Security researchers have uncovered multiple vulnerabilities in Siemens SIMATIC and SIPLUS S7-1500 PLCs. Attackers could exploit these flaws to stealthily install firmware and take control of the devices.

Read: https://thehackernews.com/2023/01/over-100-siemens-plc-models-found.html

Beware of IcedID malware - it's using attack techniques borrowed from other hackers to quickly compromise Active Directory domains.

Read: https://thehackernews.com/2023/01/icedid-malware-strikes-again-active.html

A vulnerability (CVE-2022-42475) in FortiOS SSL-VPN was exploited by hackers as a "zero-day" to attack governments and large organizations before Fortinet fixed it.

Details: https://thehackernews.com/2023/01/fortios-flaw-exploited-as-zero-day-in.html

Cybercriminals are now using polyglot and malicious JAR files to evade detection and spread Trojans like StrRAT and Ratty.

Read: https://thehackernews.com/2023/01/cybercriminals-using-polyglot-files-in.html

Beware of tainted VPN installers! They're being used to deliver a surveillanceware called "EyeSpy" as part of a malware campaign.

Read details: http://thehackernews.com/2023/01/beware-tainted-vpns-being-used-to.html

Most infections reported in Iran, with some in Germany and the US.

The French data protection watchdog has fined TikTok €5 million for failing to comply with cookie consent regulations.

Read: https://thehackernews.com/2023/01/tiktok-fined-54-million-by-french.html

Cisco has issued a warning about two vulnerabilities affecting EoL Small Business routers that will not be fixed.

Read: https://thehackernews.com/2023/01/cisco-issues-warning-for-unpatched.html

A proof-of-concept exploit is publicly available.

If you use Cacti for web-based monitoring, be sure to patch ASAP!

A critical vulnerability [CVE-2022-46169] is being actively exploited in the wild and a majority of internet-exposed servers have not been patched yet.

Read: https://thehackernews.com/2023/01/cacti-servers-under-attack-as-majority.html

⚡ New — DevOps platform CircleCI recently fell victim to a breach after an employee's laptop was hacked.

Read: https://thehackernews.com/2023/01/malware-attack-on-circleci-engineers.html

The attacker used #malware to steal 2FA-backed credentials to gain access to the company's systems.

A new backdoor has been discovered that borrows its features from the leaked CIA's Hive malware suite.

Read: https://thehackernews.com/2023/01/new-backdoor-created-using-leaked-cias.html

It spreads via F5 vulnerabilities and communicates with the C2 server via forged #Kaspersky certificates.

Don't fall for the trap of downloading cracked software.

Cybercriminals utilize a vast network of sites to distribute fake cracked software downloads, infecting users' systems with Raccoon and Vidar stealers.

Read: https://thehackernews.com/2023/01/raccoon-and-vidar-stealers-spreading.html

CISA has issued a warning about significant security weaknesses found in products from Industrial Control Systems (ICS) manufacturers such as Sewio, InHand Networks, Sauter Controls, Siemens, and other leading companies.

Read: https://thehackernews.com/2023/01/cisa-warns-for-flaws-affecting.html

Attention developers! Lolip0p, a threat actor, has uploaded rogue packages to the PyPI repository with the goal of dropping malware on compromised systems.

Read: https://thehackernews.com/2023/01/researchers-uncover-3-pypi-packages.html

🔥 Don't wait until it's too late!

Zoho ManageEngine users, patch your instances now to avoid falling victim to critical CVE-2022-47966 vulnerability.

Details: https://thehackernews.com/2023/01/zoho-manageengine-poc-exploit-to-be.html

Researchers are about to release PoC exploit code.

Researchers have demonstrated that GitHub Codespaces, a widely used development environment, can be abused by cybercriminals to distribute malware.

Read: https://thehackernews.com/2023/01/hackers-can-abuse-legitimate-github.html

Researchers have discovered severe SSRF vulnerabilities in 4 Microsoft Azure services, which could have potentially enabled cybercriminals to gain unauthorized access to critical cloud resources.

Read: https://thehackernews.com/2023/01/microsoft-azure-services-flaws-couldve.html

Unlock the power of automation to supercharge your SOC!

Learn about the 4 key phases for expanding coverage and how automation can shorten investigation and triage processes, and automatically respond to known threats.

Read: https://thehackernews.com/2023/01/4-places-to-supercharge-your-soc-with.html

⚡ CISA Alerts - New security vulnerabilities found in Industrial Control Systems (ICS) from Siemens, GE Digital and Contec.

Read: https://thehackernews.com/2023/01/cisa-warns-of-flaws-in-siemens-ge.html

U.S. cybersecurity agency urges immediate action to protect against potential security breaches.

Attention Git users — Critical vulnerabilities have been identified in the Git source code version control system that could enable RCE attacks.

Read: https://thehackernews.com/2023/01/git-users-urged-to-update-software-to.html

Software updates have been released to address the issue. Don't wait, update now!

Network security alert!

New critical vulnerabilities have been found in Netcomm and TP-Link routers that could potentially lead to remote code execution attacks.

Read details: https://thehackernews.com/2023/01/critical-security-vulnerabilities.html

Update your router's firmware to the latest version to protect your network.

Researchers uncover a new wave of "BackdoorDiplomacy" malware attacks targeting Iranian government entities.

Read details: https://thehackernews.com/2023/01/iranian-government-entities-under.html