Researchers discover over a dozen RCE flaws in two popular RDP clients—FreeRDP and rdesktop—that could allow malicious servers to "reverse hack" client’s computer

https://thehackernews.com/2019/02/remote-desktop-hacking.html …

Windows built-in RDP client also found vulnerable to clipboard related "unpatched" attacks

Google releases a new Chrome extension, called "Password Checkup," that ALERTS users when they use a compromised credential for any site (exact username + password combination that has previously been exposed in any data breach)

https://thehackernews.com/2019/02/google-password-checkup-breaches.html …

First Hacker Convicted of 'SIM Swapping' Attacks Gets 10 Years in Prison

https://thehackernews.com/2019/02/sim-swapping-hack.html …

This 20-Year-Old College Student Stole Nearly $5 Millions in #Cryptocurrency from 40 Victims

Researchers Spotted New Windows .exe Malware Found Targeting macOS Computers

https://thehackernews.com/2019/02/macos-windows-exe-malware.html

New high severity "RunC" vulnerability (CVE-2019-5736) lets attackers escape #Linux container to gain root access on host machine.

Affected Systems/Services → Docker, Kubernetes, Debian, Red Hat, Ubuntu, Google Cloud, Amazon AWS and more.

https://thehackernews.com/2019/02/linux-container-runc-docker.html

Interesting… Researchers find a way to implant stealthy "super malware" on Intel processors using its own hardware-based memory #encryption feature i.e. SGX Enclaves, designed to protect sensitive data even if a system gets compromised

https://thehackernews.com/2019/02/intel-sgx-malware-hacking.html

An hacker who breached dozens of popular sites puts 127 million new records up for sale on the Dark Web.

https://thehackernews.com/2019/02/data-breach-website.html

⚠️WARNING – Watch out for this new type of extremely creative #phishing attacks that even most vigilant users could fall for

https://thehackernews.com/2019/02/advance-phishing-login-page.html

Hacking Virtual Reality – Researchers demonstrate how hackers could have remotely exploited popular Bigscreen VR app to spy on your virtual world meetings and even compromise your computers completely.

[Exclusive Technical Details] https://thehackernews.com/2019/02/bigscreen-vr-hacking.html

Drupal releases software updates to patch a new CRITICAL remote code execution flaw (CVE-2019-6340) that could allow hackers to hijack websites — UPDATE your site ASAP!

https://thehackernews.com/2019/02/hacking-drupal-vulnerability.html

WARNING — Critical Code Execution Flaw in WinRAR Affects All Versions of Popular File Compression Software Released in Last 19 Years, Leaving 500 Million Users Worldwide at Risk

https://thehackernews.com/2019/02/winrar-malware-exploit.html

Update Your WinRAR to version 5.70 beta 1 Immediately.

Wohooo! Kali Linux 2019.1 Released — Latest Version of Operating System for Hackers and #Cybersecurity Professionals.

https://thehackernews.com/2019/02/kali-linux-hackers-os.html

The First 2019 version of Kali includes kernel up to version 4.19.13, various patches, and software updates like #Metasploit 5.0.

You should immediately turn this *new* setting OFF on your Facebook app for Android to prevent it from collecting your real-time location history in the background when you're not using the app.

If you haven't already, check this out → https://thehackernews.com/2019/02/facebook-location-tracking.html

New attacks against 4G, 5G LTE networks re-enable IMSI Catchers like StingRay, allowing attackers to verify targeted mobile's location, launch prior attacks like call/SMS interception

Learn about ToRPEDO, Piercer and IMSI-Cracking attacks https://thehackernews.com/2019/02/location-tracking-imsi-catchers.html

Great News ⭐ Android Gets FIDO2 Certification

https://thehackernews.com/2019/02/android-fido2-password-security.html

Billions of devices running Android version 7.0 and above are now FIDO2 Certified, allowing users to leverage quick and secure password-less authentication protocol to log into their web accounts and apps

Watch out! Hackers have started exploiting latest Drupal RCE flaw disclosed last week

https://thehackernews.com/2019/02/drupal-hacking-exploit.html

NOTE—If you haven't updated your Drupal site yet, your site may have already been compromised and merely installing latest Drupal version would not remove malware code

Researchers discover a new spam campaign in the wild that exploits latest WinRAR vulnerability to infect Windows computers with malware

https://thehackernews.com/2019/02/winrar-hacking-exploit.html

Google's Project Zero researcher publicly disclosed details and PoC for a new "high-severity" vulnerability in macOS after Apple failed to patch it within 90 days of being notified

https://thehackernews.com/2019/03/cybersecurity-macos-hacking.html

Researchers finally with high-confidence attribute "Operation Sharpshooter" global cyber-espionage campaign (still ongoing) to North Korean Lazarus #hacking group

https://thehackernews.com/2019/03/north-korea-hacking.html

...thanks to the new evidence they collected from a seized command-and-control server.

Google's cybersecurity startup Chronicle launches "Backstory" — A new threat analytics platform that allows businesses to privately store and analyse petabytes of "telemetry data," helping them quickly investigate incidents and hunt for potential threats

https://thehackernews.com/2019/03/backstory-cybersecurity-software.html

NSA Releases GHIDRA 9.0 — A Free and Powerful Reverse Engineering Tool

https://thehackernews.com/2019/03/ghidra-reverse-engineering-tool.html

"GHIDRA helps analyze malicious code and can give cybersecurity professionals a better understanding of potential vulnerabilities in their networks and systems."