Researchers have uncovered details of an ongoing hacking campaign by the APT hacker group Dark Pink, targeting military and government organizations in the APAC region.

Read: https://thehackernews.com/2023/01/dark-pink-apt-group-targets-governments.html

🔥 Attention, It's Patch Tuesday! Make sure to update your systems and software ASAP with the latest security patches from:

✅ Microsoft
✅ Adobe
✅ Google
✅ Intel
✅ HP
✅ Linux: Debian, Ubuntu,...
✅ SAP
... and more.

Read details: https://thehackernews.com/2023/01/microsoft-issues-january-2023-patch.html

A new wave of Gootkit malware loader attacks has targeted the Australian healthcare sector by leveraging legitimate tools like VLC Media Player.

Read: https://thehackernews.com/2023/01/australian-healthcare-sector-targeted.html

A new analysis reveals that Raspberry Robin's attack infrastructure can be repurposed by other threat actors for their own malicious activities, making it an even greater threat to watch out for.

Read: https://thehackernews.com/2023/01/new-analysis-reveals-raspberry-robin.html

Linux sysadmins, beware!

Hackers are exploiting a critical RCE vulnerability in Control Web Panel (CWP) to gain elevated privileges on web servers.

Read: https://thehackernews.com/2023/01/alert-hackers-actively-exploiting.html

Patch your servers ASAP!

Twitter denies reports of a data breach of 200 million users and says there is "no evidence" that the user data sold online was obtained by exploiting vulnerabilities in its systems.

Read: https://thehackernews.com/2023/01/twitter-denies-hacking-claims-assures.html

Researchers have uncovered details of a vulnerability in Google Chrome and Chromium-based browsers that could have potentially enabled hackers to steal sensitive information.

Read: https://thehackernews.com/2023/01/experts-detail-chromium-browser.html

Security researchers have uncovered multiple vulnerabilities in Siemens SIMATIC and SIPLUS S7-1500 PLCs. Attackers could exploit these flaws to stealthily install firmware and take control of the devices.

Read: https://thehackernews.com/2023/01/over-100-siemens-plc-models-found.html

Beware of IcedID malware - it's using attack techniques borrowed from other hackers to quickly compromise Active Directory domains.

Read: https://thehackernews.com/2023/01/icedid-malware-strikes-again-active.html

A vulnerability (CVE-2022-42475) in FortiOS SSL-VPN was exploited by hackers as a "zero-day" to attack governments and large organizations before Fortinet fixed it.

Details: https://thehackernews.com/2023/01/fortios-flaw-exploited-as-zero-day-in.html

Cybercriminals are now using polyglot and malicious JAR files to evade detection and spread Trojans like StrRAT and Ratty.

Read: https://thehackernews.com/2023/01/cybercriminals-using-polyglot-files-in.html

Beware of tainted VPN installers! They're being used to deliver a surveillanceware called "EyeSpy" as part of a malware campaign.

Read details: https://thehackernews.com/2023/01/beware-tainted-vpns-being-used-to.html

Most infections reported in Iran, with some in Germany and the US.

The French data protection watchdog has fined TikTok €5 million for failing to comply with cookie consent regulations.

Read: https://thehackernews.com/2023/01/tiktok-fined-54-million-by-french.html

Cisco has issued a warning about two vulnerabilities affecting EoL Small Business routers that will not be fixed.

Read: https://thehackernews.com/2023/01/cisco-issues-warning-for-unpatched.html

A proof-of-concept exploit is publicly available.

If you use Cacti for web-based monitoring, be sure to patch ASAP!

A critical vulnerability [CVE-2022-46169] is being actively exploited in the wild and a majority of internet-exposed servers have not been patched yet.

Read: https://thehackernews.com/2023/01/cacti-servers-under-attack-as-majority.html

⚡ New — DevOps platform CircleCI recently fell victim to a breach after an employee's laptop was hacked.

Read: https://thehackernews.com/2023/01/malware-attack-on-circleci-engineers.html

The attacker used #malware to steal 2FA-backed credentials to gain access to the company's systems.

A new backdoor has been discovered that borrows its features from the leaked CIA's Hive malware suite.

Read: https://thehackernews.com/2023/01/new-backdoor-created-using-leaked-cias.html

It spreads via F5 vulnerabilities and communicates with the C2 server via forged #Kaspersky certificates.

Don't fall for the trap of downloading cracked software.

Cybercriminals utilize a vast network of sites to distribute fake cracked software downloads, infecting users' systems with Raccoon and Vidar stealers.

Read: https://thehackernews.com/2023/01/raccoon-and-vidar-stealers-spreading.html

CISA has issued a warning about significant security weaknesses found in products from Industrial Control Systems (ICS) manufacturers such as Sewio, InHand Networks, Sauter Controls, Siemens, and other leading companies.

Read: https://thehackernews.com/2023/01/cisa-warns-for-flaws-affecting.html

Attention developers! Lolip0p, a threat actor, has uploaded rogue packages to the PyPI repository with the goal of dropping malware on compromised systems.

Read: https://thehackernews.com/2023/01/researchers-uncover-3-pypi-packages.html