari (macOS & iOS)
✅ Opera Touch
✅ UCWeb
✅ Yandex Browser
✅ Bolt Browser
✅ RITS Browser

WARNING: New Chrome 0-day Under Active Attacks; Update Your Web Browser for Windows, Linux & Mac NOW!!!

Details: https://thehackernews.com/2020/10/chrome-zeroday-attacks.html

Microsoft, in collaboration with MITRE, IBM, NVIDIA, and Bosch, has released — Adversarial ML Threat Matrix Framework — to help security analysts detect, respond to, and remediate adversarial attacks against machine learning (ML) systems.

Details: https://thehackernews.com/2020/10/adversarial-ml-threat-matrix.html

Security Researchers Warn of Security and Privacy Risks Caused by Link Preview Feature in Popular Messaging Apps

https://thehackernews.com/2020/10/mobile-messaging-apps.html

Google removes 21 newly spotted malicious Android apps from Play Store.

List in the story; check if your smartphone has been infected — https://thehackernews.com/2020/10/google-android-malwar.html

Despite recent efforts to takedown TrickBot malware, some of its new variants are actively targeting Linux users.

Read details: https://thehackernews.com/2020/10/trickbot-linux-variants-active-in-wild.html

FBI, Homeland Security, and HHS warn of an "imminent" increase in ransomware and other cyberattacks against hospitals and healthcare providers.

Read details: https://thehackernews.com/2020/10/ransomware-attack-hospital.html

KashmirBlack botnet hijacks hundreds of thousands of websites running on popular CMS platforms, including WordPress, Joomla!, PrestaShop, Magneto, Drupal, Vbulletin, OsCommerence, OpenCart, and Yeager.

Read details of the campaign here: https://thehackernews.com/2020/10/kashmirblack-botnet-hijacks-thousands.html

Attackers exploit Chrome and IE browsers flaws to install two new backdoor malware on targeted computers by tricking Korean victims into visiting some sites.

Read details: https://thehackernews.com/2020/10/browser-exploit-backdoor.html

WATCH OUT! Google disclosed details of a new zero-day flaw (CVE-2020-17087) in the Windows operating system that's being actively exploited in the wild.

Details: https://thehackernews.com/2020/11/warning-google-discloses-windows-zero.html

🔥 NAT Slipstreaming — A new technique allows attackers to bypass NAT/firewall protection and remotely access any TCP/UDP service on targeted systems just by tricking victims into visiting a website.

Read Details: https://thehackernews.com/2020/11/new-natfirewall-bypass-attack-lets.html

Another Chrome Browser 0-Day Found Being Exploited in the Wild.

https://thehackernews.com/2020/11/new-chrome-zero-day-under-active.html

Update Your #Google Chrome to Version 86.0.4240.183 for Windows, Mac, and Linux Systems.

Researchers uncover 'KGH_SPY,' a new spyware module North Korean hacking group added to its Kimsuky malware to make it more powerful against espionage targets.

Read details: https://thehackernews.com/2020/11/new-kimsuky-module-makes-north-korean.html

NEW: Gaza & Egypt-based hackers hijacked VoIP servers of over 1200 companies (across 60 countries) to profit from premium rate phone numbers.

Read details: https://thehackernews.com/2020/11/premium-rate-phone-fraudsters-hack-voip.html

Uncovered — North Korean hackers implanted a previously undiscovered #spyware, dubbed 'Torisma,' on the victims' systems compromised during JOB OFFERS-based attacks.

Read details: https://thehackernews.com/2020/11/north-korean-hackers-used-torisma.html

WARNING: Update your iOS devices now!

Apple releases emergency iOS update to patch 3 actively exploited 0-day vulnerabilities.

Read details: https://thehackernews.com/2020/11/update-your-ios-devices-now-3-actively.html

✅ CVE-2020-27930
✅ CVE-2020-27932
✅ CVE-2020-27950

Popular software products from Adobe, Apple, Google, Microsoft, Mozilla, and Samsung successfully PWNED at Tianfu Cup 2020 cybersecurity contest—with previously unseen exploits.

Read details: https://thehackernews.com/2020/11/windows-10-ios-chrome-firefox-and.html