⚡ CISA Alerts - New security vulnerabilities found in Industrial Control Systems (ICS) from Siemens, GE Digital and Contec.

Read: https://thehackernews.com/2023/01/cisa-warns-of-flaws-in-siemens-ge.html

U.S. cybersecurity agency urges immediate action to protect against potential security breaches.

Attention Git users — Critical vulnerabilities have been identified in the Git source code version control system that could enable RCE attacks.

Read: https://thehackernews.com/2023/01/git-users-urged-to-update-software-to.html

Software updates have been released to address the issue. Don't wait, update now!

Network security alert!

New critical vulnerabilities have been found in Netcomm and TP-Link routers that could potentially lead to remote code execution attacks.

Read details: https://thehackernews.com/2023/01/critical-security-vulnerabilities.html

Update your router's firmware to the latest version to protect your network.

Researchers uncover a new wave of "BackdoorDiplomacy" malware attacks targeting Iranian government entities.

Read details: https://thehackernews.com/2023/01/iranian-government-entities-under.html

An ongoing cyber attack campaign, known as "Earth Bogle," is using geopolitical lures in combination with cloud storage, social media, and phishing emails to deliver the NjRAT trojan to victims in the Middle East and North Africa.

Read: https://thehackernews.com/2023/01/earth-bogle-campaign-unleashes-njrat.html

Buckle up, Mailchimp users!

Another security breach has hit the popular email marketing service, compromising over 100 customers' information through internal support and account admin tools.

Read details: https://thehackernews.com/2023/01/mailchimp-suffers-another-security.html

U.S. DoJ announces the arrest of Anatoly Legkodymov, the co-founder of Hong Kong-based #cryptocurrency exchange Bitzlato, for aiding criminals, including ransomware attackers and drug trafficking.

Read details: https://thehackernews.com/2023/01/bitzlato-crypto-exchange-founder.html

A new study by cybersecurity experts shows that analyzing metadata of malicious LNK files can elp identify relationships b/w threat actors.

Read: https://thehackernews.com/2023/01/new-research-delves-into-world-of.html

LNK files have become a popular method for initial access to deliver & execute malware payloads.

Another day, another vulnerability!

Researchers have uncovered a new vulnerability affecting multiple services related to Microsoft Azure, which could result in RCE attacks, data theft, and lateral movement within Azure services.

https://thehackernews.com/2023/01/new-microsoft-azure-vulnerability.html

Researchers are warning of a new Chinese #malware called "BOLDMOVE" that exploited a recently discovered vulnerability in Fortinet FortiOS SSL-VPN (CVE-2022-42475) as a zero-day to attack government entities & managed service providers.

https://thehackernews.com/2023/01/new-chinese-malware-spotted-exploiting.html

Big fines for WhatsApp!

Irish Data Protection Commission imposed a €5.5 million penalty for violating data protection laws when processing users' personal information.

Details: https://thehackernews.com/2023/01/whatsapp-hit-with-55-million-fine-for.html

Russian state-sponsored cyber espionage group Gamaredon is back and targeting Ukraine's military and law enforcement entities through Telegram.

Read: https://thehackernews.com/2023/01/gamaredon-group-launches-cyberattacks.html

Beware of 'Roaming Mantis' cybercriminals spreading an updated version of its mobile malware, called "Wroba", — it now hijacks DNS settings of connected Wi-Fi routers for malicious attacks.

Read details: https://thehackernews.com/2023/01/roaming-mantis-spreading-mobile-malware.html

Researchers have successfully shut down a large-scale AD fraud scheme known as VASTFLUX, which targeted a total of 11 million devices and involved over 1,700 spoofed apps.

Details: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html

New findings indicate that the Sliver C2 framework is gaining popularity among threat actors as a versatile alternative to traditional C2 tools such as Cobalt Strike and Metasploit.

Read details: https://thehackernews.com/2023/01/threat-actors-turn-to-sliver-as-open.html

Researchers report two vulnerabilities in Samsung's Galaxy Store app that could be exploited to secretly install malicious apps or redirect users to fake landing pages on the Internet.

Read details: https://thehackernews.com/2023/01/samsung-galaxy-store-app-found.html

Over the next few months, millions of people around the world will have access to end-to-end encrypted chats on Facebook Messenger, as well as access to new additional features.

Read details: https://thehackernews.com/2023/01/facebook-introduces-new-features-for.html

Apple has released updates for a security vulnerability in Webkit that affects older iPhone & iPad devices.

Read: https://thehackernews.com/2023/01/apple-issues-updates-for-older-devices.html

This vulnerability is currently being exploited, so it is important to update your device immediately.

Cybercriminals are always evolving their tactics, and the Emotet operation is no exception.

Emotet malware now using new tactics to fly under the radar and act as a conduit for other dangerous malware like Bumblebee and IcedID.

Read: https://thehackernews.com/2023/01/emotet-malware-makes-comeback-with-new.html

FBI has confirmed that the North Korean state-sponsored hacking group known as Lazarus Group and APT38 are responsible for the theft of $100 million in cryptocurrency assets from Harmony Horizon Bridge.

Details: https://thehackernews.com/2023/01/fbi-says-north-korean-hackers-behind.html