North Korean hackers using new malware families to target media and technology organizations in the U.S. and Europe.

Learn more: https://thehackernews.com/2023/03/north-korean-unc2970-hackers-expands.html

Cybersecurity experts are warning about a new variant of the Android banking trojan, Xenomorph, which has surfaced with new capabilities to target more than 400 banking and financial institutions.

Read: https://thehackernews.com/2023/03/xenomorph-android-banking-trojan.html

A new China-linked hacking campaign has been observed targeting unpatched devices to drop malware and establish long-term persistence.

Read details: https://thehackernews.com/2023/03/china-linked-hackers-targeting.html

👏 International law enforcement authorities shut down the online infrastructure of the cross-platform NetWire RAT and arrested a Croatian national believed to be the site's administrator.

Learn more: https://thehackernews.com/2023/03/international-law-enforcement-takes.html

Heads up! An updated version of the Prometei modular malware has infected over 10,000 systems globally since Nov 2022 in Brazil, Indonesia, and Turkey.

Learn more: https://thehackernews.com/2023/03/new-version-of-prometei-botnet-infects.html

🚨 Attention all! Malware downloader BATLOADER has been found abusing Google Ads to deliver secondary payloads like Vidar Stealer and Ursnif.

Learn more: https://thehackernews.com/2023/03/batloader-malware-uses-google-ads-to.html

Dark Pink APT actor is back in action, using the KamiKakaBot malware to target government and military entities in Southeast Asia.

Learn more: https://thehackernews.com/2023/03/kamikakabot-malware-used-in-latest-dark.html

Knock knock, who's there? Akuvox E11. And apparently, a dozen security flaws too! 😱

Check out this article to learn more: https://thehackernews.com/2023/03/researchers-uncover-over-dozen-security.html

Beware of AI-generated YouTube videos! Threat actors are using them to spread stealer malware like Raccoon, RedLine, and Vidar.

Learn more: https://thehackernews.com/2023/03/warning-ai-generated-youtube-video.html

Cyber criminals are using fake ChatGPT-branded Chrome extensions to distribute malware and hijack Facebook accounts.

Learn more: https://thehackernews.com/2023/03/fake-chatgpt-chrome-extension-hijacking.html

A malicious cyber operation has been targeting websites aimed at East Asian audiences and redirecting visitors to adult-themed content.

Learn more: https://thehackernews.com/2023/03/large-scale-cyber-attack-hijacks-east.html

Fortinet researchers have discovered an advanced and highly targeted threat actor that is exploiting a zero-day security vulnerability (CVE-2022-41328) in FortiOS. This flaw could potentially result in the execution of arbitrary code.

Learn more: https://thehackernews.com/2023/03/fortinet-fortios-flaw-exploited-in.html

🚨 Heads up, everyone!

Cybercriminal group DEV-1101 is using an open-source AiTM phishing kit to launch attacks at scale. It can bypass MFA protections and steal passwords and session cookies.

Learn more about this: https://thehackernews.com/2023/03/microsoft-warns-of-large-scale-use-of.html

GoBruteforcer, a new Golang-based malware, is using brute-force attacks to target web servers running phpMyAdmin, MySQL, FTP, and Postgres.

Learn more: https://thehackernews.com/2023/03/gobruteforcer-new-golang-based-malware.html

Researchers have discovered a cyberattack on an East Asian data-loss prevention company that targeted its high-value government and military customers.

Learn more: https://thehackernews.com/2023/03/tick-apt-targeted-high-value-customers.html

Move over Monero, Dero cryptocurrency is the new target of cryptojacking campaigns.

Researchers say the higher rewards and better anonymity features make it an attractive target for cybercriminals.

Learn more: https://thehackernews.com/2023/03/new-cryptojacking-operation-targeting.html

➡️ Microsoft's latest Patch Tuesday update for March 2023 is here with security patches for 80 new flaws, including two actively exploited vulnerabilities.

Learn more: https://thehackernews.com/2023/03/microsoft-rolls-out-patches-for-80-new.html

YoroTrooper... this new threat actor has been compromising government and energy organizations and is using common #malware, like AveMaria/Warzone RAT, LodaRAT, and Meterpreter, to gain remote access.

Learn more: https://thehackernews.com/2023/03/yorotrooper-stealing-credentials-and.html

Heads up to all Adobe ColdFusion users! A critical flaw, CVE-2023-26360, has been found and exploited in the wild.

Learn more: https://thehackernews.com/2023/03/cisa-issues-urgent-warning-adobe.html

CVE-2019-18935 strikes again!

A critical security flaw in Progress Telerik UI for ASP AJAX was exploited by multiple threat actors, including a nation-state group, to breach a U.S. federal agency's web server.

Learn more: https://thehackernews.com/2023/03/multiple-hacker-groups-exploit-3-year.html