A "potentially destructive actor" aligned with the Iranian government is actively exploiting the known Log4j vulnerability to infect unpatched VMware Horizon servers with ransomware.

Read details: https://thehackernews.com/2022/02/iranian-hackers-targeting-vmware.html

A set of new Linux vulnerabilities have been discovered in Canonical's Snap for software packaging and deployment system, the most critical of which can be exploited to gain root privileges on targeted systems.

Read details: https://thehackernews.com/2022/02/new-linux-privilege-escalation-flaw.html

Researchers have found that several computers in SouthKorea are being attacked by a botnet called "PseudoManuscrypt" using the same spreading tactics as another malware called CryptBot.

Read details: https://thehackernews.com/2022/02/pseudomanuscrypt-malware-spreading-same.html

Microsoft warns of emerging 'Ice Phishing' threats targeting Web3, blockchain, DeFi, smart contracts and other decentralized technologies.

Read details: https://thehackernews.com/2022/02/microsoft-warns-of-ice-phishing-threat.html

WordPress pushes patch for a new high-severity vulnerability in UpdraftPlus, a popular backup plugin with over 3 million active installations, which can be weaponized to download affected sites private data.

Details: https://thehackernews.com/2022/02/critical-flaw-uncovered-in-wordpress.html

The U.S. cybersecurity agency CISA publishes a repository of free tools and services to help organizations detect, mitigate, and respond effectively to malicious attacks.

Details: https://thehackernews.com/2022/02/us-cybersecurity-agency-publishes-list.html

Researchers retrieve the master key to unlock files locked by the Hive ransomware by exploiting a vulnerability in its encryption algorithm.

Read details: https://thehackernews.com/2022/02/master-key-for-hive-ransomware.html

Hackers are using infected Android devices to register mass disposable accounts that can be abused by cybercriminals to create phone-verified accounts for fraud and other criminal activities.

Details: https://thehackernews.com/2022/02/hackers-exploit-bug-in-sms-verification.html

Researchers uncover details of a recent cyberattack that targeted Iranian State Broadcaster IRIB with an unidentified destructive wiper malware.

https://thehackernews.com/2022/02/iranian-state-broadcaster-irib-hits-by_21.html

Researchers discover a new Android banking malware — dubbed "Xenomorph" — that spreads via apps on the Google Play Store and is designed to target customers of dozens of European banks.

Read: https://thehackernews.com/2022/02/xenomorph-android-banking.html

Hackers are exploiting unpatched vulnerabilities in Internet-faced Microsoft SQL servers that to backdoor them using the Cobalt Strike hacking tool.

Read details: https://thehackernews.com/2022/02/hackers-backdoor-unpatched-microsoft.html

Chinese APT10 state-sponsored hackers carried out a sophisticated organized supply-chain attack on Taiwan's financial and securities trading sector.

Read details: https://thehackernews.com/2022/02/chinese-hackers-target-taiwans.html

Hackers took advantage of smart contract upgrade process on the OpenSea NFT marketplace to conduct a phishing attack against its users, resulting in the theft of approximately $1.7 million worth of virtual assets.

Read: https://thehackernews.com/2022/02/hackers-steal-17-million-worth-of-nfts.html

Researchers uncover 25 malicious JavaScript libraries that attackers distributed via the NPM package repository with the aim of stealing Discord tokens and environment variables from compromised systems.

Read details: https://thehackernews.com/2022/02/25-malicious-javascript-libraries.html

⚠️WARNING!

9-year-old UNPATCHED vulnerability has been uncovered in Horde webmail software that can be exploited to gain full access to email accounts simply by previewing attachments.

Details: https://thehackernews.com/2022/02/9-year-old-unpatched-email-hacking-bug.html

🔥 Chinese researchers reveal details of a 'top-tier' backdoor, dubbed "Bvp47," used by the Equation Group, an APT group linked to the U.S. National Security Agency's cyber-warfare intelligence unit.

Read details: https://thehackernews.com/2022/02/chinese-experts-uncover-details-of.html

Researchers discover similarities between the Dridex malware and a little-known ransomware strain called Entropy, suggesting that the operators continue their extortion operations under a different name.

Read details: https://thehackernews.com/2022/02/dridex-malware-deploying-entropy.html

⚡ U.S. and U.K. cybersecurity agencies have issued an urgent warning about a new Russian botnet malware⁠ — dubbed "Cyclops Blink"⁠ — which Sandworm hackers built from hacked firewall and router devices.

Details: https://thehackernews.com/2022/02/us-uk-agencies-warn-of-new-russian.html

U.S. cybersecurity agency CISA is warning companies about two actively exploited vulnerabilities affecting the widely used open-source Zabbix enterprise monitoring platform.

✅ CVE-2022-23131
✅ CVE-2022-23134

Details: https://thehackernews.com/2022/02/cisa-alerts-on-actively-exploited-flaws.html

Deadbolt ransomware malware is now targeting ASUSTOR's network-attached storage (NAS) devices.

Cybercriminals claim to be exploiting a zero-day vulnerability that the company is not aware of.

Read details: https://thehackernews.com/2022/02/warning-deadbolt-ransomware-targeting.html