A vulnerability (CVE-2022-42475) in FortiOS SSL-VPN was exploited by hackers as a "zero-day" to attack governments and large organizations before Fortinet fixed it.

Details: https://thehackernews.com/2023/01/fortios-flaw-exploited-as-zero-day-in.html

Cybercriminals are now using polyglot and malicious JAR files to evade detection and spread Trojans like StrRAT and Ratty.

Read: https://thehackernews.com/2023/01/cybercriminals-using-polyglot-files-in.html

Beware of tainted VPN installers! They're being used to deliver a surveillanceware called "EyeSpy" as part of a malware campaign.

Read details: http://thehackernews.com/2023/01/beware-tainted-vpns-being-used-to.html

Most infections reported in Iran, with some in Germany and the US.

The French data protection watchdog has fined TikTok €5 million for failing to comply with cookie consent regulations.

Read: https://thehackernews.com/2023/01/tiktok-fined-54-million-by-french.html

Cisco has issued a warning about two vulnerabilities affecting EoL Small Business routers that will not be fixed.

Read: https://thehackernews.com/2023/01/cisco-issues-warning-for-unpatched.html

A proof-of-concept exploit is publicly available.

If you use Cacti for web-based monitoring, be sure to patch ASAP!

A critical vulnerability [CVE-2022-46169] is being actively exploited in the wild and a majority of internet-exposed servers have not been patched yet.

Read: https://thehackernews.com/2023/01/cacti-servers-under-attack-as-majority.html

⚡ New — DevOps platform CircleCI recently fell victim to a breach after an employee's laptop was hacked.

Read: https://thehackernews.com/2023/01/malware-attack-on-circleci-engineers.html

The attacker used #malware to steal 2FA-backed credentials to gain access to the company's systems.

A new backdoor has been discovered that borrows its features from the leaked CIA's Hive malware suite.

Read: https://thehackernews.com/2023/01/new-backdoor-created-using-leaked-cias.html

It spreads via F5 vulnerabilities and communicates with the C2 server via forged #Kaspersky certificates.

Don't fall for the trap of downloading cracked software.

Cybercriminals utilize a vast network of sites to distribute fake cracked software downloads, infecting users' systems with Raccoon and Vidar stealers.

Read: https://thehackernews.com/2023/01/raccoon-and-vidar-stealers-spreading.html

CISA has issued a warning about significant security weaknesses found in products from Industrial Control Systems (ICS) manufacturers such as Sewio, InHand Networks, Sauter Controls, Siemens, and other leading companies.

Read: https://thehackernews.com/2023/01/cisa-warns-for-flaws-affecting.html

Attention developers! Lolip0p, a threat actor, has uploaded rogue packages to the PyPI repository with the goal of dropping malware on compromised systems.

Read: https://thehackernews.com/2023/01/researchers-uncover-3-pypi-packages.html

🔥 Don't wait until it's too late!

Zoho ManageEngine users, patch your instances now to avoid falling victim to critical CVE-2022-47966 vulnerability.

Details: https://thehackernews.com/2023/01/zoho-manageengine-poc-exploit-to-be.html

Researchers are about to release PoC exploit code.

Researchers have demonstrated that GitHub Codespaces, a widely used development environment, can be abused by cybercriminals to distribute malware.

Read: https://thehackernews.com/2023/01/hackers-can-abuse-legitimate-github.html

Researchers have discovered severe SSRF vulnerabilities in 4 Microsoft Azure services, which could have potentially enabled cybercriminals to gain unauthorized access to critical cloud resources.

Read: https://thehackernews.com/2023/01/microsoft-azure-services-flaws-couldve.html

Unlock the power of automation to supercharge your SOC!

Learn about the 4 key phases for expanding coverage and how automation can shorten investigation and triage processes, and automatically respond to known threats.

Read: https://thehackernews.com/2023/01/4-places-to-supercharge-your-soc-with.html

⚡ CISA Alerts - New security vulnerabilities found in Industrial Control Systems (ICS) from Siemens, GE Digital and Contec.

Read: https://thehackernews.com/2023/01/cisa-warns-of-flaws-in-siemens-ge.html

U.S. cybersecurity agency urges immediate action to protect against potential security breaches.

Attention Git users — Critical vulnerabilities have been identified in the Git source code version control system that could enable RCE attacks.

Read: https://thehackernews.com/2023/01/git-users-urged-to-update-software-to.html

Software updates have been released to address the issue. Don't wait, update now!

Network security alert!

New critical vulnerabilities have been found in Netcomm and TP-Link routers that could potentially lead to remote code execution attacks.

Read details: https://thehackernews.com/2023/01/critical-security-vulnerabilities.html

Update your router's firmware to the latest version to protect your network.

Researchers uncover a new wave of "BackdoorDiplomacy" malware attacks targeting Iranian government entities.

Read details: https://thehackernews.com/2023/01/iranian-government-entities-under.html

An ongoing cyber attack campaign, known as "Earth Bogle," is using geopolitical lures in combination with cloud storage, social media, and phishing emails to deliver the NjRAT trojan to victims in the Middle East and North Africa.

Read: https://thehackernews.com/2023/01/earth-bogle-campaign-unleashes-njrat.html