The universal decryption key for REvil’s attack on Kaseya’s customers has been leaked on hacking forums allowing researchers their first glimpse of the mysterious key.
A new Android Trojan has been identified by cybersecurity firm Zimperium, which released a report explaining how the malware has been able to hit more than 10,000 victims in 144 countries. The trojan, named FlyTrap by Zimperium researchers, has been able to spread through “social media hijacking, third-party app stores, and sideloaded applications” since March.
The Joint Cybersecurity Advisory coauthored by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), the United Kingdom’s National Cyber Security Centre (NCSC), and the U.S. Federal Bureau of Investigation (FBI) provided details on the top 30 vulnerabilities primarily Common Vulnerabilities and Exposures (CVEs) routinely exploited by malicious cyber actors in 2020 and those being widely exploited thus far in 2021.
Websites run by the ransomware gang REvil suddenly became unreachable, sparking widespread speculation that the group had been knocked offline. The Russia-linked cybercrime ring has collected tens of millions of dollars in ransom payments in return for restoring computer systems it has hacked. In recent weeks it claimed responsibility for a sprawling ransomware outbreak that affected an estimated 800 to 1,500 businesses worldwide.
Kaspersky researchers recently came across unusual APT activity observed in South East Asia and dates back to at least October 2020. Most of the early sightings were in Myanmar, but it now appears the attackers are much more active in the Philippines, where there are more than 10 times as many known targets. Further analysis revealed that the underlying actor, dubbed LuminousMoth, shows an affinity to the HoneyMyte group, otherwise known as Mustang Panda.
Human rights non-governmental organization Amnesty International and non-profit project Forbidden Stories revealed in a recent report that they found spyware made by Israeli surveillance firm NSO Group deployed on iPhones running Apple’s latest iOS release, hacked using zero-day zero-click iMessage exploits.
Microsoft released out-of-band patches for Windows systems affected by two critical bugs being tracked as CVE-2021-1675 and CVE-2021-34527 and has advised admins to disable the print spooler service until patches are applied. But Microsoft’s patch for the critical PrintNightmare bug might not solve all the problems the flaw has created, say security researchers.
SolarWinds patches critical Serv-U vulnerability exploited in the wild and urges customers to patch a Serv-U remote code execution vulnerability that was exploited in the wild by “a single threat actor” in attacks targeting a limited number of customers. The vulnerability tracked as CVE-2021-35211 impacts Serv-U Managed File Transfer and Serv-U Secure FTP, and it enables remote threat actors to execute arbitrary code with privileges following successful exploitation.
Researchers from Avast are warning of the rapid growth of the DirtyMoe botnet, which passed from 10,000 infected systems in 2020 to more than 100,000 in the first half of 2021. Experts defined DirtyMoe as a complex malware that has been designed as a modular system.
Mayur Fartade, the Indian hacker, discovered the Instagram bug that allowed hackers to view selected media on the platform. By brute-forcing Media IDs, the attacker might have also been able to save photographs, videos, and metadata about specific media in addition to accessing user’s private images. Facebook patched the bug on April 29, and on June 15, Fartade was awarded $30000 for discovering the dangerous vulnerability.
