Microsoft fended off a record-breaking DDoS attack that hit Azure customers at a peak of 3.47 terabits per second, and two others that topped 2.4 terabits per second.

Read details: https://thehackernews.com/2022/01/microsoft-mitigated-record-breaking-347.html

North Korean hackers are back with a stealthier version of their KONNI RAT malware.

Read details: https://thehackernews.com/2022/01/north-korean-hackers-return-with.html

North Korean hackers from the Lazarus group are using Windows Update Service to infect computers with malware and GitHub as a command-and-control server.

Read details: https://thehackernews.com/2022/01/north-korean-hackers-using-windows.html

Microsoft warns of a large-scale, multi-stage phishing campaign that uses stolen credentials to register rouge devices on a victim's network to further propagate spam emails and increase the infection pool.

Read details: https://thehackernews.com/2022/01/hackers-using-device-registration-trick.html

DeepDotWeb news site operator has been sentenced to 8 years in prison for money laundering and advertising illegal darknet marketplaces.

Details: https://thehackernews.com/2022/01/deepdotweb-news-site-operator-sentenced.html

Apple pays a $100,500 bug bounty to a hacker who found a way to remotely hack the MacBook's webcam.

Read details: https://thehackernews.com/2022/01/apple-pays-100500-bounty-to-hacker-who.html

Researchers have found a way to use natural silk fibers from domesticated silkworms as a Physical Unclonable Function (PUF) to generate secure and unique identifiers for strong authentication (e.g., cryptographic keys).

Read details: https://thehackernews.com/2022/01/researchers-use-natural-silk-fibers-to.html

German court rules that websites embedding fonts from Google servers violate GDPR, and must pay €100 in damages for passing a user's personal data — i.e. IP address — to Google without consent.

Read details: https://thehackernews.com/2022/01/german-court-rules-websites-embedding.html

Researchers have demonstrated a new type of fingerprinting technique — DrawnApart — that exploits a machine's graphics processing unit (GPU) as a means to track users across the Internet.

Read details: https://thehackernews.com/2022/01/your-graphics-card-fingerprint-can-be.html

🔥 A newly discovered vulnerability (CVE-2021-44142 / CVSS 9.9) affecting all versions of Samba could allow remote attackers to execute arbitrary code with root privileges on affected installations.

Details: https://thehackernews.com/2022/01/new-samba-bug-allows-remote-attackers.html

Researchers have uncovered details of a new malware campaign targeting private companies and government entities in Turkey with malicious PDFs, XLS files, and Windows executables.

Read details: https://thehackernews.com/2022/01/researchers-uncover-new-iranian-hacking.html

Ukraine continues to face cyber-espionage attacks from Russian hackers.

https://thehackernews.com/2022/02/ukraine-continues-to-face-cyber.html

Iranian APT hackers have updated their malware arsenal with a new PowerShell-based implant—dubbed PowerLess Backdoor—that download additional payloads such as a keylogger and a data stealer.

Read: https://thehackernews.com/2022/02/iranian-hackers-using-new-powershell.html

Hackers behind Solarmarker information stealer and backdoor are now using novel registry tricks to establish long-term persistence on compromised systems.

Read details: https://thehackernews.com/2022/02/solarmarker-malware-uses-novel.html

A critical arbitrary code execution vulnerability has been reported in the WordPress plugin for Elementor, which is used by over a million websites.

Read details: https://thehackernews.com/2022/02/critical-bug-found-in-wordpress-plugin.html

Iranian APT hackers "Moses Staff" deploying a new Trojan—StrifeWater—in their ransomware operations, which collects system files, executes commands, captures screenshots, creates persistence, and downloads updates and add-on modules.

Details: https://thehackernews.com/2022/02/hacker-group-moses-staff-using-new.html

As many as 23 new high-severity vulnerabilities have been uncovered in various implementations of UEFI firmware from numerous vendors, including Bull Atos, Fujitsu, HP, Juniper Networks, Lenovo, and others.

Details: https://thehackernews.com/2022/02/dozens-of-security-flaws-discovered-in.html

A new wave of cyberattacks is targeting Palestinian activists and entities with politically-themed phishing emails and decoy documents.

Details: https://thehackernews.com/2022/02/new-wave-of-cyber-attacks-target.html

Microsoft warns users about a new variant of "UpdateAgent" malware that now infects Mac computers with adware.

Read: https://thehackernews.com/2022/02/new-variant-of-updateagent-malware.html

A new SEO Poisoning campaign is spreading trojanized versions of popular software utilities to infect victims' computers with BATLOADER and Atera Agent malware.

Read details: https://thehackernews.com/2022/02/new-seo-poisoning-campaign-distributing.html

Cisco has released security patches for several critical vulnerabilities affecting its Small Business RV series routers that could be exploited to elevate privileges and execute arbitrary code on affected systems.

Read details: https://thehackernews.com/2022/02/critical-flaws-discovered-in-cisco.html