Threatpost

Unpatched Bug in WiFi Mouse App Opens PCs to Attack Wireless mouse-utility lacks proper authentication and opens Windows systems to attack. Google Patches Actively-Exploited Flaw in Chrome Browser A flaw (CVE-2021-21166) in the Audio component of Google Chrome is fixed in a new update being pushed out to Windows, Mac and Linux users. Malaysia Air Downplays Frequent-Flyer Program Data Breach A third-party IT provider exposed valuable airline data that experts say could be a goldmine for cybercriminals.  Home-Office Photos: A Ripe Cyberattack Vector Threat actors can use personal information gleaned from images to craft targeted scams, putting personal and corporate data at risk. RTM Cybergang Adds New Quoter Ransomware to Crime Spree The Russian-speaking RTM threat group is targeting organizations in an ongoing campaign that leverages a well-known banking trojan, brand new ransomware strain and extortion tactics. Malicious Code Bombs Target Amazon, Lyft, Slack, Zillow Attackers have weaponized code dependency confusion to target internal apps at tech giants. Microsoft Exchange Zero-Day Attackers Spy on U.S. Targets Full dumps of email boxes, lateral movement and backdoors characterize sophisticated attacks by a Chinese APT - while more incidents spread like wildfire. Post-Cyberattack, Universal Health Services Faces $67M in Losses The Fortune-500 hospital network owner is facing steep costs in damages after a cyberattack impacted patient care and billing in September and October. Jailbreak Tool Works on iPhones Up to iOS 14.3 The UnC0ver team took advantage of an iOS flaw patched in January in its latest tool allowing developers and other enthusiasts to hack into their own devices. Compromised Website Images Camouflage ObliqueRAT Malware Emails spreading the ObliqueRAT malware now make use of steganography, disguising their payloads on compromised websites.

Distributed by aarss.com.