⚡ New SH1MMER Chromebook exploit can unenroll 🔓 enterprise or school managed ChromeOS 💻 devices from admin control.

https://thehackernews.com/2023/02/new-sh1mmer-exploit-for-chromebook.html

Researchers discover new vulnerabilities in the ImageMagick image processing program that could lead to DoS (CVE-2022-44267) or arbitrary remote file leaks (CVE-2022-44268).

https://thehackernews.com/2023/02/researchers-uncover-new-bugs-in-popular.html

🚨 HeadCrab Alert! A new stealthy botnet malware that is undetectable by various antivirus solutions has infected over 1,200 Redis servers worldwide for illegal cryptocurrency mining.

Read: https://thehackernews.com/2023/02/new-threat-stealthy-headcrab-malware.html

North Korean Lazarus hacking group exploited unpatched Zimbra devices to invade healthcare research institutions, universities, and technology companies in various industries, including energy, research, and defense.

https://thehackernews.com/2023/02/north-korean-hackers-exploit-unpatched.html

Attention: Cyber criminals are actively exploiting known vulnerabilities in Oracle E-Business Suite (CVE-2022-21587) and SugarCRM (CVE-2023-22952) systems. Update now!

Read: https://thehackernews.com/2023/02/cisa-alert-oracle-e-business-suite-and.html

A new critical authentication vulnerability (CVE-2023-22501) has been discovered in Atlassian's Jira Service Management Server and Data Center products that could allow attackers to gain unauthorized access to vulnerable instances.

Read: https://thehackernews.com/2023/02/atlassians-jira-software-found.html

Iranian nation-state hacking group OilRig has increased its cyberattacks on Middle Eastern government organizations, wielding a backdoor with new data exfiltration capabilities.

Read: https://thehackernews.com/2023/02/iranian-oilrig-hackers-using-new.html

A new critical authentication #vulnerability (CVE-2023-22501) has been discovered in Atlassian's Jira Service Management Server and Data Center products that could allow attackers to gain unauthorized access to vulnerable instances.

Read: https://thehackernews.com/2023/02/atlassians-jira-software-found.html

Watch out! Microsoft OneNote documents are the latest weapon of choice for cybercriminals to spread malware.

From AsyncRAT to FormBook, the list of malware families delivered via OneNote attacks is growing rapidly.

Read: https://thehackernews.com/2023/02/post-macro-world-sees-rise-in-microsoft.html

Attention all ⚡ electric 🚗 vehicle owners!

Your charging station could be at risk of data theft and remote shutdown due to two newly disclosed security vulnerabilities.

Details: https://thehackernews.com/2023/02/is-your-ev-charging-station-safe-new.html

Alert: A new zero-day vulnerability in Fortra's GoAnywhere MFT application is being actively exploited, allowing remote code injection if the system is exposed to the public internet.

Read: https://thehackernews.com/2023/02/warning-hackers-actively-exploiting.html

PixPirate: New Android banking trojan is targeting financial institutions in Brazil using the PIX payments platform.

Read: https://thehackernews.com/2023/02/pixpirate-new-android-banking-trojan.html

OpenSSH releases update to fix multiple security bugs, including a pre-authentication double free vulnerability (CVE-2023-25136). Upgrade now!

Read: https://thehackernews.com/2023/02/openssh-releases-patch-for-new-pre-auth.html

Researchers have uncovered a #malvertising campaign that distributes virtualized . NET MalVirt loaders to evade detection and infect victims' computers with the FormBook malware that steals information.

Read: https://thehackernews.com/2023/02/formbook-malware-spreads-via.html

A nation-state hacker group from Iran sanctioned by US gov't has been linked to the cyberattack on French magazine Charlie Hebdo.

Read: https://thehackernews.com/2023/02/microsoft-iranian-nation-state-group.html

Researchers warn of an ongoing GuLoader malware campaign targeting e-commerce industries in South Korea, the US, Germany, Saudi Arabia, Taiwan and Japan, using NSIS executable files to load the malware.

Read: https://thehackernews.com/2023/02/guloader-malware-using-malicious-nsis.html

VMware found no evidence of a zero-day in its software as part of an ongoing ransomware attack spree. Most reports suggest known vulnerabilities in outdated products are being targeted.

Read: https://thehackernews.com/2023/02/vmware-finds-no-evidence-of-0-day-flaw.html

🔥 First-ever Linux variant of Clop ransomware has been spotted!

But do not panic, it uses a flawed encryption algorithm, so it is possible to reverse engineer the process.

Read: https://thehackernews.com/2023/02/linux-variant-of-clop-ransomware.html

Cyber Threat Alert 🚨

Hackers are taking advantage of Sunlogin remote desktop software vulnerabilities to carry out post-exploitation activities with the Sliver C2 framework.

Read: https://thehackernews.com/2023/02/hackers-exploit-vulnerabilities-in.html

Joint law enforcement operation cracks Exclu, an encrypted messaging app used by organized crime groups, resulting in 45 arrests, the seizure of €5.5 million, and massive haul of drugs, guns and phones.

Read: https://thehackernews.com/2023/02/encrypted-messaging-app-exclu-used-by.html