Russian government warns domestic critical infrastructure operators of potential cyberattacks as the country's invasion of Ukraine enters its second day.

Read: https://thehackernews.com/2022/02/putin-warns-russian-critical.html

Researchers discover a new stealth malware, dubbed SockDetour, that operates filelessly and socketlessly on compromised systems and serves as a backup backdoor in case the primary one is removed.

Read details: https://thehackernews.com/2022/02/new-sockdetour-fileless-socketless.html

Government-sponsored hackers are not the only ones targeting the Ukraine with DDoS, malware, and phishing attacks, but cybercriminals have also gotten involved and begun to take sides in the Russia-Ukraine War.

https://thehackernews.com/2022/02/russia-ukraine-war-phishing-malware-and.html

WARNING: A new malware is spreading via some game apps on Microsoft Store and hijacks victims' social media accounts for malicious promotions and click fraud attacks.

Read details — https://thehackernews.com/2022/02/social-media-hijacking-malware.html

Mandiant researchers have identified two new malware — GRAMDOOR and STARWHALE — used by Iranian cyberespionage hackers; one of them uses the Telegram API to remotely control its victims' devices.

Read details: https://thehackernews.com/2022/02/iranian-hackers-using-new-spying.html

Researchers have managed to create a clone of Apple Airtag that bypasses the anti-stalking protection technology built into the Find My Bluetooth-based tracking protocol.

Details: https://thehackernews.com/2022/02/experts-create-apple-airtag-clone-that.html

CISA warns of multiple highly-severity vulnerabilities affecting Schneider Electric's Easergy medium-voltage protection relays and General Electric's Proficy CIMPLICITY SCADA software.

Read: https://thehackernews.com/2022/02/cisa-warns-of-high-severity-flaws-in.html

Researchers detail severe flaws in hardware-backed encryption on nearly 100 million Android-based #Samsung Galaxy S8, S9, S10, S20 and S21 smartphones that could be exploited to extract secret cryptographic keys.

Details: https://thehackernews.com/2022/02/100-million-samsung-galaxy-phones.html

CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities Catalog, including a recently disclosed flaw in Zimbra webmail software.

Read details: https://thehackernews.com/2022/02/cisa-adds-recently-disclosed-zimbra-bug.html

China-linked Daxin malware targeted multiple governments, organizations and critical infrastructure in widespread cyber-espionage attacks.

Read details: https://thehackernews.com/2022/03/china-linked-daxin-malware-targeted.html

Microsoft discovers FoxBlade malware hit Ukraine's digital infrastructure before Russia launched its first missile strike last week.

Read: https://thehackernews.com/2022/03/microsoft-finds-foxblade-malware-hit.html

In response to the Conti ransomware gang's decision to side with Russia in the invasion of Ukraine, a disgruntled Ukrainian member of the cybercrime group has posted thousands of internal chats online.

Read details: https://thehackernews.com/2022/03/conti-ransomware-gangs-internal-chats.html

Trickbot malware gang upgrades its AnchorDNS backdoor to AnchorMail.

https://thehackernews.com/2022/03/trickbot-malware-gang-upgrades-its.html

Despite shutdown of the TrickBot infrastructure, the malware operators continue to refine their arsenal to carry out attacks that culminated in the deployment of #Conti #ransomware.

A new data wiper malware — dubbed ”IsaacWiper” — has been observed targeting Ukrainian governmental systems a day after destructive cyber attacks struck multiple entities in the country.

Read details: https://thehackernews.com/2022/03/second-new-isaacwiper-data-wiper.html

TeaBot Android banking trojan has been observed bypassing Google Play Store protections to attack users of more than 400 banking and finance apps from Russia, China, and the United States.

Details: https://thehackernews.com/2022/03/teabot-android-banking-malware-spreads.html

Critical vulnerabilities have been uncovered in the VoIPmonitor software that could allow unauthenticated attackers to escalate their privileges to the administrator level and execute arbitrary commands.

Read details: https://thehackernews.com/2022/03/critical-security-bugs-uncovered-in.html

Experts find 5 new vulnerabilities in the open-source multimedia communications library PJSIP that could be abused by an attacker to execute arbitrary code or trigger DoS in applications that use the protocol stack.

Read: https://thehackernews.com/2022/03/critical-bugs-reported-in-popular-open.html

⚡ Hackers begin weaponizing a new DDoS amplification technique — called "TCP Middlebox Reflection" — against multiple targets for the first time in the wild.

Read details: https://thehackernews.com/2022/03/hackers-begin-weaponizing-tcp-middlebox.html

A group of nation-state is attempting to hack European government agencies to obtain intelligence on refugees fleeing Ukraine and the supply movement in the region.

Read details: https://thehackernews.com/2022/03/hackers-try-to-hack-european-officials.html

Hackers who penetrated the network of the American chip manufacturer NVIDIA have leaked DLSS source code on the Internet.

Read: https://thehackernews.com/2022/03/hackers-who-broke-into-nvidias-network.html