Watch Out!

Now Android apps developers, both legit and malware, have also started capitalizing on coronavirus outbreak to rank high in Google Play Store with COVID2019 related keyword searches.

Read details: https://thehackernews.com/2020/03/coronavirus-covid-apps-android.html

Hackers used local news sites for watering-hole attacks targeting iPhone users with a sophisticated iOS spyware.

Details: https://thehackernews.com/2020/03/iphone-iOS-spyware.html

The topics used as lures were sex-related, clickbait-type headlines, as well as news related to COVID19 (coronavirus) disease.

Two groups of hackers exploit two zero-day vulnerabilities affecting enterprise-grade networking devices—switches, routers, VPN gateways—from DrayTek.

https://thehackernews.com/2020/03/draytek-network-hacking.html

Flaws were used in the wild to spy on network traffic at enterprises and install SSH/system backdoors.

Watch Out!

After coronavirus domains, experts find a massive surge in suspicious "Zoom" named domains in the last 7 days, potentially registered by hackers to exploit Zoom's overnight success in this pandemic time to spread malware.

Details: https://thehackernews.com/2020/03/zoom-video-coronavirus.html

⚠️ Breach Alert!

Hotel chain 'Marriott International' suffers a second massive data breach—this time exposing the personal information of up to 5.2 million guests.

https://thehackernews.com/2020/03/marriott-data-breach.html

Use Marriott's self-service portal to check whether you've been affected.

WARNING!

[New] Experts today uncovered an ongoing cyberattack campaign wherein hackers are compromising over 2000 #Microsoft SQL Servers every day to install secret backdoors or deploy malware, like cryptocurrency miners.

Details ➤ https://thehackernews.com/2020/04/backdoor-.html

Using Zoom On Windows?

⚠️Beware — a new unpatched 'UNC path injection' vulnerability in Zoom video conferencing software could let remote hackers steal your Windows login password.

Learn how ➤ https://thehackernews.com/2020/04/zoom-windows-password.html

~ 'MakeFrame' to 'MakeMoney' ~

In a new campaign, Magecart hackers have been found injecting iFrame-based JS skimmers into at least 19 websites to steal payment card data of their customers.

Read details ➤ http://thehackernews.com/2020/04/magecart-digital-skimmer.html

Amazing HACK!

Just visiting a site — not only malicious but any 'legit site unknowingly loading bad ads' as well — over Safari browser could have let remote hackers secretly access your iPhone or macbook camera or microphone.

Learn how ➤ https://thehackernews.com/2020/04/hacking-iphone-macbook-camera.html

Why is the Zoom video-conferencing app making so many negative headlines in cybersecurity?

Here's an excellent summary that tells everything you need to know about the debate over Zoom's privacy and cybersecurity.

Read ➤ https://thehackernews.com/2020/04/zoom-cybersecurity-hacking.html

Finally, Unveiled!

Here's how xHelper — a mysterious piece of Android malware that infected over 45,000 devices — reinstalls itself even after users delete it or factory reset their infected phones.

Learn how to remove it permanently ➤ https://thehackernews.com/2020/04/how-to-remove-xhelper-malware.html

Dark_Nexus — A new emerging IoT botnet malware spotted in the wild, designed to target 12 different CPU architectures.

Read details ➤ https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html

7 ways hackers and scammers are exploiting coronavirus panic for espionage and commercial gain.

— Malicious Apps
— Email Phishing
— SMS Phishing
— Ransomware
— Vulnerable Software
— Face Mask/Hand #Sanitizer Scams
— Discount Scams

Read: https://thehackernews.com/2020/04/cronavirus-hackers.html

Google & Apple are releasing a COVID__19 tracking tool that turns Android / iPhone into "contact-tracking device," aiming to alert people if they have recently been in contact with someone tested positive for coronavirus.

Learn how it works ➤ https://thehackernews.com/2020/04/iphone-android-coronavirus-tracing.html

With no conscience and empathy, cybercriminals are increasingly attacking critical healthcare, government and research facilities with ransomware and other malware during coronavirus pandemic.

Read details — https://thehackernews.com/2020/04/ransomware-hospitals-coronavirus.html

Dell releases a new behavior-based threat detection utility — SafeBIOS Events & Indicators of Attack — that alerts users when the BIOS settings of their computers undergo unusual changes indicating advanced persistent threats.

Read more: https://thehackernews.com/2020/04/dell-bios-protection.html

It's April 2020 Patch Tuesday!

Microsoft has released the latest Windows updates to patch a total of 113 new security vulnerabilities — 2 of which were also exploited as 0-day in the wild.

(CVE-2020-1020 and CVE-2020-0938)

Read details: https://thehackernews.com/2020/04/windows-patch-update.html

Watch Out!

Google has removed 49 new Chrome extensions from its official store—masqueraded as cryptocurrency 💰 wallets—after they get caught stealing secret keys 🔑 for users' wallets.

Read details: https://thehackernews.com/2020/04/chrome-cryptocurrency-extensions.html

U.S. Govt is now offering rewards of up to $5 MILLION to anyone who can share information on the past or ongoing hacking operations conducted by North Korean hackers.

The latest announcement has been issued as part of a comprehensive guide the U.S. agencies today released to help the international community, industries, and other governments defend against North Korea's illicit cyberspace activities.

the report aims to warn the world about 'significant cyber threat' posed by North Korean hackers to the global financial institutions, hacking which it generates revenue to fund weapons of mass destruction programs.

Read all details: https://thehackernews.com/2020/04/north-korea-hackers.html

Typosquatted 💎 Gems ALERT!

To target software developers, supply chain attackers distributed over 700 malicious libraries—written in Ruby #programming language—through the official RubyGems repository using typosquatting gems.

Details ➤ http://thehackernews.com/2020/04/rubygem-typosquatting-malware.html

Important:

CISA warns organizations that hackers could still access—and move laterally through—their networks even after if they have patched 'Pulse Secure VPN' #vulnerability (CVE-2019-11510) but didn't change passwords.

Read Details — https://thehackernews.com/2020/04/pulse-secure-vpn-vulnerability.html