Gootkit RAT, a framework notorious for delivering banking Trojan, has been spotted leveraging Search Engine Optimization (SEO) on compromised sites to distribute a wider range of malware, including ransomware payloads.

Read details here: https://thehackernews.com/2021/03/gootkit-rat-using-seo-to-distribute.html

A new version of the popular "unc0ver" jailbreaking tool supports iOS 14.3 and earlier releases—making it possible to unlock almost every iPhone model using an in-the-wild exploited vulnerability that Apple disclosed in January.

Details: https://thehackernews.com/2021/03/new-unc0ver-tool-can-jailbreak-all.html

Researchers unearth technical links between SunCrypt and QNAPCrypt ransomware, likely an updated version of the strain that went on to infect several targets last year.

https://thehackernews.com/2021/03/researchers-unearth-links-between.html

🔥 WARNING: Update Your Chrome Browser ASAP!

A new Chrome 0-day vulnerability has been found being actively exploited in the wild.
Read details — https://thehackernews.com/2021/03/new-chrome-0-day-bug-under-active.html
Besides this, latest Google Chrome update for Windows, macOS, and Linux patches a total of 47 flaws.

🔥 URGENT! Chinese hackers actively exploiting 4 new 0-day vulnerabilities affecting on-premises Microsoft Exchange servers to perpetrate data theft and install additional malware.

Read details here: https://thehackernews.com/2021/03/urgent-4-actively-exploited-0-day-flaws.html
Emergency patches released.

Researcher reveals details of a critical $50,000 vulnerability that could have allowed hackers to hijack any Microsoft account.

Read details: https://thehackernews.com/2021/03/a-50000-bug-couldve-allowed-hackers.html

Cybercriminals are now deploying ObliqueRAT malware under the guise of seemingly innocuous image files hosted on compromised websites.

Read details: https://thehackernews.com/2021/03/hackers-now-hiding-obliquerat-payload.html

CISA has issued an emergency directive warning of the "active exploitation" of multiple zero-day flaws reported in the Microsoft Exchange Server.

Read: https://thehackernews.com/2021/03/cisa-issues-emergency-directive-on-in.html

According to ESET, not just the Chinese HAFNIUM group but several cyber-espionage groups, including LuckyMouse, Tick, and Calypso, have been spotted exploiting these zero-day flaws

Cybersecurity firm Qualys got compromised, the company admitted.

Read: https://thehackernews.com/2021/03/extortion-gang-breaches-cybersecurity.html
A prolific extortion gang exploited Accellion File Transfer Appliance server vulnerability to steal sensitive data and posted some files on the darkweb as evidence.

⚡ Google will use 'FLoC' and 'FLEDGE' for Ad-targeting once 3rd-party cookies are dead, stopping trackers from serve ads based on your browsing history.

Learn how it works and also, some concerns about control, privacy, trust: https://thehackernews.com/2021/03/google-will-use-floc-for-ad-targeting.html

Everything You Need to Know About Evolving Threat of Ransomware

https://thehackernews.com/2021/02/everything-you-need-to-know-about.html
Cybersecurity world is constantly evolving to new forms of threats & vulnerabilities; but ransomware proves to be a different animal—most destructive & is showing no signs of slowing down.

🔥 FireEye and Microsoft researchers discover 3 new malware strains used by SolarWinds hackers, including a "sophisticated second-stage backdoor."

✅ GoldMax (aka SUNSHUTTLE)
✅ GoldFinder
✅ Sibot
Details — https://thehackernews.com/2021/03/researchers-find-3-new-malware-strains.html

Mazafaka Got Hacked!

In what's a case of hackers getting hacked, a prominent underground cybercrime forum has been compromised by unknown attackers, making it the fourth forum to have been breached since the start of the year.
Read more: https://thehackernews.com/2021/03/mazafaka-elite-hacking-and-cybercrime.html

(New) Researchers detail design flaws in Apple's crowdsourced Bluetooth location tracking system that could have led to location correlation attacks and unauthorized access to the location histories.

Read details: https://thehackernews.com/2021/03/bug-in-apples-find-my-feature-couldve.html

Multiple threat actors actively exploiting the recently disclosed Microsoft Exchange vulnerability and are believed to have infected over 30,000 businesses & government entities.

Learn everything we know so far about this massive cyberattack — https://thehackernews.com/2021/03/microsoft-exchange-cyber-attack-what-do.html

Researchers demonstrate the first microarchitectural side-channel attacks that leverage contention on the CPU ring interconnect against Intel CPUs, allowing malware to pilfer sensitive data from modern processors.

Read details: https://thehackernews.com/2021/03/malware-can-exploit-new-flaw-in-intel.html

Iranian hackers are leveraging another legitimate remote access software to actively spy on its targets from academia, government and tourism entities in the Middle East and neighboring regions.

Read more: https://thehackernews.com/2021/03/iranian-hackers-using-remote-utilities.html

🔥 PATCH! Apple has released out-of-band security updates for billions of devices running iOS, macOS, watchOS, and Safari browser to address a high-severity vulnerability (CVE-2021-1844) that could allow remote attackers to run arbitrary code on affected devices via malicious web content only.



Read: https://thehackernews.com/2021/03/apple-issues-patch-for-remote-hacking.html

European Banking Authority (EBA) disclosed it had also been targeted by hackers exploiting Microsoft Exchange server vulnerabilities.

Read details: https://thehackernews.com/2021/03/microsoft-exchange-hackers-also.html

The widespread cyberattack forced it to temporarily take its email systems offline as a precautionary measure.

WARNING: A new malware dropper distributes AlienBot Banker and MRAT #malware via Android apps on Google Play store, designed to let attackers gain intrusive access to victims' financial accounts as well as full control of their devices.

Read: https://thehackernews.com/2021/03/9-android-apps-on-google-play-caught.html