U.S. cybersecurity agency CISA is warning companies about two actively exploited vulnerabilities affecting the widely used open-source Zabbix enterprise monitoring platform.

✅ CVE-2022-23131
✅ CVE-2022-23134

Details: https://thehackernews.com/2022/02/cisa-alerts-on-actively-exploited-flaws.html

Deadbolt ransomware malware is now targeting ASUSTOR's network-attached storage (NAS) devices.

Cybercriminals claim to be exploiting a zero-day vulnerability that the company is not aware of.

Read details: https://thehackernews.com/2022/02/warning-deadbolt-ransomware-targeting.html

Researchers share latest findings on TrickBot malware campaign, suggesting that the group is probably switching its operations to move to a new malware.

Read details: https://thehackernews.com/2022/02/trickbot-gang-likely-shifting.html

A set of 4 new vulnerabilities have been discovered in Cisco's NX-OS network operating system for switches that attackers can exploit to take control of affected systems.

https://thehackernews.com/2022/02/new-flaws-discovered-in-ciscos-network.html

Affected organizations are advised to apply latest patches ASAP.

A set of 4 new vulnerabilities have been discovered in Cisco's NX-OS network operating system for switches that attackers can exploit to take control of affected systems.

https://thehackernews.com/2022/02/new-flaws-discovered-in-ciscos-network.html

Affected organizations are advised to apply latest patches ASAP.

Notorious Trickbot malware group has officially shut down its botnet infrastructure after reports of its imminent retirement amid a lull in its activity for almost two months.

Read details: https://thehackernews.com/2022/02/notorious-trickbot-malware-gang-shuts.html

Russian government warns domestic critical infrastructure operators of potential cyberattacks as the country's invasion of Ukraine enters its second day.

Read: https://thehackernews.com/2022/02/putin-warns-russian-critical.html

Researchers discover a new stealth malware, dubbed SockDetour, that operates filelessly and socketlessly on compromised systems and serves as a backup backdoor in case the primary one is removed.

Read details: https://thehackernews.com/2022/02/new-sockdetour-fileless-socketless.html

Government-sponsored hackers are not the only ones targeting the Ukraine with DDoS, malware, and phishing attacks, but cybercriminals have also gotten involved and begun to take sides in the Russia-Ukraine War.

https://thehackernews.com/2022/02/russia-ukraine-war-phishing-malware-and.html

WARNING: A new malware is spreading via some game apps on Microsoft Store and hijacks victims' social media accounts for malicious promotions and click fraud attacks.

Read details — https://thehackernews.com/2022/02/social-media-hijacking-malware.html

Mandiant researchers have identified two new malware — GRAMDOOR and STARWHALE — used by Iranian cyberespionage hackers; one of them uses the Telegram API to remotely control its victims' devices.

Read details: https://thehackernews.com/2022/02/iranian-hackers-using-new-spying.html

Researchers have managed to create a clone of Apple Airtag that bypasses the anti-stalking protection technology built into the Find My Bluetooth-based tracking protocol.

Details: https://thehackernews.com/2022/02/experts-create-apple-airtag-clone-that.html

CISA warns of multiple highly-severity vulnerabilities affecting Schneider Electric's Easergy medium-voltage protection relays and General Electric's Proficy CIMPLICITY SCADA software.

Read: https://thehackernews.com/2022/02/cisa-warns-of-high-severity-flaws-in.html

Researchers detail severe flaws in hardware-backed encryption on nearly 100 million Android-based #Samsung Galaxy S8, S9, S10, S20 and S21 smartphones that could be exploited to extract secret cryptographic keys.

Details: https://thehackernews.com/2022/02/100-million-samsung-galaxy-phones.html

CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities Catalog, including a recently disclosed flaw in Zimbra webmail software.

Read details: https://thehackernews.com/2022/02/cisa-adds-recently-disclosed-zimbra-bug.html

China-linked Daxin malware targeted multiple governments, organizations and critical infrastructure in widespread cyber-espionage attacks.

Read details: https://thehackernews.com/2022/03/china-linked-daxin-malware-targeted.html

Microsoft discovers FoxBlade malware hit Ukraine's digital infrastructure before Russia launched its first missile strike last week.

Read: https://thehackernews.com/2022/03/microsoft-finds-foxblade-malware-hit.html

In response to the Conti ransomware gang's decision to side with Russia in the invasion of Ukraine, a disgruntled Ukrainian member of the cybercrime group has posted thousands of internal chats online.

Read details: https://thehackernews.com/2022/03/conti-ransomware-gangs-internal-chats.html

Trickbot malware gang upgrades its AnchorDNS backdoor to AnchorMail.

https://thehackernews.com/2022/03/trickbot-malware-gang-upgrades-its.html

Despite shutdown of the TrickBot infrastructure, the malware operators continue to refine their arsenal to carry out attacks that culminated in the deployment of #Conti #ransomware.

A new data wiper malware — dubbed ”IsaacWiper” — has been observed targeting Ukrainian governmental systems a day after destructive cyber attacks struck multiple entities in the country.

Read details: https://thehackernews.com/2022/03/second-new-isaacwiper-data-wiper.html