A new study by cybersecurity experts shows that analyzing metadata of malicious LNK files can elp identify relationships b/w threat actors.

Read: https://thehackernews.com/2023/01/new-research-delves-into-world-of.html

LNK files have become a popular method for initial access to deliver & execute malware payloads.

Another day, another vulnerability!

Researchers have uncovered a new vulnerability affecting multiple services related to Microsoft Azure, which could result in RCE attacks, data theft, and lateral movement within Azure services.

https://thehackernews.com/2023/01/new-microsoft-azure-vulnerability.html

Researchers are warning of a new Chinese #malware called "BOLDMOVE" that exploited a recently discovered vulnerability in Fortinet FortiOS SSL-VPN (CVE-2022-42475) as a zero-day to attack government entities & managed service providers.

https://thehackernews.com/2023/01/new-chinese-malware-spotted-exploiting.html

Big fines for WhatsApp!

Irish Data Protection Commission imposed a €5.5 million penalty for violating data protection laws when processing users' personal information.

Details: https://thehackernews.com/2023/01/whatsapp-hit-with-55-million-fine-for.html

Russian state-sponsored cyber espionage group Gamaredon is back and targeting Ukraine's military and law enforcement entities through Telegram.

Read: https://thehackernews.com/2023/01/gamaredon-group-launches-cyberattacks.html

Beware of 'Roaming Mantis' cybercriminals spreading an updated version of its mobile malware, called "Wroba", — it now hijacks DNS settings of connected Wi-Fi routers for malicious attacks.

Read details: https://thehackernews.com/2023/01/roaming-mantis-spreading-mobile-malware.html

Researchers have successfully shut down a large-scale AD fraud scheme known as VASTFLUX, which targeted a total of 11 million devices and involved over 1,700 spoofed apps.

Details: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html

New findings indicate that the Sliver C2 framework is gaining popularity among threat actors as a versatile alternative to traditional C2 tools such as Cobalt Strike and Metasploit.

Read details: https://thehackernews.com/2023/01/threat-actors-turn-to-sliver-as-open.html

Researchers report two vulnerabilities in Samsung's Galaxy Store app that could be exploited to secretly install malicious apps or redirect users to fake landing pages on the Internet.

Read details: https://thehackernews.com/2023/01/samsung-galaxy-store-app-found.html

Over the next few months, millions of people around the world will have access to end-to-end encrypted chats on Facebook Messenger, as well as access to new additional features.

Read details: https://thehackernews.com/2023/01/facebook-introduces-new-features-for.html

Apple has released updates for a security vulnerability in Webkit that affects older iPhone & iPad devices.

Read: https://thehackernews.com/2023/01/apple-issues-updates-for-older-devices.html

This vulnerability is currently being exploited, so it is important to update your device immediately.

Cybercriminals are always evolving their tactics, and the Emotet operation is no exception.

Emotet malware now using new tactics to fly under the radar and act as a conduit for other dangerous malware like Bumblebee and IcedID.

Read: https://thehackernews.com/2023/01/emotet-malware-makes-comeback-with-new.html

FBI has confirmed that the North Korean state-sponsored hacking group known as Lazarus Group and APT38 are responsible for the theft of $100 million in cryptocurrency assets from Harmony Horizon Bridge.

Details: https://thehackernews.com/2023/01/fbi-says-north-korean-hackers-behind.html

Chinese-speaking actor behind DragonSpark attacks targeting organizations in East Asia using Golang malware and unusual techniques to evade detection.

Read details: https://thehackernews.com/2023/01/chinese-hackers-utilize-golang-malware.html

VMware releases patch for 4 vulnerabilities in vRealize Log Insight, including 2 critical flaws (CVE-2022-31706 and CVE-2022-31704) that could lead to remote code execution attacks.

Read details: https://thehackernews.com/2023/01/vmware-releases-patches-for-critical.html

LastPass’ parent company GoTo (formerly LogMeIn) has experienced a data breach in which cybercriminals stole customers' encrypted backups and an encryption key used to secure data for some customers.

Read: https://thehackernews.com/2023/01/lastpass-parent-company-goto-suffers.html

North Korean group APT38 is targeting cryptocurrency holders by using credential harvesting as a new weapon in its quest for crypto riches.

Read details: https://thehackernews.com/2023/01/north-korean-hackers-turn-to-credential.html

Warning: A massive malware campaign has infected more than 4,500 WordPress websites and is redirecting their visitors to sketchy ad pages.

Read: https://thehackernews.com/2023/01/over-4500-wordpress-sites-hacked-to.html

Keep your website secure and always be cautious of suspicious links.

ALERT: Two federal agencies in the U.S. have fallen victim to a widespread malicious campaign using RMM software for phishing scams.

Read details: https://thehackernews.com/2023/01/us-federal-agencies-fall-victim-to.html

New research has uncovered connections between the operations of Moses Staff and Abraham's Ax, two politically motivated hacktivist groups.

Read details: https://thehackernews.com/2023/01/researchers-uncover-connection-bw-moses.html

Researchers have released proof-of-concept exploit code for a high-severity security vulnerability (CVE-2022-34689) in the Windows CryptoAPI, which was discovered by the NSA and NCSC.

Read details: https://thehackernews.com/2023/01/researchers-release-poc-exploit-for.html