1) Indian Computer Emergency Response Team (CERT-In) has given an update that all those who are using Adobe products and services should be cautious, as hackers can easily hack their systems by exploiting multiple vulnerabilities in the software.
According to CERT-In, the attacker can gain access to admin privileges, execute arbitrary codes and write arbitrary files on InDesign, InCopy, Illustrator, Bridge, and Animate services that work both on Windows and macOS.
So, users are being urged to keep their software up to date with the latest security updates to keep their systems well protected from such attacks.
2.) Second is the news that belongs to WordPress, the content management system provider offering services worldwide. WordPress forcibly issued an update to over millions of its sites after security researchers from WordFence Threat Intelligence documented an advisory about a code injection vulnerability.
After learning about the vulnerability, WordPress released an immediate update and applied the following plugins: 3.0.34.2, 3.1.10, 3.2.38, 3.3.21.4, 3.4.34.2, 3.5.8.4, and 3.6.11 on an automated note.
3.) Third is the news about QNAP storage devices. These company devices are being made as soft targets every month. And the latest news about these Taiwan-based network-attached storage makers is that two ransomware gangs recently targeted it.
First is the gang that is distributing DeadBolt Ransomware, and the second is the malware variant dubbed QNAPCrypt.
Cybersecurity researchers have found that the QNAP devices operating on weak passwords or operating outdated software are being targeted with the two said file-encrypting malware variants.
For keeping their systems updated, QNAP users are being urged to use strong passwords for admin privileges, use IP access protection for keeping brute force attacks at bay and avoid ports 443 and 8080 and keep the NAS systems updated with the latest QTS software versions.
4.) Fourth is the news related to a Russian botnet network that contains millions of infected machines and devices. RSocks botnet that is believed to be funded by Kremlin intelligence was shut down by law enforcement acting on a judgment pronounced by DoJ.
RSocks were being used by cybercriminals to launch credential stuffing attacks, account hijacks, phishing emails, and fraudulent induction of mining software.
The botnet was on the tracking radar of the FBI since 2017 and has taken control of millions of devices that including industrial control systems, routers, CCTV systems, AV Streaming devices, and IoT.
In the year 2019, RSocks was seen adding millions of android devices and small computers to its list.
Now that the law enforcement authorities have taken control of the devices based on the inputs provided by Microsoft, it brought the highly sophisticated Russian crime to an end in May this year.
5.) On Tuesday last week, Microsoft added an update that addressed its operating system’s Wi-Fi accessing capabilities via its Hotspot feature. As the issue was affecting all its Windows 10 and 11 operating systems, the tech giant issued a patch on June 14 of this year.
As per the details released by the Windows giant, the issue was a bug-driven update known as KB5014697 and was blocking users from using the Wi-Fi hotspot feature.
Already the company has issued an update on the issue and is expected to be rolled out to all its users by this month-end.
For the time being, tech analysts say that the update can be rolled back, but as per our analysts, it is not recommended at all.