Chinese-speaking actor behind DragonSpark attacks targeting organizations in East Asia using Golang malware and unusual techniques to evade detection.

Read details: https://thehackernews.com/2023/01/chinese-hackers-utilize-golang-malware.html

VMware releases patch for 4 vulnerabilities in vRealize Log Insight, including 2 critical flaws (CVE-2022-31706 and CVE-2022-31704) that could lead to remote code execution attacks.

Read details: https://thehackernews.com/2023/01/vmware-releases-patches-for-critical.html

LastPass’ parent company GoTo (formerly LogMeIn) has experienced a data breach in which cybercriminals stole customers' encrypted backups and an encryption key used to secure data for some customers.

Read: https://thehackernews.com/2023/01/lastpass-parent-company-goto-suffers.html

North Korean group APT38 is targeting cryptocurrency holders by using credential harvesting as a new weapon in its quest for crypto riches.

Read details: https://thehackernews.com/2023/01/north-korean-hackers-turn-to-credential.html

Warning: A massive malware campaign has infected more than 4,500 WordPress websites and is redirecting their visitors to sketchy ad pages.

Read: https://thehackernews.com/2023/01/over-4500-wordpress-sites-hacked-to.html

Keep your website secure and always be cautious of suspicious links.

ALERT: Two federal agencies in the U.S. have fallen victim to a widespread malicious campaign using RMM software for phishing scams.

Read details: https://thehackernews.com/2023/01/us-federal-agencies-fall-victim-to.html

New research has uncovered connections between the operations of Moses Staff and Abraham's Ax, two politically motivated hacktivist groups.

Read details: https://thehackernews.com/2023/01/researchers-uncover-connection-bw-moses.html

Researchers have released proof-of-concept exploit code for a high-severity security vulnerability (CVE-2022-34689) in the Windows CryptoAPI, which was discovered by the NSA and NCSC.

Read details: https://thehackernews.com/2023/01/researchers-release-poc-exploit-for.html

Researchers have identified a new Python-based malware that uses WebSockets for both command and control communication and data exfiltration.

Read details: https://thehackernews.com/2023/01/pyration-new-python-based-rat-utilizes.html

Google shuts down pro-Chinese influence operation DRAGONBRIDGE, with over 50,000 instances of activity dismantled in 2022.

Read: https://thehackernews.com/2023/01/google-takes-down-50000-instances-of.html

🔥 Victory against cybercrime!

International law enforcement agencies have taken down the infrastructure behind the HIVE ransomware-as-a-service operation in a joint effort across 13 countries.

Details: https://thehackernews.com/2023/01/hive-ransomware-infrastructure-seized.html

U.K.'s cybersecurity agency has issued a warning about cyberattacks by Russian & Iranian state-sponsored hacker groups targeting key sectors, including defense, government organizations & even academia, journalists, think tanks and activists.

https://thehackernews.com/2023/01/british-cyber-agency-warns-of-russian.html

PlugX just got sneakier!

Cybersecurity researchers uncover a new variant that infects attached USB media devices to spread the malware to other systems.

Read details: https://thehackernews.com/2023/01/researchers-discover-new-plugx-malware.html

Cybersecurity researchers have uncovered the true identity of the threat actor behind the Golden Chickens malware-as-a-service.

Read details: https://thehackernews.com/2023/01/experts-uncover-identity-of-mastermind.html

Ukraine is under attack from a new Golang-based data wiper malware called "SwiftSlicer." The attackers have been identified as Sandworm, a known nation-state group with ties to the Russian military.

Read: https://thehackernews.com/2023/01/ukraine-hit-with-new-golang-based.html

The Internet Systems Consortium (ISC) has released security patches for multiple new vulnerabilities in the BIND DNS software suite that could lead to a DoS condition and system failures.

Read: https://thehackernews.com/2023/01/isc-releases-security-patches-for-new.html

Microsoft urges customers to keep their servers up to date and implement additional security measures, such as enabling Windows Extended Protection & configuring certificate-based signing of #PowerShell serialization payloads.

Read: https://thehackernews.com/2023/01/microsoft-urges-customers-to-secure-on.html

Gootkit malware continues to evolve and become more sophisticated, with notable changes to the toolkit, adding new components and obfuscations to their infection chains.

Read: https://thehackernews.com/2023/01/gootkit-malware-continues-to-evolve.html

Urgent Alert — A critical RCE vulnerability in the Realtek Jungle SDK is being weaponized by attackers to hack IoT devices, with 134 MILLION exploitation attempts recorded in the past 2 months alone.

Read: https://thehackernews.com/2023/01/realtek-vulnerability-under-attack-134.html

Beware of the latest cyber threat🚨

Hackers are distributing a new Golang-based info stealer malware, known as Titan Stealer, through Telegram channels to other cybercriminals — that can steal browser credentials, crypto wallets, and more.

Read: https://thehackernews.com/2023/01/titan-stealer-new-golang-based.html

GitHub reports unauthorized access 💻👮‍♂️ to Desktop & Atom apps repositories, leading to exposure of encrypted 🔒 code-signing certificates.

Read details: https://thehackernews.com/2023/01/github-breach-hackers-stole-code.html