⚠️ MacOS Alert! MacStealer targeting Apple devices running macOS Catalina & later, M1/M2 CPUs.

The malware Telegram for C&C, stealing documents, browser cookies, iCloud keychain, passwords & credit card info.

Learn more: https://thehackernews.com/2023/03/new-macstealer-macos-malware-steals.html

Heads up, iPhone and iPad users! Apple has backported fixes for an actively exploited vulnerability (CVE-2023-23529) to older models.

Details: https://thehackernews.com/2023/03/apple-issues-urgent-security-update-for.html

Make sure to update to iOS 15.7.4 and iPadOS 15.7.4 ASAP to stay protected.

U.S. President Joe Biden signs an executive order restricting the use of commercial spyware by federal government agencies, citing security and counterintelligence risks.

Learn more: https://thehackernews.com/2023/03/president-biden-signs-executive-order.html

🚨 New phishing campaign targets European entities using Remcos RAT & Formbook via DBatLoader malware!

Read: https://thehackernews.com/2023/03/stealthy-dbatloader-malware-loader.html

DBatLoader exploits multi-layered obfuscated HTML & OneNote attachments, and leverages image steganography to evade detection engines.

New IcedID Lite and Forked malware variants discovered!

Threat actors pivot away from banking fraud functionality to focus on payload delivery, including #ransomware.

Learn more: https://thehackernews.com/2023/03/icedid-malware-shifts-focus-from.html

APT group SideCopy, known for targeting India & Afghanistan government agencies, has launched a new phishing campaign delivering Action RAT and AuTo Stealer.

Learn more: https://thehackernews.com/2023/03/pakistan-origin-sidecopy-linked-to-new.html

🚀 Microsoft unveils Security Copilot in preview! Powered by OpenAI's GPT-4, it offers end-to-end defense 🔒 at machine speed and scale.

Details here: https://thehackernews.com/2023/03/microsoft-introduces-gpt-4-ai-powered.html

APT43, a moderately-sophisticated cyber operator that supports North Korea's regime, engages in financially-motivated cybercrime to fund its operations.

Learn more: https://thehackernews.com/2023/03/north-korean-apt43-group-uses.html

🔥 New Chinese-linked #malware, Mélofée, threatens Linux servers!

Uncovered by ExaTrack, it enables remote control over servers and hides itself using kernel-mode rootkits.

Learn more: https://thehackernews.com/2023/03/melofee-researchers-uncover-new-linux.html

🚨 Google's TAG reveals commercial spyware vendors exploited zero-day vulnerabilities on Android & iOS devices last year.

Learn more: https://thehackernews.com/2023/03/spyware-vendors-caught-exploiting-zero.html

These highly targeted campaigns put dissidents, journalists, & human rights workers at risk.

Beware of 🦠 Trojanized TOR installers targeting Russia & Eastern Europe with clipper malware designed to steal cryptocurrencies.

Learn more: https://thehackernews.com/2023/03/trojanized-tor-browser-installers.html

⚠️ 🚨 Active supply chain attack targets popular voice and video conferencing software 3CX Desktop App, affecting hundreds of well-known brands and millions of users.

A multi-stage attack chain has been identified, beginning with a trojanized app and leading to a 3rd stage infostealer DLL, capable of targeting Google Chrome, Microsoft Edge, Brave, and Mozilla Firefox browsers.

Learn more: https://thehackernews.com/2023/03/3cx-desktop-app-targeted-in-supply.html

🚨 New cybersecurity threat! AlienFox, a highly modular & constantly evolving toolset distributed on Telegram, enables attackers to harvest API keys & secrets from popular cloud service providers like AWS, Google Workspace, and Microsoft 365.

Learn more: https://thehackernews.com/2023/03/alienfox-malware-targets-api-keys-and.html

🔥 A group of academics has uncovered a new fundamental flaw in IEEE 802.11 Wi-Fi protocol standard affecting Linux, FreeBSD, Android & iOS devices.

Read: https://thehackernews.com/2023/03/new-wi-fi-protocol-security-flaw.html

Hackers can hijack TCP connections or intercept web traffic, potentially executing a DoS attack.

RedGolf, a highly-likely Chinese state-sponsored threat group, is using a new custom backdoor called KEYPLUG to target multiple sectors, including US government entities.

Learn more: https://thehackernews.com/2023/03/chinese-redgolf-group-targeting-windows.html

Researchers reveal details on Super FabriXss, a high-risk vulnerability in Azure Service Fabric Explorer that can lead to unauthenticated RCE attacks on containers hosted on nodes.

Learn more: https://thehackernews.com/2023/03/researchers-detail-severe-super.html

3CX, has confirmed that multiple versions of its desktop app for Windows & macOS have been affected by a supply chain attack.

The attack appears to have compromised 3CX's software build pipeline.

Learn more: https://thehackernews.com/2023/03/3cx-supply-chain-attack-heres-what-we.html

Cyber Police of Ukraine, along with law enforcement officials from Czechia, have arrested several members of a cybercriminal gang that earned over $4.33 million in illicit profits through phishing scams.

Learn more: https://thehackernews.com/2023/03/cyber-police-of-ukraine-busted-phishing.html

Cyber espionage group Winter Vivern (aka TA473) targets officials in Europe and U.S. by exploiting unpatched Zimbra vulnerability in gov't webmail portals.

Learn more: https://thehackernews.com/2023/03/winter-vivern-apt-targets-european.html

🔥 WEBINAR | Become an Incident Response Pro!

Unlock the secrets to bulletproof incident Response – Master the 6-Phase process with Asaf Perlman, Cynet's IR Leader!

Don't Miss Out – Save Your Seat: https://thehackernews.com/2023/03/deep-dive-into-6-key-steps-to.html