Alert! PrivateLoader, a pay-per-install malware downloader service, is being used to distribute the information-stealing malware known as RisePro.

Read: https://thehackernews.com/2022/12/privateloader-ppi-service-found.html

GuLoader malware has upped its game, using advanced tactics to bypass security software.

Researchers have uncovered a 3-stage process where VBScript delivers shellcode within itself while performing anti-analysis checks.

Read: https://thehackernews.com/2022/12/guloader-malware-utilizing-new.html

Facebook has reached a settlement of $725 million in a lawsuit over the Cambridge Analytica data leak.

Read: https://thehackernews.com/2022/12/facebook-to-pay-725-million-to-settle.html

Alert! BlueNoroff APT hackers are using new techniques to bypass Windows' Mark of the Web protections, including the use of .ISO and .VHD file formats.

Read: https://thehackernews.com/2022/12/bluenoroff-apt-hackers-using-new-ways.html

Hackers are turning to malicious Excel add-in (.XLL) files as their initial attack vector, in response to Microsoft's decision to block VBA macros by default for Office files downloaded from the Internet .

https://thehackernews.com/2022/12/apt-hackers-turn-to-malicious-excel-add.html

BitKeep, a decentralized multi-chain cryptocurrency wallet, has confirmed a cyberattack that led to the distribution of fraudulent versions of its Android app, resulting in the theft of an estimated $9.9 million worth of digital assets.

https://thehackernews.com/2022/12/bitkeep-confirms-cyber-attack-loses.html

A new malvertising campaign has been discovered that targets people searching for popular #software. This campaign uses Google Ads to spread Trojanized variants that deploy malware, including Raccoon Stealer and Vidar.

Read: https://thehackernews.com/2022/12/new-malvertising-campaign-via-google.html

Thousands of Citrix ADC and Gateway endpoints have not yet been patched for two critical vulnerabilities (CVE-2022-27510 and CVE-2022-27518), leaving several organisations vulnerable to potential cyberattacks.

https://thehackernews.com/2022/12/thousands-of-citrix-servers-still.html

CISA has added two-year-old vulnerabilities in TIBCO Software's JasperReports product to its KEV catalog after discovering evidence of active exploitation by cybercriminals.

Read: https://thehackernews.com/2022/12/cisa-warns-of-active-exploitation-of.html

Google has agreed to pay $29.5 million to settle lawsuits brought by Indiana and Washington, D.C. over its "deceptive" location tracking practices.

Read: https://thehackernews.com/2023/01/google-to-pay-295-million-to-settle.html

A new strain of Linux malware is targeting WordPress sites, taking advantage of vulnerabilities in various plugins and themes to infiltrate and compromise vulnerable systems.

Read: https://thehackernews.com/2023/01/wordpress-security-alert-new-linux.html

PyTorch, a machine learning framework project, fell victim to a supply chain attack between Dec. 25 and Dec.30, 2022, involving a malicious dependency that affected users who downloaded the affected versions.

Read: https://thehackernews.com/2023/01/pytorch-machine-learning-framework.html

Chinese international students in the U.K. have been facing persistent scams for over a year by Chinese-speaking fraudsters belonging to a group called RedZei (also known as RedThief).

Read: https://thehackernews.com/2023/01/redzei-chinese-scammers-targeting.html

Raspberry Robin worm is targeting financial and insurance sectors in Europe, and has evolved its post-exploitation capabilities to resist analysis and collect more data from infected computers.

Read: https://thehackernews.com/2023/01/raspberry-robin-worm-evolves-to-attack.html

Attention: A new malware campaign has been detected using sensitive information stolen from a bank to trick people into downloading a remote access trojan called BitRAT.

Read: https://thehackernews.com/2023/01/hackers-using-stolen-bank-information.html

Synology has released security updates to address a critical RCE vulnerability (CVE-2022-43931) impacting VPN Plus Server that could be exploited to take over affected systems.

Read: https://thehackernews.com/2023/01/synology-releases-patch-for-critical.html

Attention Linux users! There is a new malware that has been created using the Shell Script Compiler (shc) and it is deploying a cryptocurrency miner on infected systems.

Read: https://thehackernews.com/2023/01/new-shc-based-linux-malware-targeting.html

Irish regulators have fined Meta a hefty $414 million for violating data protection laws by forcing Facebook and Instagram users to accept targeted ads.

Read: https://thehackernews.com/2023/01/irish-regulators-fine-facebook-414.html

Fortinet has identified a high-severity flaw in multiple versions of FortiADC.

Zoho also warns of an SQLi vulnerability affecting Access Manager Plus, PAM360 and Password Manager Pro.

Read details: https://thehackernews.com/2023/01/fortinet-and-zoho-urge-customers-to.html

Don't let Vidar malware take control of your device.

This sneaky stealer now uses throwaway accounts on social media platforms to retrieve the address of its C2 servers and steal information from compromised hosts.

Details: https://thehackernews.com/2023/01/the-evolving-tactics-of-vidar-stealer.html

A new feature-rich version of SpyNote Android spyware has been detected targeting financial institutions, including HSBC UK, Deutsche Bank, Kotak Mahindra Bank and Nubank.

Read: https://thehackernews.com/2023/01/spynote-strikes-again-android-spyware.html