Cybercriminals are using Parallax RAT to target cryptocurrency companies, giving them the ability to record keystrokes, take screenshots, and upload and download files remotely.

Learn more: https://thehackernews.com/2023/03/parallax-rat-targeting-cryptocurrency.html

Google has announced the general availability of client-side encryption (CSE) for Gmail and Calendar.

This feature enables organizations to have greater control over who can access their data, while users can now send and receive encrypted emails and create encrypted meeting events for added security.

Learn more: https://thehackernews.com/2023/03/gmail-and-google-calendar-now-support.html

🚨 Attention Windows 11 users: ESET warns of a new, powerful UEFI bootkit malware called "BlackLotus" that can bypass Secure Boot protection on your devices.

Learn more: https://thehackernews.com/2023/03/blacklotus-becomes-first-uefi-bootkit.html

Watch out, law firms! Researchers have identified a cyber attack campaign targeting law firms using GootLoader and FakeUpdates malware.

Learn more about how hackers are compromising WordPress websites to distribute malware here: https://thehackernews.com/2023/03/cybercriminals-targeting-law-firms-with.html

Cisco has just released a security update to fix a critical vulnerability (CVE-2023-20078) in its IP Phone 6800, 7800, 7900, and 8800 Series products.

Learn more: https://thehackernews.com/2023/03/critical-flaw-in-cisco-ip-phone-series.html

Lucky Mouse hackers strike again with a new Linux version of SysUpdate malware toolkit that can now bypass security measures and evade reverse engineering.

Learn more: https://thehackernews.com/2023/03/sysupdate-malware-strikes-again-with.html

A malicious Python package has been found on PyPI containing a fully-featured information stealer and remote access trojan.

Learn more: https://thehackernews.com/2023/03/experts-identify-fully-featured-info.html

Watch out! A new cryptojacking scheme is in town, preying on poorly configured Redis database servers and using the trusted file transfer service transfer[.]sh to sneak in their malicious payloads.

Learn more: https://thehackernews.com/2023/03/new-cryptojacking-campaign-leverages.html

Beware of SCARLETEEL!

The latest cyber attack 🔒👨‍💻 targeting containerized 💻 environments to steal proprietary data and software but using crypto-miner malware to distract defenders.

Learn more: https://thehackernews.com/2023/03/hackers-exploit-containerized.html

China-based hackers Mustang Panda are using a new custom backdoor called MQsTTang in their latest social engineering campaign against European entities.

Learn more: https://thehackernews.com/2023/03/chinese-hackers-targeting-european.html

🚨 ALERT: Royal ransomware is back and targeting U.S. and international organizations!

It infiltrates networks, disables #antivirus software and steals data before deploying ransomware.

Learn how to protect yourself with CISA's latest advisory: https://thehackernews.com/2023/03/us-cybersecurity-agency-raises-alarm.html

Heads up, techies! Experts have uncovered 2 severe vulnerabilities in TPM 2.0 library that could impact billions of devices, including enterprise computers, IoT devices, and embedded systems.

Read: https://thehackernews.com/2023/03/new-flaws-in-tpm-20-library-pose-threat.html

A new ATM #malware strain dubbed FiXS has been observed targeting Mexican banks.

It is hidden inside a not-malicious-looking program, is vendor-agnostic, and is capable of infecting any teller machine that supports CEN/XFS.

Learn more: https://thehackernews.com/2023/03/new-fixs-atm-malware-targeting-mexican.html

Ready to bust the 9 most dangerous myths about file-based attacks?

Join our upcoming WEBINAR and become a hero in the fight against patient zero infections and zero-day security events!

Watch it here: https://thehacker.news/file-based-threats-webinar

⚡ Researchers have discovered new side-channel attacks on the CRYSTALS-Kyber encryption algorithm, which the U.S. government selected last year as a quantum-resistant algorithm.

Learn more: https://thehackernews.com/2023/03/experts-discover-flaw-in-us-govts.html

Researchers warn that "insufficient" forensic visibility into Google Cloud Platform could leave organizations blind to potential data exfiltration attacks.

Learn more: https://thehackernews.com/2023/03/experts-reveal-google-cloud-platforms.html

Suspected core members of the DoppelPaymer ransomware group, responsible for numerous large-scale cyberattacks, have been arrested by German and Ukrainian authorities with support of Dutch police & the FBI.

Read: https://thehackernews.com/2023/03/core-members-of-doppelpaymer-ransomware.html

🚨 Heads up, fashionistas!

If you're using the Shein shopping app, beware of a recent bug that has been capturing and transmitting your clipboard contents to a remote server.

Learn more: https://thehackernews.com/2023/03/sheins-android-app-caught-transmitting.html

Recent LastPass breach was caused by a simple mistake - an engineer's failure to update Plex software on his home computer.

Read: https://thehackernews.com/2023/03/lastpass-hack-engineers-failure-to.html

This is a stark reminder of the importance of keeping software up to date to prevent vulnerabilities from being exploited.

🚨 ALERT! If you're using MeetsApp or MeetUp on your Android device, you need to be aware of this!

Pakistani hackers are using these apps to target political and military personalities in India with CapraRAT backdoor.

Learn more: https://thehackernews.com/2023/03/transparent-tribe-hackers-distribute.html