Watch out! Hackers have started exploiting latest Drupal RCE flaw disclosed last week

https://thehackernews.com/2019/02/drupal-hacking-exploit.html

NOTE—If you haven't updated your Drupal site yet, your site may have already been compromised and merely installing latest Drupal version would not remove malware code

Researchers discover a new spam campaign in the wild that exploits latest WinRAR vulnerability to infect Windows computers with malware

https://thehackernews.com/2019/02/winrar-hacking-exploit.html

Google's Project Zero researcher publicly disclosed details and PoC for a new "high-severity" vulnerability in macOS after Apple failed to patch it within 90 days of being notified

https://thehackernews.com/2019/03/cybersecurity-macos-hacking.html

Researchers finally with high-confidence attribute "Operation Sharpshooter" global cyber-espionage campaign (still ongoing) to North Korean Lazarus #hacking group

https://thehackernews.com/2019/03/north-korea-hacking.html

...thanks to the new evidence they collected from a seized command-and-control server.

Google's cybersecurity startup Chronicle launches "Backstory" — A new threat analytics platform that allows businesses to privately store and analyse petabytes of "telemetry data," helping them quickly investigate incidents and hunt for potential threats

https://thehackernews.com/2019/03/backstory-cybersecurity-software.html

NSA Releases GHIDRA 9.0 — A Free and Powerful Reverse Engineering Tool

https://thehackernews.com/2019/03/ghidra-reverse-engineering-tool.html

"GHIDRA helps analyze malicious code and can give cybersecurity professionals a better understanding of potential vulnerabilities in their networks and systems."

⚠️ Important — Update your Google Chrome immediately to patch a new high-severity 0-day RCE vulnerability (CVE-2019-5786) that hackers are actively exploiting in the wild

https://thehackernews.com/2019/03/update-google-chrome-hack.html

Patched Chrome version 72.0.3626.121 has been released for Windows, macOS, Linux

Citrix Suffers Massive Data Breach – Iranian-backed IRIDIUM Hacker Group Allegedly Stole 6TB of Sensitive Data

https://thehackernews.com/2019/03/citrix-data-breach.html

BEWARE – New 'Creative' Phishing Attack You Really Should Pay Attention To

https://thehackernews.com/2019/03/ios-mobile-phishing-attack.html

This new attack mimics iOS / Android native animation, browser feel and design in a very realistic manner to trick even vigilant mobile users into giving away their credentials

F5 Networks Acquires NGINX For $670 Million to Bridge NetOps and DevOps

https://thehackernews.com/2019/03/f5-networks-acquires-nginx.html

NGINX web servers power over half of the Internet and F5 helps businesses secure and manage their software and web applications... so, acquisition definitely makes sense.

Adobe Releases Security Updates to Patch Two Critical Vulnerabilities in Photoshop CC and Digital Editions

https://thehackernews.com/2019/03/adobe-software-updates.html

Exploitation of both flaws could allow an attacker to achieve arbitrary code execution on a targeted computer and take control of it.

New WordPress Vulnerability Lets Unauthenticated Remote Attackers Hack Sites

https://thehackernews.com/2019/03/hack-wordpress-websites.html

If for some reason your WordPress sites have not yet been automatically updated to the latest version 5.1.1 released yesterday, it's highly recommended to upgrade immediately.

Multiple critical 0-day RCE flaws discovered in Counter-Strike 1.6 Game client

https://thehackernews.com/2019/03/counter-strike-game-servers.html

Almost 39% of all CounterStrike gaming servers available online were found exploiting these unpatched flaws to remotely hack gamers’ computers and install botnet Trojan.

Firefox Send — Free, Encrypted File Transfer Service Now Available For All

➜ https://thehackernews.com/2019/03/firefox-send-encrypted-file-share.html

Mozilla’s new online service allows users to safely and simply share files as large as 2.5GB in size from any browser

Telegram Messenger Gained 3 Million New Users Within Last 24 Hours!

https://thehackernews.com/2019/03/encrypted-telegram-messenger.html

Thanks to the Facebook, Instagram, and WhatsApp Global Outages.

Critical #WinRAR bug is still under attack even after a patched version was released last month — thanks to NO Auto-Update feature in the popular file compression software with over 500 million users worldwide.

https://thehackernews.com/2019/03/winrar-hacking-malware.html

—by @Swati_THN

[Exclusive] Round 4 — Hacker Puts 26 Million New Accounts Up [From 6 Sites] For Sale On the Dark Web

https://thehackernews.com/2019/03/data-breach-security.html

If you have an account with any of the above-listed sites, you should change your passwords immediately and also on other services if you re-use the same password.

A new variant of Mirai botnet gets a dozen new exploits to target Enterprise IoT devices—eventually gaining control over larger bandwidth to carry out devastating DDoS attacks.

https://thehackernews.com/2019/03/mirai-botnet-enterprise-security.html

Libssh—a popular library to implement SSHv2 protocol—releases updated version of its software to patch a total of 9 new memory corruption flaws, which could allow a malicious or a compromised SSH server to target client systems remotely

https://thehackernews.com/2019/03/libssh2-vulnerabilities.html

Android Q — All New Privacy and Security Features You Need to Know

Details ➤ https://thehackernews.com/2019/03/android-q-security-privacy.html

Google to introduce some new, great privacy features in the next version of its Android mobile operating system.