Don't let Vidar malware take control of your device.

This sneaky stealer now uses throwaway accounts on social media platforms to retrieve the address of its C2 servers and steal information from compromised hosts.

Details: https://thehackernews.com/2023/01/the-evolving-tactics-of-vidar-stealer.html

A new feature-rich version of SpyNote Android spyware has been detected targeting financial institutions, including HSBC UK, Deutsche Bank, Kotak Mahindra Bank and Nubank.

Read: https://thehackernews.com/2023/01/spynote-strikes-again-android-spyware.html

Alert: Bluebottle cybercrime group linked to targeted attacks on financial sector in French-speaking African countries.

Read: https://thehackernews.com/2023/01/bluebottle-cybercrime-group-preys-on.html

Symantec reports the group uses living-off-the-land & dual use tools, with no custom malware.

Alert: Financially motivated threat actor "Blind Eagle" has resurfaced with new tools and infection chain targeting organizations in Colombia and Ecuador.

Read: https://thehackernews.com/2023/01/blind-eagle-hackers-return-with-refined.html

Stay connected no matter what!

WhatsApp has announced support for proxy servers on Android and iOS, allowing users to bypass censorship and Internet shutdowns.

Read: https://thehackernews.com/2023/01/whatsapp-introduces-proxy-support-to.html

Rackspace confirmed that the Play ransomware gang was responsible for last month's breach. The attack used a zero-day exploit related to CVE-2022-41080 to gain initial access to the company's email environment.

Read: https://thehackernews.com/2023/01/rackspace-confirms-play-ransomware-gang.html

Notorious banking malware Dridex has reportedly adapted to attack Apple's macOS operating system with a new, previously unseen infection method.

Read: https://thehackernews.com/2023/01/dridex-malware-now-attacking-macos.html

Russian cyberespionage group Turla has been using decade-old ANDROMEDA malware's attack infrastructure to deliver its own custom reconnaissance and backdoor (KOPILUWAK and QUIETCANARY) tools to Ukraine.

Read details: https://thehackernews.com/2023/01/russian-turla-hackers-hijack-decade-old.html

Heads up! Malicious Visual Studio code extensions are being distributed by hackers to launch supply chain attacks against software developers.

Read: https://thehackernews.com/2023/01/hackers-distributing-malicious-visual.html

Stay alert, developers!

6 new malicious Python packages distributed via PyPI deploying info stealers and use Cloudflare tunnels to sneak through firewalls.

Read: https://thehackernews.com/2023/01/malicious-pypi-packages-using.html

Academics reveal new Text-to-SQL model attacks that could potentially let attackers break into sensitive databases or launch DoS attacks.

Read details: https://thehackernews.com/2023/01/new-study-uncovers-text-to-sql-model.html

Alert! Kinsing cryptojacking attacks are targeting Kubernetes clusters through misconfigured PostgreSQL. Secure your systems before it's too late.

Read: https://thehackernews.com/2023/01/kinsing-cryptojacking-hits-kubernetes.html

🔥 Attention all open-source developers: If you're using "jsonwebtoken" library in your projects, you need to take urgent action.

A high-severity security flaw [ CVE-2022-23529] has been discovered, leading to RCE attacks: https://thehackernews.com/2023/01/critical-security-flaw-found-in.html

A new analysis of popular encrypted messaging app Threema reveals potential weaknesses in its cryptographic protocols, leaving users' private keys vulnerable.

https://thehackernews.com/2023/01/expert-analysis-reveals-cryptographic.html

In response, Threema has released a new communication protocol called Ibex.

StrongPity APT group targeting Android users with a Trojanized Telegram app distributed through a fake video chat service website.

Read: https://thehackernews.com/2023/01/strongpity-hackers-distribute.html

Stay vigilant - a new phishing campaign targeting Italy has been observed, deploying an information stealer on compromised #Windows systems.

Read: https://thehackernews.com/2023/01/italian-users-warned-of-malware-attack.html

Researchers have uncovered details of an ongoing hacking campaign by the APT hacker group Dark Pink, targeting military and government organizations in the APAC region.

Read: https://thehackernews.com/2023/01/dark-pink-apt-group-targets-governments.html

🔥 Attention, It's Patch Tuesday! Make sure to update your systems and software ASAP with the latest security patches from:

✅ Microsoft
✅ Adobe
✅ Google
✅ Intel
✅ HP
✅ Linux: Debian, Ubuntu,...
✅ SAP
... and more.

Read details: https://thehackernews.com/2023/01/microsoft-issues-january-2023-patch.html

A new wave of Gootkit malware loader attacks has targeted the Australian healthcare sector by leveraging legitimate tools like VLC Media Player.

Read: https://thehackernews.com/2023/01/australian-healthcare-sector-targeted.html

A new analysis reveals that Raspberry Robin's attack infrastructure can be repurposed by other threat actors for their own malicious activities, making it an even greater threat to watch out for.

Read: https://thehackernews.com/2023/01/new-analysis-reveals-raspberry-robin.html