Afternoon Dessert - 2022-08-17

Welcome to another Afternoon Dessert breakout:

US offers reward “up to $10 million” for information about the Conti gang
Wanted - Reward Offered - Five unknown individuals (plus a man with a weird hat)
Read more....

Chrome browser gets 11 security fixes with 1 zero-day – update now!
Don't delay - patch today.
Read more....

New Google Chrome Zero-Day Vulnerability Being Exploited in the Wild
Google on Tuesday rolled out patches for Chrome browser for desktops to contain an actively exploited high-severity zero-day flaw in the wild. Tracked as CVE-2022-2856, the issue has been described as a case of insufficient validation of untrusted input in Intents. Security researchers Ashley Shen and Christian Resell of Google Threat Analysis Group have been credited with reporting the flaw on
Read more....

Cybercriminals Developing BugDrop Malware to Bypass Android Security Features
In a sign that malicious actors continue to find ways to work around Google Play Store security protections, researchers have spotted a previously undocumented Android dropper trojan that's currently in development. "This new malware tries to abuse devices using a novel technique, not seen before in Android malware, to spread the extremely dangerous Xenomorph banking trojan, allowing criminals
Read more....

Malware devs already bypassed Android 13's new security feature
Android malware developers are already adjusting their tactics to bypass a new 'Restricted settings' security feature introduced by Google in the newly released Android 13. [...]
Read more....

A dozen PyPI packages turn Discord into an info-stealing backdoor
A dozen malicious PyPi packages have been discovered installing malware that modifies the Discord client to become an information-sealing backdoor and stealing data from web browsers and Roblox. [...]
Read more....

North Korean hackers use signed macOS malware to target IT job seekers
North Korean hackers from the Lazarus group have been using a signed malicious executable for macOS to impersonate Coinbase and lure in employees in the financial technology sector. [...]
Read more....

New Windows PowerToy OCR tool will let you copy text from images
Microsoft PowerToys is getting a new utility called PowerOCR that lets you select text in an image and copy it directly to the Windows clipboard. [...]
Read more....