Cyber Security weekly Hacker News for October 26 – November 1, 2021
00:00 intro
01:04 PHISHING
01:06 TodayZoo phishing kit borrows the code from other kits
02:52 PATCHES
02:56 Google fixes 2 new actively exploited zero-day flaws in Chrome
04:16 ATTACKS Vulnerabilities and Updates
04:19 Microsoft found Shrootless bug in macOS that could bypass System Integrity Protection
06:00 Crooks steal $130 million worth of cryptocurrency assets from Cream Finance
07:09 Avast releases free decrypters for AtomSilo and LockFile ransomware families
08:24 Grief ransomware gang hit US National Rifle Association (NRA)
09:22 North Korea-linked Lazarus APT targets the IT supply chain
11:55 Operations at Iranian gas stations were disrupted today. Cyber attack or computer glitch?
13:04 Expert managed to crack 70% of a 5,000 WiFi network sample in Tel Aviv
15:02 Ranzy Locker ransomware hit tens of US companies in 2021
17:18 UltimaSMS subscription fraud campaign targeted millions of Android users
19:00 Unknown ransomware gang uses SQL injection bug in BillQuick Web Suite to deploy ransomware
20:27 AbstractEmu, a new Android malware with rooting capabilities
22:10 Over 1 million WordPress sites affected by OptinMonster plugin flaws
24:10 WordPress Plugin Bug Lets Subscribers Wipe Sites
25:44 Wslink, a previously undescribed loader for Windows binaries
26:54 A critical RCE flaw affects Discourse software, patch it now!
27:55 Hacker accessed medical info at UMass Memorial Health
28:55 ESET found a variant of the Hive ransomware that encrypts Linux and FreeBSD
30:18 Papua New Guinea ‘s finance ministry was hit by a ransomware
31:16 Red TIM Research found two rare flaws in Ericsson OSS-RC component
32:39 Russia-linked Nobelium APT targets orgs in the global IT supply chain
33:51 NYT Journalist’s iPhone infected twice with NSO Group’sPegasus spyware
35:07 OTHER SECURITY NEWS
35:10 MITRE and CISA publish the 2021 list of most common hardware weaknesses
37:41 INTERPOL published the African Cyberthreat Assessment Report 2021
41:30 Police arrested 12 individuals involved in 1800 ransomware attacks worldwide
43:07 NSA and CISA explained how to prevent and detect lateral movement in 5G networks via cloud systems
44:50 German investigators identify crypto millionaire behind REvil operations
47:17 THANKS FOR WATCHING
