Iranian APT hackers have updated their malware arsenal with a new PowerShell-based implant—dubbed PowerLess Backdoor—that download additional payloads such as a keylogger and a data stealer.

Read: https://thehackernews.com/2022/02/iranian-hackers-using-new-powershell.html

Hackers behind Solarmarker information stealer and backdoor are now using novel registry tricks to establish long-term persistence on compromised systems.

Read details: https://thehackernews.com/2022/02/solarmarker-malware-uses-novel.html

A critical arbitrary code execution vulnerability has been reported in the WordPress plugin for Elementor, which is used by over a million websites.

Read details: https://thehackernews.com/2022/02/critical-bug-found-in-wordpress-plugin.html

Iranian APT hackers "Moses Staff" deploying a new Trojan—StrifeWater—in their ransomware operations, which collects system files, executes commands, captures screenshots, creates persistence, and downloads updates and add-on modules.

Details: https://thehackernews.com/2022/02/hacker-group-moses-staff-using-new.html

As many as 23 new high-severity vulnerabilities have been uncovered in various implementations of UEFI firmware from numerous vendors, including Bull Atos, Fujitsu, HP, Juniper Networks, Lenovo, and others.

Details: https://thehackernews.com/2022/02/dozens-of-security-flaws-discovered-in.html

A new wave of cyberattacks is targeting Palestinian activists and entities with politically-themed phishing emails and decoy documents.

Details: https://thehackernews.com/2022/02/new-wave-of-cyber-attacks-target.html

Microsoft warns users about a new variant of "UpdateAgent" malware that now infects Mac computers with adware.

Read: https://thehackernews.com/2022/02/new-variant-of-updateagent-malware.html

A new SEO Poisoning campaign is spreading trojanized versions of popular software utilities to infect victims' computers with BATLOADER and Atera Agent malware.

Read details: https://thehackernews.com/2022/02/new-seo-poisoning-campaign-distributing.html

Cisco has released security patches for several critical vulnerabilities affecting its Small Business RV series routers that could be exploited to elevate privileges and execute arbitrary code on affected systems.

Read details: https://thehackernews.com/2022/02/critical-flaws-discovered-in-cisco.html

Hackers are actively trying to exploit a new zero-day vulnerability in Zimbra's email platform to steal emails and spy on targets in the media and government.

Read details: https://thehackernews.com/2022/02/hackers-exploited-0-day-vulnerability.html

CISA warns of multiple vulnerabilities in Airspan Networks' Mimosa equipment that could be abused to execute remote code, trigger a DoS attack, and obtain sensitive information.

Read details: https://thehackernews.com/2022/02/cisa-warns-of-critical-vulnerabilities.html

The United States has indicted 6 India-based call centers and their directors for allegedly being involved in placing tens of millions of fraudulent calls that defrauded thousands of American consumers.

Read: https://thehackernews.com/2022/02/us-authorities-charge-6-indian-call.html

⚡After NSO, another Israeli company, 'QuaDream,' has been caught weaponizing iPhone bugs to deploy a spyware called 'Reign,' similar to Pegasus, on targeted devices.

Read details: https://thehackernews.com/2022/02/another-israeli-firm-quadream-caught.html

Microsoft shared more details about the tactics and techniques used by the Russian hacking group Gamaredon in cyberespionage attacks on various facilities in Ukraine over the past six months.

Details: https://thehackernews.com/2022/02/microsoft-uncovers-new-details-of.html

A new vulnerability (CVE-2022-24348) has been discovered in Argo CD, which is used by thousands of organizations globally, could let hackers steal sensitive information such as secrets, passwords, and API keys from Kubernetes apps.

Details: https://thehackernews.com/2022/02/new-argo-cd-bug-could-let-hackers-steal.html

CISA, the U.S. cybersecurity agency, has ordered all federal agencies to immediately and mandatorily secure their systems against an actively exploited vulnerability (CVE-2022-21882) in Microsoft Windows operating systems.

Details: https://thehackernews.com/2022/02/cisa-orders-federal-agencies-to-patch.html

Chinese state-backed Antlion APT hacker group is targeting financial institutions in Taiwan with a new stealth malware backdoor that allowed it to stay under the radar for at least 18 months.

Read details: https://thehackernews.com/2022/02/chinese-hackers-target-taiwanese.html

Systems hosting content pertaining to the National Games of China were hacked just a few days before the competition began.

Read details: https://thehackernews.com/2022/02/hackers-backdoored-systems-at-chinas.html

Earth Karkaddan hacker group has been targeting the Indian government and military with a new Android malware called "CapraRAT'' to steal information.

Details: https://thehackernews.com/2022/02/new-caprarat-android-malware-targets.html

Microsoft has temporarily disabled the MSIX ms-appinstaller protocol handler in Windows following evidence that a vulnerability in the component was exploited to deliver malware such as Emotet, TrickBot, and Bazaloader.

Details: https://thehackernews.com/2022/02/microsoft-temporarily-disables-msix-app.html