Iran-linked MuddyWater hackers on the prowl again, using compromised corporate email accounts to launch spear-phishing attacks on countries in the Middle East and Central and West Asia with updated attack tactics.

Read: https://thehackernews.com/2022/12/muddywater-hackers-target-asian-and.html

Researchers have discovered a new hybrid malware campaign that targets both Android and Windows operating systems, allowing it to expand its pool of victims.

Read: https://thehackernews.com/2022/12/researchers-uncover-darknet-service.html

Iranian nation-state hackers are using a new malware dubbed "Drokbk" that uses GitHub as a "dead drop resolver" to hide its communication with attackers, receive commands and exfiltrate stolen data.

Read: https://thehackernews.com/2022/12/researchers-uncover-new-drokbk-malware.html

Researchers have reported an increase in TrueBot malware infections, involving a new variant that abuses the Netwrix Auditor vulnerability and the Raspberry Robin worm to attack Mexico, Brazil, and the United States.

Read: https://thehackernews.com/2022/12/new-truebot-malware-variant-leveraging.html

Cisco warns of an unpatched, high-severity vulnerability (CVE-2022-20968) affecting IP Phone 7800 and 8800 series IP phones, for which a public proof-of-concept exploit is available.

Read: https://thehackernews.com/2022/12/cisco-warns-of-high-severity-unpatched.html

Researchers describe a new attack method that can bypass web application firewalls (WAFs) and infiltrate systems.

Read: https://thehackernews.com/2022/12/researchers-detail-new-attack-method-to.html

The method worked successfully against WAFs from vendors such as AWS, Cloudflare, F5, Imperva, and Palo Alto Networks

Hack-for-hire group Evilnum uses new Janicab malware variant to attack travel, legal and financial entities.

Read: https://thehackernews.com/2022/12/hack-for-hire-group-targets-travel-and.html

Cryptocurrency mining attacks against Linux systems are leveraging the open-source CHAOS remote access trojan to gain unauthorized access to the infected systems and mine cryptocurrencies.

Read: https://thehackernews.com/2022/12/cryptocurrency-mining-campaign-hits.html

U.S. Department of Health and Human Services (HHS) has issued a warning about ongoing ransomware attacks targeting healthcare entities in the country.

Read: https://thehackernews.com/2022/12/royal-ransomware-threat-takes-aim-at-us.html

Say goodbye to passwords!

Google is rolling out passkeys support to its stable version of Chrome web browser for Windows, Android and macOS.

Read: https://thehackernews.com/2022/12/google-adds-passkey-support-to-chrome.html

Stay secure and logged in with this next-generation login standard

Stay ahead of the curve and protect your business with the latest cybersecurity news and insights.

Follow our LinkedIn page and join our community for the most relevant and timely cybersecurity news and information.

https://www.linkedin.com/company/thehackernews/

Researchers have discovered new vulnerabilities in popular endpoint detection and response (EDR) and antivirus solutions (AV) that can be weaponized against users to carry out wiping attacks.

Read details: https://thehackernews.com/2022/12/researchers-demonstrate-how-edr-and.html

Urgent: Fortinet has issued emergency patches for a severe pre-auth RCE vulnerability (CVE-2022-42475) affecting its FortiOS SSL-VPN product that is being actively exploited in the wild.

Read: https://thehackernews.com/2022/12/fortinet-warns-of-active-exploitation.html

Ugh, not again! Multiple malware campaigns discovered targeting Python and JavaScript developers via the official PyPI and npm repositories.

Read: https://thehackernews.com/2022/12/malware-strains-targeting-python-and.html

Cybersecurity researchers have unveiled the inner workings of a devastating new ransomware known as Azov, designed to corrupt data and inflict "impeccable damage" on compromised systems.

Read: https://thehackernews.com/2022/12/cybersecurity-experts-uncover-inner.html

This severe vulnerability affecting the Amazon ECR Public Gallery may have opened the repositories to potential "deep #software supply chain" attacks.

Read: https://thehackernews.com/2022/12/serious-attacks-could-have-been-staged.html

Google launches open source availability of OSV-Scanner, a scanner that aims to offer easy access to vulnerability information about various projects.

Read: https://thehackernews.com/2022/12/google-launches-largest-distributed.html

⚡ Zero-day vulnerability alert!

Apple has released security updates to patch a new "actively exploited" 0-day code execution vulnerability.

Make sure to update your iOS, iPadOS, macOS, tvOS, and Safari to keep your devices secure.

https://thehackernews.com/2022/12/new-actively-exploited-zero-day.html

Warning: Hackers are exploiting a new critical zero-day RCE vulnerability (CVE-2022-27518) in Citrix ADC & Gateway to gain control of affected systems.

https://thehackernews.com/2022/12/hackers-actively-exploiting-citrix-adc.html

It is important that users apply latest security patches immediately to protect against this threat.

⚡ Stay protected against new vulnerabilities and zero-day attacks by ensuring your devices are up to date with the latest December 2022 Patch Tuesday security updates from Microsoft, Adobe, Apple, Cisco and other major vendors.

https://thehackernews.com/2022/12/december-2022-patch-tuesday-get-latest.html

Researchers reveal attackers use legitimate Microsoft-signed drivers in ransomware and malware campaigns against various companies

Read: https://thehackernews.com/2022/12/ransomware-attackers-use-microsoft.html