Cyber Security weekly hacker news November 30- December 6 2021
————- VIDEO CONTENT ————–
00:00 intro
00:27 PHISHING
00:30 Watch out for Omicron COVID-19-themed phishing messages!
02:04 PATCHES
02:07 Mozilla fixes critical flaw in Network Security Services (NSS) cryptography library
03:14 Play the Opera Please – Opera patches a flaw in their turbo servers
05:13 0patch releases unofficial patches for CVE-2021-24084 Windows 10 zero-day
06:31 ATTACKS VULRNERABILITIES & UPDATES
06:34 Threat actors stole $120 M in crypto from BadgerDAO DeFi platform
08:55 Hundreds of vulnerabilities in common Wi-Fi routers affect millions of users
10:15 Cuba ransomware gang hacked 49 US critical infrastructure organizations
12:23 CISA warns of vulnerabilities in Hitachi Energy products
13:34 NSO Group spyware used to compromise iPhones of 9 US State Dept officials
15:25 KAX17 threat actor is attempting to deanonymize Tor users running thousands of rogue relays
18:31 CISA adds Zoho, Apache, Qualcomm, Mikrotik flaws to the list of actively exploited issues
20:17 Russian internet watchdog Roskomnadzor bans six more VPN services
22:44 NginRAT – A stealth malware targets e-store hiding on Nginx servers
00:25:05 New RTF Template Inject technique used by APT groups in recent attacks
00:27:02 Sabbath Ransomware target critical infrastructure in the US and Canada
00:29:28 New EwDoor Botnet is targeting AT&T customers
00:30:43 Critical Printing Shellz flaws impact 150 HP multifunction printer models
00:33:18 WIRTE APT group targets the Middle East since at least 2019
00:35:26 4 Android banking trojans were spread via Google Play infecting 300.000+ devices
00:36:25 Experts warn of attacks exploiting CVE-2021-40438 flaw in Apache HTTP Server
00:37:39 Biopharmaceutical firm Supernus Pharmaceuticals hit by Hive ransomware during an ongoing acquisition
00:39:16 RATDispenser, a new stealthy JavaScript loader used to distribute RATs
00:41:13 North Korea-linked Zinc group posed as Samsung recruiters to target security firms
00:43:33 Queensland government energy generator hit by ransomware
00:45:53 Hackers are brute-force guessing payment card numbers, and there’s nothing you can do about it
00:47:46 OTHER SECURITY NEWS
00:47:49 German BSI agency warns of ransomware attacks over Christmas holidays
00:49:09 Europol arrested 1800 money mules as part of an anti-money-laundering operation
00:50:57 VirusTotal Collections allows enhancing the sharing of Indicators of Compromise (IoCs)
00:51:49 FBI training document shows lawful access to multiple encrypted messaging apps
00:53:09 Israel cut cyber export list, excluding totalitarian regimes
00:55:00 Thanks for Watching
#cybersecurity #hackernews #infosec #threatintel #infosecurity
