New malware campaigns spotted in the wild, using malicious Microsoft Office docs to infect PCs with GandCrab ransomware and Ursnif info-stealer malware

https://thehackernews.com/2019/01/microsoft-gandcrab-ursnif.html

Researchers have released "Aztarna," an open-source framework to help engineers identify vulnerable Robots and Industrial Routers connected to the Internet.

https://thehackernews.com/2019/01/robot-cybersecurity-tool.html

A quick scan revealed almost 106 open ROS systems & 9000 insecure industrial routers worldwide.

New Exploit Threatens Over 9,000 Hackable Cisco's RV320/RV325 Business Routers Worldwide

https://thehackernews.com/2019/01/hacking-cisco-routers.html

Attackers actively look for vulnerable devices on the Internet; Install firmware updates immediately to patch recently disclosed 2 high-severity vulnerabilities.

⚠️ WARNING — Dear iPhone Users, Turn OFF "FaceTime" App Immediately.

A New Apple FaceTime Privacy Bug Lets Callers Hear and See You Even If You Don't Accept the Call. (It's Unpatched)

https://thehackernews.com/2019/01/apple-facetime-privacy-hack.html …

Go to the Settings → Scroll Down to FaceTime → Switch it OFF Now!

NEW→ Apple iCloud possibly suffered a privacy breach last year that the company kept a secret

https://thehackernews.com/2019/01/icloud-privacy-breach.html

Researcher claimed to have found a bug (Apple also acknowledged) that could have allowed users to view partial #iCloud data from targeted/random Apple users.

Sent an embarrassing photo or text to a wrong person or in a group chat?

Chillax, Facebook Messenger has added a new feature that now lets users delete accidentally sent photos, videos or texts from both sides

https://thehackernews.com/2019/02/unsend-delete-facebook-message.html

But you will get just 10 minutes to decide

Researcher releases PoC and details for a new RCE flaw affecting two most popular Microsoft Office alternatives — LibreOffice and OpenOffice — that could allow hackers to take over Windows/Linux PCs just by tricking victims into opening a document file

https://thehackernews.com/2019/02/hacking-libreoffice-openoffice.html

Researchers discover over a dozen RCE flaws in two popular RDP clients—FreeRDP and rdesktop—that could allow malicious servers to "reverse hack" client’s computer

https://thehackernews.com/2019/02/remote-desktop-hacking.html …

Windows built-in RDP client also found vulnerable to clipboard related "unpatched" attacks

Google releases a new Chrome extension, called "Password Checkup," that ALERTS users when they use a compromised credential for any site (exact username + password combination that has previously been exposed in any data breach)

https://thehackernews.com/2019/02/google-password-checkup-breaches.html …

First Hacker Convicted of 'SIM Swapping' Attacks Gets 10 Years in Prison

https://thehackernews.com/2019/02/sim-swapping-hack.html …

This 20-Year-Old College Student Stole Nearly $5 Millions in #Cryptocurrency from 40 Victims

Researchers Spotted New Windows .exe Malware Found Targeting macOS Computers

https://thehackernews.com/2019/02/macos-windows-exe-malware.html

New high severity "RunC" vulnerability (CVE-2019-5736) lets attackers escape #Linux container to gain root access on host machine.

Affected Systems/Services → Docker, Kubernetes, Debian, Red Hat, Ubuntu, Google Cloud, Amazon AWS and more.

https://thehackernews.com/2019/02/linux-container-runc-docker.html

Interesting… Researchers find a way to implant stealthy "super malware" on Intel processors using its own hardware-based memory #encryption feature i.e. SGX Enclaves, designed to protect sensitive data even if a system gets compromised

https://thehackernews.com/2019/02/intel-sgx-malware-hacking.html

An hacker who breached dozens of popular sites puts 127 million new records up for sale on the Dark Web.

https://thehackernews.com/2019/02/data-breach-website.html

⚠️WARNING – Watch out for this new type of extremely creative #phishing attacks that even most vigilant users could fall for

https://thehackernews.com/2019/02/advance-phishing-login-page.html

Hacking Virtual Reality – Researchers demonstrate how hackers could have remotely exploited popular Bigscreen VR app to spy on your virtual world meetings and even compromise your computers completely.

[Exclusive Technical Details] https://thehackernews.com/2019/02/bigscreen-vr-hacking.html

Drupal releases software updates to patch a new CRITICAL remote code execution flaw (CVE-2019-6340) that could allow hackers to hijack websites — UPDATE your site ASAP!

https://thehackernews.com/2019/02/hacking-drupal-vulnerability.html

WARNING — Critical Code Execution Flaw in WinRAR Affects All Versions of Popular File Compression Software Released in Last 19 Years, Leaving 500 Million Users Worldwide at Risk

https://thehackernews.com/2019/02/winrar-malware-exploit.html

Update Your WinRAR to version 5.70 beta 1 Immediately.

Wohooo! Kali Linux 2019.1 Released — Latest Version of Operating System for Hackers and #Cybersecurity Professionals.

https://thehackernews.com/2019/02/kali-linux-hackers-os.html

The First 2019 version of Kali includes kernel up to version 4.19.13, various patches, and software updates like #Metasploit 5.0.

You should immediately turn this *new* setting OFF on your Facebook app for Android to prevent it from collecting your real-time location history in the background when you're not using the app.

If you haven't already, check this out → https://thehackernews.com/2019/02/facebook-location-tracking.html

New attacks against 4G, 5G LTE networks re-enable IMSI Catchers like StingRay, allowing attackers to verify targeted mobile's location, launch prior attacks like call/SMS interception

Learn about ToRPEDO, Piercer and IMSI-Cracking attacks https://thehackernews.com/2019/02/location-tracking-imsi-catchers.html