Joint law enforcement operation cracks Exclu, an encrypted messaging app used by organized crime groups, resulting in 45 arrests, the seizure of €5.5 million, and massive haul of drugs, guns and phones.

Read: https://thehackernews.com/2023/02/encrypted-messaging-app-exclu-used-by.html

CERT-UA has issued a warning of cyber attacks targeting state authorities using a legitimate remote access software.

Read: https://thehackernews.com/2023/02/cert-ua-alerts-ukrainian-state.html

A Russian national pleaded guilty to money laundering and attempting to conceal funds obtained from Ryuk ransomware attacks.

Read: https://thehackernews.com/2023/02/russian-hacker-pleads-guilty-to-money.html

A Russia-linked threat actor has been spotted targeting Ukraine with a new information-stealing malware called Graphiron.

Read: https://thehackernews.com/2023/02/russian-hackers-using-graphiron-malware.html

A 20-year-old Sydney man has been sentenced for attempting to extort and defraud Optus customers by using their personal info obtained from a data breach.

Read: https://thehackernews.com/2023/02/sydney-man-sentenced-for-blackmailing.html

Multiple security flaws have been disclosed in open source and freemium Document Management Systems (DMS) from four vendors.

Researchers said the vulnerabilities offer a way for attackers to control the organization.

Read: https://thehackernews.com/2023/02/unpatched-security-flaws-disclosed-in.html

🚨 NIST has chosen Ascon, a family of authenticated 🔒 encryption and hashing algorithms, to be standardized for IoT and other lightweight electronics with limited resources.

Details: https://thehackernews.com/2023/02/nist-standardizes-ascon-cryptographic.html

OpenSSL project releases patches for multiple security flaws, including a high-severity vulnerability (CVE-2023-0286) in the widely used 🔒 encryption toolkit.

Details: https://thehackernews.com/2023/02/openssl-fixes-multiple-new-security.html

Gootkit malware is now targeting healthcare and financial organizations in the US, UK & Australia by using a new method of deployment that involves large payloads to avoid detection & post-infection frameworks Cobalt Strike & SystemBC.

https://thehackernews.com/2023/02/gootkit-malware-adopts-new-tactics-to.html

A new cyber threat group known as "NewsPenguin" has been linked to a phishing attack aimed at marine-related entities in Pakistan and using the PIMEC-23 conference as a lure to trick victims.

Details: https://thehackernews.com/2023/02/newspenguin-threat-actor-emerges-with.html

🔥 THN Webinar

Register now to secure your spot and gain a comprehensive understanding of cyber insurance protection, and new identity protection requirements.

Details: https://thehackernews.com/2023/02/thn-webinar-learn-how-to-comply-with.html

Alert: 38 security vulnerabilities found in Wireless Industrial IoT devices from 4 different vendors.

Hackers can exploit these flaws to gain access to internal OT networks and infiltrate critical infrastructure.

Read: https://thehackernews.com/2023/02/critical-infrastructure-at-risk-from.html

Reddit has suffered a security breach, with unidentified threat actors accessing internal documents, code, and some internal business systems.

Read: https://thehackernews.com/2023/02/reddit-suffers-security-breach-exposing.html

7 Russian nationals have been sanctioned by the governments of the United Kingdom and the United States for their involvement in the TrickBot, Ryuk, and Conti cybercrime operations.

Read: https://thehackernews.com/2023/02/uk-and-us-sanction-7-russians-for.html

North Korean hackers are conducting ransomware attacks against healthcare and critical infrastructure facilities to fund illicit activities.

Read: https://thehackernews.com/2023/02/north-korean-hackers-targeting.html

Researchers have uncovered four new malicious packages in the Python Package Index (PyPI) that sneak malware onto developers' systems and manipulate their SSH authorized_keys.

Read: https://thehackernews.com/2023/02/researchers-uncover-obfuscated.html

Researchers issue warning for latest threat to cryptocurrency users - Enigma malware, Vector stealer, and TgToxic trojan.

Read: https://thehackernews.com/2023/02/enigma-vector-and-tgtoxic-new-threats.html

Game of cat and mouse continues...

Following CISA's release of a decryption tool for ESXiArgs ransomware, cybercriminals have upgraded the malware to encrypt more data with stronger encryption methods.

Learn more: https://thehackernews.com/2023/02/new-esxiargs-ransomware-variant-emerges.html

Researchers are tracking a new financially motivated threat actor, TA866, which has been active since October 2022 and using custom hacking tools like WasabiSeed and Screenshotter to attack U.S. and German organizations.

Learn more: https://thehackernews.com/2023/02/hackers-targeting-us-and-german-firms.html

Chinese Tonto Team just suffered a defeat in their latest hack attempt on cybersecurity firm Group-IB.

Learn more: https://thehackernews.com/2023/02/chinese-tonto-team-hackers-second.html