Microsoft urges customers to keep their servers up to date and implement additional security measures, such as enabling Windows Extended Protection & configuring certificate-based signing of #PowerShell serialization payloads.

Read: https://thehackernews.com/2023/01/microsoft-urges-customers-to-secure-on.html

Gootkit malware continues to evolve and become more sophisticated, with notable changes to the toolkit, adding new components and obfuscations to their infection chains.

Read: https://thehackernews.com/2023/01/gootkit-malware-continues-to-evolve.html

Urgent Alert — A critical RCE vulnerability in the Realtek Jungle SDK is being weaponized by attackers to hack IoT devices, with 134 MILLION exploitation attempts recorded in the past 2 months alone.

Read: https://thehackernews.com/2023/01/realtek-vulnerability-under-attack-134.html

Beware of the latest cyber threat🚨

Hackers are distributing a new Golang-based info stealer malware, known as Titan Stealer, through Telegram channels to other cybercriminals — that can steal browser credentials, crypto wallets, and more.

Read: https://thehackernews.com/2023/01/titan-stealer-new-golang-based.html

GitHub reports unauthorized access 💻👮‍♂️ to Desktop & Atom apps repositories, leading to exposure of encrypted 🔒 code-signing certificates.

Read details: https://thehackernews.com/2023/01/github-breach-hackers-stole-code.html

Don't risk losing your data!

QNAP has released security updates to address a critical vulnerability (CVE-2022-27596 / CVSS 9.8) in the NAS devices QTS 5.0.1 & QuTS hero h5.0.1 that can be used to inject arbitrary code.

Read: https://thehackernews.com/2023/01/qnap-fixes-critical-vulnerability-in.html

Think your EDR and antivirus have got you covered? Think again!

Researchers have uncovered a shellcode-based packer service that has been helping hackers hide their malware for the past 6 years, including Trickbot, Emotet, REvil, Formbook & AgentTesla.

https://thehackernews.com/2023/01/researchers-uncover-packer-that-helped.html

Two more supply chain vulnerabilities disclosed in AMI MegaRAC BMC software, affecting multiple server brands.

Read: https://thehackernews.com/2023/02/additional-supply-chain-vulnerabilities.html

Hackers abused Microsoft's "Verified Publisher" accounts to create malicious OAuth apps as part of a vicious scheme aimed at infiltrating organizations' cloud environments and stealing email.

https://thehackernews.com/2023/02/hackers-abused-microsofts-verified.html

Prilex POS malware has evolved to block contactless payments and force victims to use physical cards for transactions in order to steal payment information.

Read: https://thehackernews.com/2023/02/prilex-pos-malware-evolves-to-block.html

⚡ New SH1MMER Chromebook exploit can unenroll 🔓 enterprise or school managed ChromeOS 💻 devices from admin control.

https://thehackernews.com/2023/02/new-sh1mmer-exploit-for-chromebook.html

Researchers discover new vulnerabilities in the ImageMagick image processing program that could lead to DoS (CVE-2022-44267) or arbitrary remote file leaks (CVE-2022-44268).

https://thehackernews.com/2023/02/researchers-uncover-new-bugs-in-popular.html

🚨 HeadCrab Alert! A new stealthy botnet malware that is undetectable by various antivirus solutions has infected over 1,200 Redis servers worldwide for illegal cryptocurrency mining.

Read: https://thehackernews.com/2023/02/new-threat-stealthy-headcrab-malware.html

North Korean Lazarus hacking group exploited unpatched Zimbra devices to invade healthcare research institutions, universities, and technology companies in various industries, including energy, research, and defense.

https://thehackernews.com/2023/02/north-korean-hackers-exploit-unpatched.html

Attention: Cyber criminals are actively exploiting known vulnerabilities in Oracle E-Business Suite (CVE-2022-21587) and SugarCRM (CVE-2023-22952) systems. Update now!

Read: https://thehackernews.com/2023/02/cisa-alert-oracle-e-business-suite-and.html

A new critical authentication vulnerability (CVE-2023-22501) has been discovered in Atlassian's Jira Service Management Server and Data Center products that could allow attackers to gain unauthorized access to vulnerable instances.

Read: https://thehackernews.com/2023/02/atlassians-jira-software-found.html

Iranian nation-state hacking group OilRig has increased its cyberattacks on Middle Eastern government organizations, wielding a backdoor with new data exfiltration capabilities.

Read: https://thehackernews.com/2023/02/iranian-oilrig-hackers-using-new.html

A new critical authentication #vulnerability (CVE-2023-22501) has been discovered in Atlassian's Jira Service Management Server and Data Center products that could allow attackers to gain unauthorized access to vulnerable instances.

Read: https://thehackernews.com/2023/02/atlassians-jira-software-found.html

Watch out! Microsoft OneNote documents are the latest weapon of choice for cybercriminals to spread malware.

From AsyncRAT to FormBook, the list of malware families delivered via OneNote attacks is growing rapidly.

Read: https://thehackernews.com/2023/02/post-macro-world-sees-rise-in-microsoft.html

Attention all ⚡ electric 🚗 vehicle owners!

Your charging station could be at risk of data theft and remote shutdown due to two newly disclosed security vulnerabilities.

Details: https://thehackernews.com/2023/02/is-your-ev-charging-station-safe-new.html

Alert: A new zero-day vulnerability in Fortra's GoAnywhere MFT application is being actively exploited, allowing remote code injection if the system is exposed to the public internet.

Read: https://thehackernews.com/2023/02/warning-hackers-actively-exploiting.html