Linux sysadmins, beware!

Hackers are exploiting a critical RCE vulnerability in Control Web Panel (CWP) to gain elevated privileges on web servers.

Read: https://thehackernews.com/2023/01/alert-hackers-actively-exploiting.html

Patch your servers ASAP!

Twitter denies reports of a data breach of 200 million users and says there is "no evidence" that the user data sold online was obtained by exploiting vulnerabilities in its systems.

Read: https://thehackernews.com/2023/01/twitter-denies-hacking-claims-assures.html

Researchers have uncovered details of a vulnerability in Google Chrome and Chromium-based browsers that could have potentially enabled hackers to steal sensitive information.

Read: https://thehackernews.com/2023/01/experts-detail-chromium-browser.html

Security researchers have uncovered multiple vulnerabilities in Siemens SIMATIC and SIPLUS S7-1500 PLCs. Attackers could exploit these flaws to stealthily install firmware and take control of the devices.

Read: https://thehackernews.com/2023/01/over-100-siemens-plc-models-found.html

Beware of IcedID malware - it's using attack techniques borrowed from other hackers to quickly compromise Active Directory domains.

Read: https://thehackernews.com/2023/01/icedid-malware-strikes-again-active.html

A vulnerability (CVE-2022-42475) in FortiOS SSL-VPN was exploited by hackers as a "zero-day" to attack governments and large organizations before Fortinet fixed it.

Details: https://thehackernews.com/2023/01/fortios-flaw-exploited-as-zero-day-in.html

Cybercriminals are now using polyglot and malicious JAR files to evade detection and spread Trojans like StrRAT and Ratty.

Read: https://thehackernews.com/2023/01/cybercriminals-using-polyglot-files-in.html

Beware of tainted VPN installers! They're being used to deliver a surveillanceware called "EyeSpy" as part of a malware campaign.

Read details: https://thehackernews.com/2023/01/beware-tainted-vpns-being-used-to.html

Most infections reported in Iran, with some in Germany and the US.

The French data protection watchdog has fined TikTok €5 million for failing to comply with cookie consent regulations.

Read: https://thehackernews.com/2023/01/tiktok-fined-54-million-by-french.html

Cisco has issued a warning about two vulnerabilities affecting EoL Small Business routers that will not be fixed.

Read: https://thehackernews.com/2023/01/cisco-issues-warning-for-unpatched.html

A proof-of-concept exploit is publicly available.

If you use Cacti for web-based monitoring, be sure to patch ASAP!

A critical vulnerability [CVE-2022-46169] is being actively exploited in the wild and a majority of internet-exposed servers have not been patched yet.

Read: https://thehackernews.com/2023/01/cacti-servers-under-attack-as-majority.html

⚡ New — DevOps platform CircleCI recently fell victim to a breach after an employee's laptop was hacked.

Read: https://thehackernews.com/2023/01/malware-attack-on-circleci-engineers.html

The attacker used #malware to steal 2FA-backed credentials to gain access to the company's systems.

A new backdoor has been discovered that borrows its features from the leaked CIA's Hive malware suite.

Read: https://thehackernews.com/2023/01/new-backdoor-created-using-leaked-cias.html

It spreads via F5 vulnerabilities and communicates with the C2 server via forged #Kaspersky certificates.

Don't fall for the trap of downloading cracked software.

Cybercriminals utilize a vast network of sites to distribute fake cracked software downloads, infecting users' systems with Raccoon and Vidar stealers.

Read: https://thehackernews.com/2023/01/raccoon-and-vidar-stealers-spreading.html

CISA has issued a warning about significant security weaknesses found in products from Industrial Control Systems (ICS) manufacturers such as Sewio, InHand Networks, Sauter Controls, Siemens, and other leading companies.

Read: https://thehackernews.com/2023/01/cisa-warns-for-flaws-affecting.html

Attention developers! Lolip0p, a threat actor, has uploaded rogue packages to the PyPI repository with the goal of dropping malware on compromised systems.

Read: https://thehackernews.com/2023/01/researchers-uncover-3-pypi-packages.html

🔥 Don't wait until it's too late!

Zoho ManageEngine users, patch your instances now to avoid falling victim to critical CVE-2022-47966 vulnerability.

Details: https://thehackernews.com/2023/01/zoho-manageengine-poc-exploit-to-be.html

Researchers are about to release PoC exploit code.

Researchers have demonstrated that GitHub Codespaces, a widely used development environment, can be abused by cybercriminals to distribute malware.

Read: https://thehackernews.com/2023/01/hackers-can-abuse-legitimate-github.html

Researchers have discovered severe SSRF vulnerabilities in 4 Microsoft Azure services, which could have potentially enabled cybercriminals to gain unauthorized access to critical cloud resources.

Read: https://thehackernews.com/2023/01/microsoft-azure-services-flaws-couldve.html

Unlock the power of automation to supercharge your SOC!

Learn about the 4 key phases for expanding coverage and how automation can shorten investigation and triage processes, and automatically respond to known threats.

Read: https://thehackernews.com/2023/01/4-places-to-supercharge-your-soc-with.html