Discover

Adobe has released security updates for the vulnerabilities tracked as CVE-2021-36065 and CVE-2021-36066 affecting Photoshop. These fixes are available for both Mac and Windows. If the hacker successfully exploits the vulnerability, it could lead to arbitrary code execution

Hackers are sending emails to iPhone users stating that their iPhone was hacked. By using a zero-click vulnerability, they install the Pegasus spyware. Through email, they demand a payment of $1600. If not paid, the hackers would release videos of the user’s most private moments to their family, friends, and business associates

The cybersecurity team of zLabs Zimperium has discovered malware dubbed as FlyTrap. According to the reports, they have been conducting their operations and attacks from Vietnam. The security team claims that it has affected more than 10,000 users and has affected 144 countries since March 2021

Microsoft has released fixes for 44 vulnerabilities for August 2021. Among 117, 7 are classified as critical and 37 as important. 59% of the vulnerabilities are locally exploitable and 39% are remotely exploitable

Microsoft has disclosed a social engineering campaign where the hackers kept changing their obfuscation and encryption mechanisms every 37 days. These hackers are using Morse code to hide their tracks. They have used invoice-related phishing themes to lure victims. Mainly to gain access to usernames, passwords for infiltration purposes.

Security researcher Nozomi Networks Labs have issued warnings for five unpatched security vulnerabilities in the safety programmable logic controllers (PLCs) of Mitsubishi. The hackers can exploit this vulnerability using brute force attacks, unauthorized login to the CPU module and denial-of-service (DoS) attacks to gain access to legitimate usernames that are present in the module

Threat actors brought top slots on Google search engines to display fake brave browser websites which deliver malware as the browsers download file. This malware is capable of streaming a user’s desktop and create another invisible desktop for attackers to use

A security researcher from Cybereason has discovered three malicious cyber espionage which has been targeting all the major telecom companies in Southeast Asia. More than a million customers have been affected by these groups. If the hackers gain access they could carry out arbitrary code execution, file and process manipulation, and privilege escalation

On Monday Apple rolled out a patch of the 0-day which was being actively exploited. Successful exploitation would have led to execute arbitrary code with kernel privileges. The fixes were issued for iOS, macOS and iPadOS

The malware dubbed as “Vultur” due to its remote screen sharing capability, records screen to gain access to sensitive data from the victim’s phone. This malware is officially distributed via the Google Play Store masqueraded as “Protection Guard” which has over 5000 installs. Italy, Australia and Spain are its main targets

The Department of Justice issued a warning against Microsoft office 365 accounts of employees of 27 US attorneys that were breached by the Russian linked SVR group as part of the SolarWinds hack. All the emails and the attachments were accessed from the compromised office 365 accounts