Researchers warn of a new FUD office malware builder, called 'APOMacroSploit,' getting popular among cybercriminals and also unmasked the identity of hackers behind its development.

Read — https://t.co/rc6wffiz8t

HACKERS WANTED BY THE FBI !!!

The United States has charged 3 North Korean military hackers to steal and extort over $1.3 billion in cash and cryptocurrencies from financial institutions and businesses.
https://thehackernews.com/2021/02/us-charges-3-north-korean-hackers-over.html

🔥 First #malware tailored to run natively on Apple's M1 chips has been discovered in the wild.

Details: https://thehackernews.com/2021/02/first-malware-designed-for-apple-m1.html

(New) Microsoft discloses that SolarWinds hackers stole source code for some of its Azure, Exchange, and Intune components.

Details: https://thehackernews.com/2021/02/solarwinds-hackers-stole-some-source.html

Masslogger, an infamous credential stealer trojan, has been updated to steal all your credentials from Microsoft Outlook, Google Chrome, and instant messenger apps.

Read details: https://thehackernews.com/2021/02/masslogger-trojan-upgraded-to-steal-all.html

🔥 WATCH OUT !!!

A new hack lets criminals bypass PIN for Mastercard contactless cards by tricking terminals into believing it to be a Visa card.
Read about 'Card Brand Mixup Attack' here — https://thehackernews.com/2021/02/new-hack-lets-attackers-bypass.html

A privacy bug in Brave Browser exposes the Dark-Web browsing history of its users by sending queries for .onion domains to public internet DNS resolvers rather than routing them through Tor nodes.

https://thehackernews.com/2021/02/privacy-bug-in-brave-browser-exposes.html

Researchers disclose yet another malware that targets both Apple Macs running M1 and Intel processors, which has so far already infected nearly 30,000 systems.

Read details: https://thehackernews.com/2021/02/new-silver-sparrow-malware-infected.html

New evidence suggests Chinese hackers had access to an U.S-made hacking tool and some zero-day exploits years before the Shadow Brokers group disclosed them publicly.

Details: https://thehackernews.com/2021/02/chinese-hackers-had-access-to-us.html
APT31 repurposed them to attack U.S. targets between 2014 and 2017.

UNC2546 hackers exploited Accellion FTA's 0-day vulnerabilities to steal its targets' data in the recent extortion attacks.

Read details: https://thehackernews.com/2021/02/hackers-exploit-accellion-zero-days-in.html

Researchers demonstrate a novel class of 'Shadow' attacks that could let attackers hide in or replace the content of digitally signed PDF documents.

Read details: https://thehackernews.com/2021/02/shadow-attacks-let-attackers-replace.html

🔥 (New) Researchers developed a new attack framework that could let them learn what a targeted user is typing (keystrokes) during a video chat or live streaming solely by analyzing visible body movements.

Read details: https://thehackernews.com/2021/02/experts-find-way-to-learn-what-youre.html

With browser makers steadily clamping down on 3rd-party tracking, advertising tech companies are increasingly embracing DNS-based CNAME Cloaking technique to evade such defenses, thereby posing a threat to web security and privacy.

Details: https://thehackernews.com/2021/02/online-trackers-increasingly-switching.html

Ukraine says Russian spy hackers compromised its document management system of state bodies in a sophisticated supply-chain malware attack and attempted to infect Government officials.

https://thehackernews.com/2021/02/russian-hackers-targeted-ukraine.html

Researchers today unwrapped a new campaign aimed at #spying on Tibetan communities globally by deploying a malicious #Firefox extension on target systems.

https://thehackernews.com/2021/02/chinese-hackers-using-firefox-extension.html

Cisco releases patches for critical authentication bypass vulnerabilities affecting its ACI Multi-Site Orchestrator and App Services Engine; and a separate unauthenticated arbitrary file actions bug in NX-OS Software.



Read details: https://thehackernews.com/2021/02/cisco-releases-security-patches-for.html

A new study finds that malicious Alexa Skills can easily bypass Amazon's vetting process, designed to trick users into giving up sensitive information.

Read details: https://thehackernews.com/2021/02/alert-malicious-amazon-alexa-skills-can.html

In a new ongoing cyberespionage campaign, prolific North Korean state-sponsored hacking group 'Lazarus' has been spotted targeting defense companies with 'ThreatNeedle' malware.

Read: https://thehackernews.com/2021/02/north-korean-hackers-targeting-defense.html

SolarWinds executives blame an Intern for using the weak password 'solarwinds123' that went unnoticed for several years and eventually led to the largest supply-chain cyberattack of 2020.

https://thehackernews.com/2021/03/solarwinds-blame-intern-for-weak.html

Researchers find Chinese state-sponsored hackers targeted India's critical infrastructure amid geopolitical tensions, with 10 out of 12 targeted organizations from the Power Generation & Transmission sector.

Read: https://thehackernews.com/2021/03/chinese-hackers-targeted-indias-power.html