A group of nation-state is attempting to hack European government agencies to obtain intelligence on refugees fleeing Ukraine and the supply movement in the region.

Read details: https://thehackernews.com/2022/03/hackers-try-to-hack-european-officials.html

Hackers who penetrated the network of the American chip manufacturer NVIDIA have leaked DLSS source code on the Internet.

Read: https://thehackernews.com/2022/03/hackers-who-broke-into-nvidias-network.html

Cisco releases patches to address a new set of critical vulnerabilities affecting Expressway Series and TelePresence Video Communication Server that could allow attackers to gain elevated privileges and execute arbitrary code.

Read: https://thehackernews.com/2022/03/critical-patches-issued-for-cisco.html

Researchers demonstrate what they say is the "first side-channel attack" on homomorphic encryption, which could be exploited to leak data during the encryption process.

Read details: https://thehackernews.com/2022/03/researchers-demonstrate-new-side.html

Russian government has published a list of 17,576 IP addresses and 166 domains allegedly used in a series of DDoS attacks on the country's domestic infrastructure.

Read details: https://thehackernews.com/2022/03/russia-releases-list-of-ips-domains.html

A new vulnerability (CVE-2021-4191) affects thousands of GitLab instances that could allow a remote, unauthenticated attacker to access user-related information.

https://thehackernews.com/2022/03/new-security-vulnerability-affects.html

Patched versions 14.8.2, 14.7.4, 14.6.5 issued for self-managed servers.

Both sides in the Russia-Ukraine war are heavily leveraging Telegram messenger to coordinate hacking activities, leak data, and spread disinformation.

Read: https://thehackernews.com/2022/03/both-sides-in-russia-ukraine-war.html

Imperva has reported that the website of one of its customers was recently the target of a ransom-driven DDoS attack that reached a peak of 2.5 million requests per second (RPS).

Read details: https://thehackernews.com/2022/03/imperva-thwarts-25-million-rps-ransom.html

U.S. cybersecurity agency CISA has added a new batch of 95 actively exploited flaws to its "Known Exploited Vulnerabilities Catalog."

Read: https://thehackernews.com/2022/03/cisa-adds-another-95-flaws-to-its.html

Researchers warn of a new high-risk vulnerability (CVE-2022-0492) affecting the Linux kernel's cgroups feature that could potentially be abused to escape a container to execute arbitrary commands on the host.

Read details: https://thehackernews.com/2022/03/new-linux-kernel-cgroups-vulnerability.html

Mozilla has warned hundreds of millions of Firefox users about newly discovered 0-day bugs (CVE-2022-26485, CVE-2022-26486) that are being exploited in the wild.

https://thehackernews.com/2022/03/2-new-mozilla-firefox-0-day-bugs-under.html

Update to Firefox 97.0.2, ESR 91.6.1, Android v97.3.0, Focus 97.3.0 & Thunderbird 91.6.2.

Ukrainian Computer Emergency Response Team (CERT-UA) warns of new phishing attacks against its citizens using compromised email accounts from Indian entities.

Read: https://thehackernews.com/2022/03/ukrainian-cert-warns-citizens-of.html

Newly disclosed vulnerabilities in the operating system for TerraMaster NAS devices can be chained to achieve unauthorized RCE with highest privileges.

https://thehackernews.com/2022/03/critical-bugs-in-terramaster-tos-could.html

Bugs found by Ethiopian cybersecurity firm OctagonNetworks have been patched in v4.2.30 or higher.

Researchers have disclosed details of a now-patched Microsoft Azure automation vulnerability — dubbed AutoWarp — that could have allowed attackers unauthorized access to other Azure customer accounts.

Details: https://thehackernews.com/2022/03/microsoft-azure-autowarp-bug-could-have.html

Researchers warn of a new vulnerability (CVE-2022-0847) in the Linux kernel, dubbed "Dirty Pipe," which could allow an attacker to overwrite arbitrary data and take complete control of a system.

Details: https://thehackernews.com/2022/03/researchers-warn-of-linux-kernel-dirty.html

A series of newly discovered security vulnerabilities — dubbed "Access:7" — in PTC's Axeda software affects hundreds of thousands of ATMs, vending machines, SCADA systems, medical devices and IoT devices.

Read details: https://thehackernews.com/2022/03/critical-access7-supply-chain.html

Samsung confirms a security breach that led to the exposure of internal company data, including the source code related to its Galaxy smartphones.

Read details: https://thehackernews.com/2022/03/samsung-confirms-data-breach-after.html

Google is officially buying cybersecurity company Mandiant in an all-cash deal approximately valued at $5.4 billion.

Read: https://thehackernews.com/2022/03/google-buys-cybersecurity-firm-mandiant.html

Google warns that Russian and Belarusian hackers are targeting Ukraine and European allies through phishing attacks.

Read details: https://thehackernews.com/2022/03/google-russian-hackers-target.html

Researchers have discovered 16 new high-severity vulnerabilities in UEFI firmware affecting millions of HP devices, including laptops, desktops, PoS systems and edge computing nodes.

Read details: https://thehackernews.com/2022/03/new-16-high-severity-uefi-firmware.html