An analysis of over 70 billion DNS records has led to the discovery of Decoy Dog, a cohesive and highly unusual toolkit for targeting enterprise networks.

Read details: https://thehackernews.com/2023/05/new-decoy-dog-malware-toolkit-uncovered.html

Heads up, everyone!

CISA has issued an advisory warning of active exploitation of three known vulnerabilities, including CVE-2023-1389 (TP-Link Archer AX-21), CVE-2021-45046 (Apache Log4j2) and CVE-2023-21839 (Oracle WebLogic).

Details: https://thehackernews.com/2023/05/active-exploitation-of-tp-link-apache.html

ScarCruft, the North Korean threat group behind RokRAT malware, has adapted to the blocking of macros by using oversized LNK files.

Learn more about: https://thehackernews.com/2023/05/north-koreas-scarcruft-deploys-rokrat.html

Beware! A new Android surveillanceware called BouldSpy, believed to be linked to the Iranian government, has been spying on over 300 individuals belonging to minority groups, including Iranian Kurds, Baluchis, and Azeris.

Details: https://thehackernews.com/2023/05/bouldspy-android-spyware-iranian.html

🚨 New Windows-based financial trojan LOBSHOT found! TA505 threat actor leverages rogue Google Ads to spread malware.

Learn about its hVNC capabilities and how it stays under the radar: https://thehackernews.com/2023/05/lobshot-stealthy-financial-trojan-and.html

Critical flaw affecting ME RTU remote terminal units!

CISA has issued an advisory about the security vulnerability tracked as CVE-2023-2131, which has received the highest severity rating of 10.0 on the CVSS scoring system.

Details: https://thehackernews.com/2023/05/cisa-issues-advisory-on-critical-rce.html

🚨 Cybersecurity alert! Over 50,000 attempts to exploit a 5-year-old unpatched flaw in TBK digital video recording devices were observed in April.

Learn more about the critical vulnerability and its impact on camera video feeds: https://thehackernews.com/2023/05/hackers-exploiting-5-year-old-unpatched.html

Apple and Google are joining forces to tackle unauthorized tracking on Bluetooth location-tracking devices like AirTags.

https://thehackernews.com/2023/05/apple-and-google-join-forces-to-stop.html

They are working on a draft industry-wide specification that will detect and alert users of any unauthorized tracking.

Operation SpecTor has resulted in the arrest of 288 dark web vendors involved in drug trafficking. This coordinated effort also seized $53.4 million, 850 kg of drugs, and 117 firearms.

Read details: https://thehackernews.com/2023/05/operation-spector-534-million-seized.html

Chinese state-sponsored hacking outfit Earth Longzhi, a subgroup within APT41, has launched a new hacking campaign targeting government, healthcare, tech & manufacturing entities in Taiwan, Thailand, the Philippines, and Fiji.

Details: https://thehackernews.com/2023/05/chinese-hacker-group-earth-longzhi.html

Google is rolling out Passkeys across all platforms, making it a passwordless solution for Google Accounts.

Learn how it works: https://thehackernews.com/2023/05/google-introduces-passwordless-secure.html

Passkeys, backed by the FIDO Alliance, are more secure than passwords and resistant to online attacks such as phishing.

🤖 Facebook has taken action against malicious campaigns leveraging popular topics like ChatGPT, Google BERT, and TikTok marketing tools as a lure to trick users into downloading malware.

Details: https://thehackernews.com/2023/05/meta-takes-down-malware-campaign-that.html

Stay cautious and avoid clicking on suspicious links!

Meta, the parent company of Facebook and Instagram, has taken down several cyber espionage campaigns that targeted South Asia through coordinated inauthentic behavior on social media platforms.

Read more to learn about it: https://thehackernews.com/2023/05/meta-uncovers-massive-social-media.html

🔥 Researchers have developed a new PoC exploit for a critical PaperCut server vulnerability that can bypass all current detections, allowing attackers to execute arbitrary code with SYSTEM privileges.

Learn details here: https://thehackernews.com/2023/05/researchers-uncover-new-exploit-for.html

🚨 Three new security flaws discovered in Microsoft Azure API Management service that could expose sensitive information and compromise backend services.

Learn more about these vulnerabilities: https://thehackernews.com/2023/05/researchers-discover-3-vulnerabilities.html

Beware Android users! A new subscription #malware named Fleckpe has been discovered on Google Play Store. The #malware was disguised as photo editing apps, camera, and wallpaper packs, amassing over 620,000 downloads since 2022.

https://thehackernews.com/2023/05/fleckpe-android-malware-sneaks-onto.html

Cisco has warned of a critical vulnerability (CVE-2023-20126) in SPA112 2-Port Phone Adapters that could allow remote attackers to execute arbitrary code.

Learn more: https://thehackernews.com/2023/05/cisco-warns-of-vulnerability-in-popular.html

Upgrade now to protect your devices!

🚨 Packagist, the PHP package repository, suffered a security incident where an attacker gained access to four inactive accounts and hijacked over a dozen packages with 500 million installs.

Read details: https://thehackernews.com/2023/05/packagist-repository-hacked-over-dozen.html

⚠️ North Korean hackers Kimsuky using new ReconShark reconnaissance tool to target individuals via spear-phishing emails, OneDrive links & malicious macros.

Read more about "ReconShark" tool here: https://thehackernews.com/2023/05/n-korean-kimsuky-hackers-using-new.html

Italian corporate banking clients are under attack by a sophisticated financial fraud campaign that uses a new web-inject toolkit called drIBAN.

Learn how it works: https://thehackernews.com/2023/05/hackers-targeting-italian-corporate.html

🚨 Alert: East Asian markets hit by a new Android malware named FluHorse. It abuses the Flutter software development framework to mimic legitimate apps and steal credentials.

Learn more about it here: https://thehackernews.com/2023/05/new-android-malware-fluhorse-targeting.html