Systems hosting content pertaining to the National Games of China were hacked just a few days before the competition began.

Read details: https://thehackernews.com/2022/02/hackers-backdoored-systems-at-chinas.html

Earth Karkaddan hacker group has been targeting the Indian government and military with a new Android malware called "CapraRAT'' to steal information.

Details: https://thehackernews.com/2022/02/new-caprarat-android-malware-targets.html

Microsoft has temporarily disabled the MSIX ms-appinstaller protocol handler in Windows following evidence that a vulnerability in the component was exploited to deliver malware such as Emotet, TrickBot, and Bazaloader.

Details: https://thehackernews.com/2022/02/microsoft-temporarily-disables-msix-app.html

Microsoft finally disables Internet-based VBA macros by default in Office applications to prevent phishing and malware attacks.

Read details: https://thehackernews.com/2022/02/microsoft-disables-internet-macros-in.html

FluBot and Medusa, two separate Android banking trojans, join forces to use the same distribution network to launch simultaneous attacks.

Read details: https://thehackernews.com/2022/02/medusa-android-banking-trojan-spreading.html

Hackers behind the 'Roaming Mantis' malware for Android are now using smishing techniques to target European users.

Read: https://thehackernews.com/2022/02/roaming-mantis-android-malware.html

Researchers warn that PrivateLoader pay-per-install service is used by a number of malware families, such as SmokeLoader, RedLine Stealer, Vidar, Raccoon, and GCleaner, to expand their victim list.

Read details: https://thehackernews.com/2022/02/several-malware-families-using-pay-per.html

Hackers allied with Palestine are now using a new implant called "NimbleMamba" to attack Middle East governments, foreign policy think tanks, and a state-affiliated airline.

Read details: https://thehackernews.com/2022/02/palestinian-hackers-using-new.html

⚡February 2022 Patch Tuesday

Microsoft, Adobe, Android, Mozilla, Intel, SAP, Citrix and other major software companies release security updates to patch dozens of security vulnerabilities in their products.

Details — https://thehackernews.com/2022/02/microsoft-and-other-major-software.html

ESET's latest threat report shows Russian cyber espionage hacking groups are using COVID -19 lures to attack European diplomats.

Read: https://thehackernews.com/2022/02/russian-apt-hackers-used-covid-19-lures.html

A new Marlin backdoor was used by Iranian hackers in the "Out to Sea" cyberespionage campaigns.

https://thehackernews.com/2022/02/iranian-hackers-using-new-marlin.html

United States seizes $3.6 BILLION in cryptocurrency stolen during the 2016 Bitfinex hack and arrests a couple for conspiring to launder $4.5 billion worth of cryptocurrency.

Read: https://thehackernews.com/2022/02/us-arrests-two-and-seizes-36-million-in.html

WordPress plugin "PHP Everywhere" contains multiple critical RCE vulnerabilities, affecting more than 30,000 websites worldwide.

Read details: https://thehackernews.com/2022/02/critical-rce-flaws-in-php-everywhere.html

Russia cracks down on 4 dark web marketplaces ⁠— Ferum Shop, Sky-Fraud, Trump's Dumps, and UAS ⁠— specialize in the theft and sale of stolen credit cards.

https://thehackernews.com/2022/02/russia-cracks-down-on-4-dark-web.html

CISA, FBI, NSA & the cybersecurity agencies of Australia and the United Kingdom have issued a joint statement on the sharp increase in sophisticated RANSOMWARE attacks against critical infrastructure around the world.

Read: https://thehackernews.com/2022/02/cisa-fbi-nsa-issue-advisory-on-severe.html

Researchers uncover a new campaign of "FritzFrog," a Golang-based peer-to-peer botnet, attacking healthcare, education, and government sectors, and has already infected over 1,500 hosts within a month.

Read: https://thehackernews.com/2022/02/fritzfrog-p2p-botnet-attacking.html

Apple releases software updates to patch a new "actively exploited" 0-day vulnerability (CVE-2022-22620) in WebKit targeting iPhone, iPad, and Mac users.

Read details: https://thehackernews.com/2022/02/apple-releases-ios-ipados-macos-updates.html

French data protection authority has ruled that the use of "Google Analytics" violates the EU's General Data Protection Regulation (GDPR).

Details: https://thehackernews.com/2022/02/france-rules-that-using-google.html

Last week a German court found that embedding "Google Fonts" also violates GDPR.

Researchers uncover hacking attacks planting fabricated digital evidence on devices of human rights activists, human rights defenders, academics, and lawyers in India.

Read: https://thehackernews.com/2022/02/hackers-planted-fake-digital-evidence.html

Cybercriminals have been found exploiting a new critical zero-day vulnerability (CVE-2022-24086 / CVSS 9.8) in the Adobe Commerce and Magento e-commerce platforms — Patch your online shopping sites now.

Read details: https://thehackernews.com/2022/02/critical-magento-0-day-vulnerability.html

Multiple critical vulnerabilities have been discovered in Moxa MXview web-based industrial network management #software, some of which could be exploited by an unauthenticated attacker to execute remote code on unpatched servers.

Read: https://thehackernews.com/2022/02/critical-security-flaws-reported-in.html