Protect your macOS systems from evasive cryptocurrency mining malware!

Trojanized versions of legitimate applications, including Final Cut Pro, are being used to deploy XMRig coin miner.

Read more about it here: https://thehackernews.com/2023/02/hackers-using-trojanized-macos-apps-to.html

A new study by the Mozilla Foundation reveals that majority of Android apps on the Google Play Store provide misleading or false information about their data safety labels.

Learn more: https://thehackernews.com/2023/02/majority-of-android-apps-on-google-play.html

Are you concerned about the security of your SaaS apps? With cyberattacks on the rise, it's important to be prepared.

Check out this informative article on the top SaaS challenges of 2023: https://thehackernews.com/2023/02/how-to-tackle-top-saas-challenges-of.html

CISA warns Ukrainian organizations of potential cyberattacks on the one-year anniversary of the Russian invasion of Ukraine.

Read: https://thehackernews.com/2023/02/cisa-sounds-alarm-on-cybersecurity.html

Google is collaborating with ecosystem partners to strengthen the security of firmware in microcontrollers beyond the Application Processor.

This is an essential step towards safeguarding Android devices from potential attacks.

Learn more: https://thehackernews.com/2023/02/google-teams-up-with-ecosystem-partners.html

PlugX remote access trojan has been caught disguising itself as a legitimate open source Windows debugger tool called "x64dbg" to gain control of target systems.

Read details: https://thehackernews.com/2023/02/plugx-trojan-disguised-as-legitimate.html

Dutch police arrest three hackers in connection with a large-scale criminal operation involving data theft, extortion, and money laundering operation.

Read: https://thehackernews.com/2023/02/dutch-police-arrest-3-hackers-involved.html

Government entities in Asia-Pacific and North America are being targeted with an off-the-shelf malware downloader known as PureCrypter, which delivers information stealers and #ransomware.

Learn more: https://thehackernews.com/2023/02/purecrypter-malware-targets-government.html

A new ChromeLoader malware campaign is being distributed via virtual hard disk (VHD) files, marked as hacks or cracks for Nintendo and Steam games.

Learn more: https://thehackernews.com/2023/02/chromeloader-malware-targeting-gamers.html

🚨 Researchers have uncovered crucial insights into the inner workings of RIG Exploit Kit and its administrators.

Learn more: https://thehackernews.com/2023/02/researchers-share-new-insights-into-rig.html

PRODAFT team has acquired vital information on infrastructure, malware distribution, and targeting techniques.

🚨 Alert: LastPass has revealed a second attack that compromised encrypted password vaults.

It was a result of a keylogger on a DevOps engineer's home PC, info from a third-party data breach, and a vulnerability in a third-party software package.

https://thehackernews.com/2023/02/lastpass-reveals-second-attack.html

CISA has added a high-severity flaw affecting the open source ZK Java Web Framework to its KEV catalog based on evidence of active exploitation.

Learn more: https://thehackernews.com/2023/02/cisa-issues-warning-on-active.html

Blind Eagle, a notorious hacker group, has launched a new campaign targeting key industries (health, finance, law enforcement, immigration & peace organizations) in Colombia, Ecuador, Chile, and Spain.

Read: https://thehackernews.com/2023/02/apt-c-36-strikes-again-blind-eagle.html

⚡New post-exploitation framework called EXFILTRATOR-22 (also known as EX-22) has been discovered in the wild, allowing hackers to stealthily deploy ransomware within enterprise networks.

Learn more: https://thehackernews.com/2023/02/new-ex-22-tool-empowers-hackers-with.html

Bitdefender has released a free decryptor for MortalKombat, a new ransomware strain based on the Xorist malware that emerged in January 2023.

Learn more: https://thehackernews.com/2023/02/bitdefender-releases-free-decryptor-for.html

Cybercriminals are using Parallax RAT to target cryptocurrency companies, giving them the ability to record keystrokes, take screenshots, and upload and download files remotely.

Learn more: https://thehackernews.com/2023/03/parallax-rat-targeting-cryptocurrency.html

Google has announced the general availability of client-side encryption (CSE) for Gmail and Calendar.

This feature enables organizations to have greater control over who can access their data, while users can now send and receive encrypted emails and create encrypted meeting events for added security.

Learn more: https://thehackernews.com/2023/03/gmail-and-google-calendar-now-support.html

🚨 Attention Windows 11 users: ESET warns of a new, powerful UEFI bootkit malware called "BlackLotus" that can bypass Secure Boot protection on your devices.

Learn more: https://thehackernews.com/2023/03/blacklotus-becomes-first-uefi-bootkit.html

Watch out, law firms! Researchers have identified a cyber attack campaign targeting law firms using GootLoader and FakeUpdates malware.

Learn more about how hackers are compromising WordPress websites to distribute malware here: https://thehackernews.com/2023/03/cybercriminals-targeting-law-firms-with.html

Cisco has just released a security update to fix a critical vulnerability (CVE-2023-20078) in its IP Phone 6800, 7800, 7900, and 8800 Series products.

Learn more: https://thehackernews.com/2023/03/critical-flaw-in-cisco-ip-phone-series.html