ESET's latest threat report shows Russian cyber espionage hacking groups are using COVID -19 lures to attack European diplomats.

Read: https://thehackernews.com/2022/02/russian-apt-hackers-used-covid-19-lures.html

A new Marlin backdoor was used by Iranian hackers in the "Out to Sea" cyberespionage campaigns.

https://thehackernews.com/2022/02/iranian-hackers-using-new-marlin.html

United States seizes $3.6 BILLION in cryptocurrency stolen during the 2016 Bitfinex hack and arrests a couple for conspiring to launder $4.5 billion worth of cryptocurrency.

Read: https://thehackernews.com/2022/02/us-arrests-two-and-seizes-36-million-in.html

WordPress plugin "PHP Everywhere" contains multiple critical RCE vulnerabilities, affecting more than 30,000 websites worldwide.

Read details: https://thehackernews.com/2022/02/critical-rce-flaws-in-php-everywhere.html

Russia cracks down on 4 dark web marketplaces ⁠— Ferum Shop, Sky-Fraud, Trump's Dumps, and UAS ⁠— specialize in the theft and sale of stolen credit cards.

https://thehackernews.com/2022/02/russia-cracks-down-on-4-dark-web.html

CISA, FBI, NSA & the cybersecurity agencies of Australia and the United Kingdom have issued a joint statement on the sharp increase in sophisticated RANSOMWARE attacks against critical infrastructure around the world.

Read: https://thehackernews.com/2022/02/cisa-fbi-nsa-issue-advisory-on-severe.html

Researchers uncover a new campaign of "FritzFrog," a Golang-based peer-to-peer botnet, attacking healthcare, education, and government sectors, and has already infected over 1,500 hosts within a month.

Read: https://thehackernews.com/2022/02/fritzfrog-p2p-botnet-attacking.html

Apple releases software updates to patch a new "actively exploited" 0-day vulnerability (CVE-2022-22620) in WebKit targeting iPhone, iPad, and Mac users.

Read details: https://thehackernews.com/2022/02/apple-releases-ios-ipados-macos-updates.html

French data protection authority has ruled that the use of "Google Analytics" violates the EU's General Data Protection Regulation (GDPR).

Details: https://thehackernews.com/2022/02/france-rules-that-using-google.html

Last week a German court found that embedding "Google Fonts" also violates GDPR.

Researchers uncover hacking attacks planting fabricated digital evidence on devices of human rights activists, human rights defenders, academics, and lawyers in India.

Read: https://thehackernews.com/2022/02/hackers-planted-fake-digital-evidence.html

Cybercriminals have been found exploiting a new critical zero-day vulnerability (CVE-2022-24086 / CVSS 9.8) in the Adobe Commerce and Magento e-commerce platforms — Patch your online shopping sites now.

Read details: https://thehackernews.com/2022/02/critical-magento-0-day-vulnerability.html

Multiple critical vulnerabilities have been discovered in Moxa MXview web-based industrial network management #software, some of which could be exploited by an unauthenticated attacker to execute remote code on unpatched servers.

Read: https://thehackernews.com/2022/02/critical-security-flaws-reported-in.html

Google has released an update for its Chrome web browser for Windows, Mac, and Linux users that patches multiple new security vulnerabilities, one of which is being actively exploited in the wild.

Read details: https://thehackernews.com/2022/02/new-chrome-0-day-bug-under-active.html

A new variant of the MyloBot malware spreading malicious payloads used to send sextortion emails demanding $2,732 in digital currency from victims.

Read: https://thehackernews.com/2022/02/new-mylobot-malware-variant-sends.html

Researchers detail the inner workings of ShadowPad, a modular backdoor that has been adopted by a growing number of Chinese hacker groups in recent years, while also linking it to the country's civilian and military intelligence agencies.

Read: https://thehackernews.com/2022/02/researchers-link-shadowpad-malware.html

Facebook has agreed to pay $90 million to settle a decade-old privacy breach lawsuit that accused the company of using web cookies to track users' Internet activity even after they logged off the platform.

Details: https://thehackernews.com/2022/02/facebook-agrees-to-pay-90-million-to.html

A new high-severity vulnerability (CVE-2021-44521) has been reported in the popular distributed NoSQL database software Apache Cassandra, which, if left unfixed, could lead to RCE attacks on affected installations.

Details: https://thehackernews.com/2022/02/high-severity-rce-security-bug-reported.html

European Union's data protection authority called for a ban on the development and use of Pegasus-like commercial spyware in the region.

Read details: https://thehackernews.com/2022/02/eu-data-protection-watchdog-calls-for.html

Trickbot malware has targeted the customers of 60 high-profile companies since 2020, including cryptocurrency platforms.

Details: https://thehackernews.com/2022/02/trickbot-malware-targeted-customers-of.html

U.S. government agencies FBI, NSA, CISA release joint advisory accusing state-sponsored Russian hackers of regularly attacking several U.S. cleared defense contractors to steal proprietary documents and other confidential information.

https://thehackernews.com/2022/02/us-says-russian-hackers-stealing.html