Cyber Security weekly Hacker news November 2 – 8 2021
00:00 intro
00:24 PHISHING
00:27 Threat actors stole $55 million worth of cryptocurrency from bZx DeFi platform
01:38 US defense contractor Electronic Warfare Associates discloses data breach
02:52 CERT-FR warns of Lockean ransomware attacks against French companies
04:22 Balikbayan Foxes group spoofs Philippine gov to spread RATs
05:45 PATCHES
05:49 Google fixes actively exploited Zero-Day Kernel flaw in Android
07:03 ATTACKS, VULNERABILITIES & UPDATES
07:06 HelloKitty ransomware gang also targets victims with DDoS attacks
08:26 Casinos of tribal communities are losing millions in Ransomware attacks
09:07 Ransomware gangs target companies involved in time-sensitive financial events, FBI warns
10:57 Philips Tasy EMR healthcare infomatics solution vulnerable to SQL injection
12:00 Squid Game Cryptocurrency exit scam! Operators made $2.1 Million
13:12 Trojan Source attack method allows hiding flaws in source code
14:46 A drone was modified to disrupt U.S. Power Grid, says intelligence bulletin
15:38 Threat actor exploits MS ProxyShell flaws to deploy Babuk ransomware
17:01 The Toronto Transit Commission (TTC) hit by a ransomware attack
17:48 npm libraries coa and rc. have been hijacked to deliver password-stealing malware
19:30 CISA recommends vendors to fix BrakTooth issues after the release of PoC tool
20:41 How to hack Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash
23:25 Cisco warns of hard-coded credentials and default SSH key issues in some products
25:49 Expert found a critical remote code execution bug in Linux Kernel
26:52 Pink Botnet infected over 1.6 Million Devices, it is one of the largest botnet ever seen
29:08 The U.K. Labour Party discloses a data breach
30:10 BlackMatter ransomware gang is shutting down due to pressure from law enforcement
31:22 50% of internet-facing GitLab installations are still affected by a RCE flaw
33:01 Microsoft warns of an increase in password spraying attacks
35:01 Iranian Black Shadow hacking group breached Israeli Internet hosting firm
35:52 Minecraft Japanese gamers hit by Chaos ransomware using alt lists as lure
37:19 Graff multinational jeweller hit by Conti gang. Data of its rich clients are at risk, including Trump and Beckham
38:26 OTHER SECURITY NEWS
38:28 White hat hackers earn over $1 Million at Pwn2Own Austin 2021
39:43 Hacker allegedly involved in 2020 Twitter hack charged with theft of $784K in crypto
42:29 CISA shares a catalog of 306 actively exploited vulnerabilities
43:39 NSO Group, Positive Technologies and other firms sanctioned by the US government
45:07 Google triples bounty for new Linux Kernel exploitation techniques
46:03 Thanks for watching
