Researchers have uncovered a new phishing campaign targeting the Kavach two-factor authentication solution used by Indian government officials.

Read details: https://thehackernews.com/2022/12/researchers-warn-of-kavach-2fa-phishing.html

FrodoPIR — A new privacy-focused system that allows clients to securely query a database without revealing query information to an untrusted server, making it useful for a range of apps, including safe browsing, breached password checks, and more.

https://thehackernews.com/2022/12/frodopir-new-privacy-focused-database.html

Cybercriminals are distributing info-stealing malware to developers through Python Package Index (PyPI). These malware variants, such as ANGEL and Celestial Stealer, are based on W4SP Stealer.

Read: https://thehackernews.com/2022/12/w4sp-stealer-discovered-in-multiple.html

Alert! PrivateLoader, a pay-per-install malware downloader service, is being used to distribute the information-stealing malware known as RisePro.

Read: https://thehackernews.com/2022/12/privateloader-ppi-service-found.html

GuLoader malware has upped its game, using advanced tactics to bypass security software.

Researchers have uncovered a 3-stage process where VBScript delivers shellcode within itself while performing anti-analysis checks.

Read: https://thehackernews.com/2022/12/guloader-malware-utilizing-new.html

Facebook has reached a settlement of $725 million in a lawsuit over the Cambridge Analytica data leak.

Read: https://thehackernews.com/2022/12/facebook-to-pay-725-million-to-settle.html

Alert! BlueNoroff APT hackers are using new techniques to bypass Windows' Mark of the Web protections, including the use of .ISO and .VHD file formats.

Read: https://thehackernews.com/2022/12/bluenoroff-apt-hackers-using-new-ways.html

Hackers are turning to malicious Excel add-in (.XLL) files as their initial attack vector, in response to Microsoft's decision to block VBA macros by default for Office files downloaded from the Internet .

https://thehackernews.com/2022/12/apt-hackers-turn-to-malicious-excel-add.html

BitKeep, a decentralized multi-chain cryptocurrency wallet, has confirmed a cyberattack that led to the distribution of fraudulent versions of its Android app, resulting in the theft of an estimated $9.9 million worth of digital assets.

https://thehackernews.com/2022/12/bitkeep-confirms-cyber-attack-loses.html

A new malvertising campaign has been discovered that targets people searching for popular #software. This campaign uses Google Ads to spread Trojanized variants that deploy malware, including Raccoon Stealer and Vidar.

Read: https://thehackernews.com/2022/12/new-malvertising-campaign-via-google.html

Thousands of Citrix ADC and Gateway endpoints have not yet been patched for two critical vulnerabilities (CVE-2022-27510 and CVE-2022-27518), leaving several organisations vulnerable to potential cyberattacks.

https://thehackernews.com/2022/12/thousands-of-citrix-servers-still.html

CISA has added two-year-old vulnerabilities in TIBCO Software's JasperReports product to its KEV catalog after discovering evidence of active exploitation by cybercriminals.

Read: https://thehackernews.com/2022/12/cisa-warns-of-active-exploitation-of.html

Google has agreed to pay $29.5 million to settle lawsuits brought by Indiana and Washington, D.C. over its "deceptive" location tracking practices.

Read: https://thehackernews.com/2023/01/google-to-pay-295-million-to-settle.html

A new strain of Linux malware is targeting WordPress sites, taking advantage of vulnerabilities in various plugins and themes to infiltrate and compromise vulnerable systems.

Read: https://thehackernews.com/2023/01/wordpress-security-alert-new-linux.html

PyTorch, a machine learning framework project, fell victim to a supply chain attack between Dec. 25 and Dec.30, 2022, involving a malicious dependency that affected users who downloaded the affected versions.

Read: https://thehackernews.com/2023/01/pytorch-machine-learning-framework.html

Chinese international students in the U.K. have been facing persistent scams for over a year by Chinese-speaking fraudsters belonging to a group called RedZei (also known as RedThief).

Read: https://thehackernews.com/2023/01/redzei-chinese-scammers-targeting.html

Raspberry Robin worm is targeting financial and insurance sectors in Europe, and has evolved its post-exploitation capabilities to resist analysis and collect more data from infected computers.

Read: https://thehackernews.com/2023/01/raspberry-robin-worm-evolves-to-attack.html

Attention: A new malware campaign has been detected using sensitive information stolen from a bank to trick people into downloading a remote access trojan called BitRAT.

Read: https://thehackernews.com/2023/01/hackers-using-stolen-bank-information.html

Synology has released security updates to address a critical RCE vulnerability (CVE-2022-43931) impacting VPN Plus Server that could be exploited to take over affected systems.

Read: https://thehackernews.com/2023/01/synology-releases-patch-for-critical.html

Attention Linux users! There is a new malware that has been created using the Shell Script Compiler (shc) and it is deploying a cryptocurrency miner on infected systems.

Read: https://thehackernews.com/2023/01/new-shc-based-linux-malware-targeting.html

Irish regulators have fined Meta a hefty $414 million for violating data protection laws by forcing Facebook and Instagram users to accept targeted ads.

Read: https://thehackernews.com/2023/01/irish-regulators-fine-facebook-414.html