Researchers warn of an ongoing GuLoader malware campaign targeting e-commerce industries in South Korea, the US, Germany, Saudi Arabia, Taiwan and Japan, using NSIS executable files to load the malware.

Read: https://thehackernews.com/2023/02/guloader-malware-using-malicious-nsis.html

VMware found no evidence of a zero-day in its software as part of an ongoing ransomware attack spree. Most reports suggest known vulnerabilities in outdated products are being targeted.

Read: https://thehackernews.com/2023/02/vmware-finds-no-evidence-of-0-day-flaw.html

🔥 First-ever Linux variant of Clop ransomware has been spotted!

But do not panic, it uses a flawed encryption algorithm, so it is possible to reverse engineer the process.

Read: https://thehackernews.com/2023/02/linux-variant-of-clop-ransomware.html

Cyber Threat Alert 🚨

Hackers are taking advantage of Sunlogin remote desktop software vulnerabilities to carry out post-exploitation activities with the Sliver C2 framework.

Read: https://thehackernews.com/2023/02/hackers-exploit-vulnerabilities-in.html

Joint law enforcement operation cracks Exclu, an encrypted messaging app used by organized crime groups, resulting in 45 arrests, the seizure of €5.5 million, and massive haul of drugs, guns and phones.

Read: https://thehackernews.com/2023/02/encrypted-messaging-app-exclu-used-by.html

CERT-UA has issued a warning of cyber attacks targeting state authorities using a legitimate remote access software.

Read: https://thehackernews.com/2023/02/cert-ua-alerts-ukrainian-state.html

A Russian national pleaded guilty to money laundering and attempting to conceal funds obtained from Ryuk ransomware attacks.

Read: https://thehackernews.com/2023/02/russian-hacker-pleads-guilty-to-money.html

A Russia-linked threat actor has been spotted targeting Ukraine with a new information-stealing malware called Graphiron.

Read: https://thehackernews.com/2023/02/russian-hackers-using-graphiron-malware.html

A 20-year-old Sydney man has been sentenced for attempting to extort and defraud Optus customers by using their personal info obtained from a data breach.

Read: https://thehackernews.com/2023/02/sydney-man-sentenced-for-blackmailing.html

Multiple security flaws have been disclosed in open source and freemium Document Management Systems (DMS) from four vendors.

Researchers said the vulnerabilities offer a way for attackers to control the organization.

Read: https://thehackernews.com/2023/02/unpatched-security-flaws-disclosed-in.html

🚨 NIST has chosen Ascon, a family of authenticated 🔒 encryption and hashing algorithms, to be standardized for IoT and other lightweight electronics with limited resources.

Details: https://thehackernews.com/2023/02/nist-standardizes-ascon-cryptographic.html

OpenSSL project releases patches for multiple security flaws, including a high-severity vulnerability (CVE-2023-0286) in the widely used 🔒 encryption toolkit.

Details: https://thehackernews.com/2023/02/openssl-fixes-multiple-new-security.html

Gootkit malware is now targeting healthcare and financial organizations in the US, UK & Australia by using a new method of deployment that involves large payloads to avoid detection & post-infection frameworks Cobalt Strike & SystemBC.

https://thehackernews.com/2023/02/gootkit-malware-adopts-new-tactics-to.html

A new cyber threat group known as "NewsPenguin" has been linked to a phishing attack aimed at marine-related entities in Pakistan and using the PIMEC-23 conference as a lure to trick victims.

Details: https://thehackernews.com/2023/02/newspenguin-threat-actor-emerges-with.html

🔥 THN Webinar

Register now to secure your spot and gain a comprehensive understanding of cyber insurance protection, and new identity protection requirements.

Details: https://thehackernews.com/2023/02/thn-webinar-learn-how-to-comply-with.html

Alert: 38 security vulnerabilities found in Wireless Industrial IoT devices from 4 different vendors.

Hackers can exploit these flaws to gain access to internal OT networks and infiltrate critical infrastructure.

Read: https://thehackernews.com/2023/02/critical-infrastructure-at-risk-from.html

Reddit has suffered a security breach, with unidentified threat actors accessing internal documents, code, and some internal business systems.

Read: https://thehackernews.com/2023/02/reddit-suffers-security-breach-exposing.html

7 Russian nationals have been sanctioned by the governments of the United Kingdom and the United States for their involvement in the TrickBot, Ryuk, and Conti cybercrime operations.

Read: https://thehackernews.com/2023/02/uk-and-us-sanction-7-russians-for.html

North Korean hackers are conducting ransomware attacks against healthcare and critical infrastructure facilities to fund illicit activities.

Read: https://thehackernews.com/2023/02/north-korean-hackers-targeting.html

Researchers have uncovered four new malicious packages in the Python Package Index (PyPI) that sneak malware onto developers' systems and manipulate their SSH authorized_keys.

Read: https://thehackernews.com/2023/02/researchers-uncover-obfuscated.html