Researchers have released proof-of-concept exploit code for a high-severity security vulnerability (CVE-2022-34689) in the Windows CryptoAPI, which was discovered by the NSA and NCSC.

Read details: https://thehackernews.com/2023/01/researchers-release-poc-exploit-for.html

Researchers have identified a new Python-based malware that uses WebSockets for both command and control communication and data exfiltration.

Read details: https://thehackernews.com/2023/01/pyration-new-python-based-rat-utilizes.html

Google shuts down pro-Chinese influence operation DRAGONBRIDGE, with over 50,000 instances of activity dismantled in 2022.

Read: https://thehackernews.com/2023/01/google-takes-down-50000-instances-of.html

🔥 Victory against cybercrime!

International law enforcement agencies have taken down the infrastructure behind the HIVE ransomware-as-a-service operation in a joint effort across 13 countries.

Details: https://thehackernews.com/2023/01/hive-ransomware-infrastructure-seized.html

U.K.'s cybersecurity agency has issued a warning about cyberattacks by Russian & Iranian state-sponsored hacker groups targeting key sectors, including defense, government organizations & even academia, journalists, think tanks and activists.

https://thehackernews.com/2023/01/british-cyber-agency-warns-of-russian.html

PlugX just got sneakier!

Cybersecurity researchers uncover a new variant that infects attached USB media devices to spread the malware to other systems.

Read details: https://thehackernews.com/2023/01/researchers-discover-new-plugx-malware.html

Cybersecurity researchers have uncovered the true identity of the threat actor behind the Golden Chickens malware-as-a-service.

Read details: https://thehackernews.com/2023/01/experts-uncover-identity-of-mastermind.html

Ukraine is under attack from a new Golang-based data wiper malware called "SwiftSlicer." The attackers have been identified as Sandworm, a known nation-state group with ties to the Russian military.

Read: https://thehackernews.com/2023/01/ukraine-hit-with-new-golang-based.html

The Internet Systems Consortium (ISC) has released security patches for multiple new vulnerabilities in the BIND DNS software suite that could lead to a DoS condition and system failures.

Read: https://thehackernews.com/2023/01/isc-releases-security-patches-for-new.html

Microsoft urges customers to keep their servers up to date and implement additional security measures, such as enabling Windows Extended Protection & configuring certificate-based signing of #PowerShell serialization payloads.

Read: https://thehackernews.com/2023/01/microsoft-urges-customers-to-secure-on.html

Gootkit malware continues to evolve and become more sophisticated, with notable changes to the toolkit, adding new components and obfuscations to their infection chains.

Read: https://thehackernews.com/2023/01/gootkit-malware-continues-to-evolve.html

Urgent Alert — A critical RCE vulnerability in the Realtek Jungle SDK is being weaponized by attackers to hack IoT devices, with 134 MILLION exploitation attempts recorded in the past 2 months alone.

Read: https://thehackernews.com/2023/01/realtek-vulnerability-under-attack-134.html

Beware of the latest cyber threat🚨

Hackers are distributing a new Golang-based info stealer malware, known as Titan Stealer, through Telegram channels to other cybercriminals — that can steal browser credentials, crypto wallets, and more.

Read: https://thehackernews.com/2023/01/titan-stealer-new-golang-based.html

GitHub reports unauthorized access 💻👮‍♂️ to Desktop & Atom apps repositories, leading to exposure of encrypted 🔒 code-signing certificates.

Read details: https://thehackernews.com/2023/01/github-breach-hackers-stole-code.html

Don't risk losing your data!

QNAP has released security updates to address a critical vulnerability (CVE-2022-27596 / CVSS 9.8) in the NAS devices QTS 5.0.1 & QuTS hero h5.0.1 that can be used to inject arbitrary code.

Read: https://thehackernews.com/2023/01/qnap-fixes-critical-vulnerability-in.html

Think your EDR and antivirus have got you covered? Think again!

Researchers have uncovered a shellcode-based packer service that has been helping hackers hide their malware for the past 6 years, including Trickbot, Emotet, REvil, Formbook & AgentTesla.

https://thehackernews.com/2023/01/researchers-uncover-packer-that-helped.html

Two more supply chain vulnerabilities disclosed in AMI MegaRAC BMC software, affecting multiple server brands.

Read: https://thehackernews.com/2023/02/additional-supply-chain-vulnerabilities.html

Hackers abused Microsoft's "Verified Publisher" accounts to create malicious OAuth apps as part of a vicious scheme aimed at infiltrating organizations' cloud environments and stealing email.

https://thehackernews.com/2023/02/hackers-abused-microsofts-verified.html

Prilex POS malware has evolved to block contactless payments and force victims to use physical cards for transactions in order to steal payment information.

Read: https://thehackernews.com/2023/02/prilex-pos-malware-evolves-to-block.html

⚡ New SH1MMER Chromebook exploit can unenroll 🔓 enterprise or school managed ChromeOS 💻 devices from admin control.

https://thehackernews.com/2023/02/new-sh1mmer-exploit-for-chromebook.html