“Researchers have uncovered advanced, never-before-seen macOS malware that was installed using exploits that were almost impossible for most users to detect or stop once the users landed on a malicious website.”
Hackers Trick Microsoft Into Signing Netfilter Driver Loaded With Rootkit Malware
“Microsoft on Friday said it’s investigating an incident wherein a driver signed by the company turned out to be a malicious Windows rootkit that was observed communicating with command-and-control (C2) servers located in China.”
Security News This Week: Hackers Are Erasing Western Digital Hard Drives Remotely
“An array of ATMs and point-of-sale terminals can be hacked with a wave of your phone, according to research released this week about vulnerabilities in near-field communication card readers.”
Update to iOS 14.5.1 Right Now or Your iPhone Is a Sitting Duck for Hackers
“Apple has rushed out fixes to two major vulnerabilities in iOS and iPadOS 14.5, last month’s update that implemented its App Tracking Transparency feature. Both bugs could have allowed malicious parties to remotely execute code, possibly leading to the takeover of an affected device.”
Actively exploited Mac 0-day neutered core OS security defenses
“When Apple released the latest version, 11.3, for macOS on Monday, it didn’t just introduce support for new features and optimizations.”
Cybercriminals Bought Facebook Ads for a Fake Clubhouse App That Was Riddled With Malware
“Cybercriminals have been pushing Facebook users to download a Clubhouse app “for PC,” something that doesn’t exist. The app is actually a trojan designed to inject malware into your computer.”
Android spyware masquerades as a System Update
“Malware of all kinds on Android are nothing new. Some even manage to get past Google Play Store’s security checks. Most, however, ride on apps that are sourced outside of Android’s sanction app store and those are often able to wreak more havoc than normal harmful apps.”
The Personal Data of Over 533M Facebook Users Has Been Posted Online
“Names, locations, and phone numbers are all available as part of this massive data leak.”
Critical netmask networking bug impacts thousands of applications
“Popular npm library netmask has a critical networking vulnerability. The component gets over 3 million weekly downloads, and as of today, has scored over 238 million total downloads over its lifetime. Further, about 278,000 GitHub repositories depend on netmask.”