Chinese and Russian cybercriminals are upping their game with a new malware called SILKLOADER to evade detection and propagate Cobalt Strike.

Learn more: https://thehackernews.com/2023/03/chinese-and-russian-hackers-using.html

Winter Vivern, also known as UAC-0114, has been linked to campaigns targeting government agencies and private businesses in India, Lithuania, Slovakia, and the Vatican.

Learn more: https://thehackernews.com/2023/03/winter-vivern-apt-group-targeting.html

Uh-oh! Google has just uncovered 18 zero-day vulnerabilities in #Samsung's Exynos chips, some of which can be exploited remotely to completely take over your phone.

Learn more: https://thehackernews.com/2023/03/google-uncovers-18-severe-security.html

Don't fall for fake messaging apps! Researchers have discovered trojanized versions of Telegram and WhatsApp infecting Android and Windows users with cryptocurrency clipper malware.

Learn more: https://thehackernews.com/2023/03/lookalike-telegram-and-whatsapp.html

Watch out, HinataBot is here!

A new Golang-based botnet exploits unpatched vulnerabilities and weak credentials to take over routers and servers and launch DDoS attacks.

Learn more: https://thehackernews.com/2023/03/new-golang-based-hinatabot-exploiting.html

💻🛡️🔒 Outdated security strategies leaving you exposed?

Discover the power of the Identity Perimeter & Zero Trust Access in our can't-miss webinar featuring Dor Dali of Cyolo.

👉 Register now: https://thehackernews.com/2023/03/thn-webinar-3-research-backed-ways-to.html

Get practical tips to protect your business!

🔐👾 LockBit 3.0 — FBI, CISA, and MS-ISAC have issued a joint advisory on this dangerous ransomware, detailing indicators of compromise, tactics, techniques and procedures.

Read: https://thehackernews.com/2023/03/lockbit-30-ransomware-inside.html

⚠️ Suspected Chinese hacking group UNC3886 linked to zero-day exploitation in Fortinet FortiOS, targeting governments entities and large organizations.

Learn more: https://thehackernews.com/2023/03/chinese-hackers-exploit-fortinet-zero.html

💥 Busted! "Pompompurin" unmasked! New York man arrested for running notorious BreachForums hacking site.

Learn more: https://thehackernews.com/2023/03/pompompurin-unmasked-infamous.html

🕷️ Mummy Spider, Gold Crestwood, TA542... whatever you call it, Emotet is back!

⚠️Now hiding in Microsoft OneNote email attachments to bypass macro-based security restrictions and compromise systems.

Learn more: https://thehackernews.com/2023/03/emotet-rises-again-evades-macro.html

🚨CatB ransomware operation utilizes DLL search order hijacking to evade detection and launch payloads.

Learn more: https://thehackernews.com/2023/03/researchers-shed-light-on-catb.html

🚨 Cybersecurity Alert: Mispadu banking trojan targets Latin American countries, compromising legit websites and stealing credentials. Attackers' misconfiguration exposes 8 out of 20 Command & Control Servers, revealing over 90,000 stolen credentials from 17.5K unique websites across all sectors.

Learn more: https://thehackernews.com/2023/03/mispadu-banking-trojan-targets-latin.html

Heads up! dotRunpeX is a new malware injector that distributes various known malware families via phishing emails and malicious Google Ads.

Learn more: https://thehackernews.com/2023/03/new-dotrunpex-malware-delivers-multiple.html

💸 Over $1.6 million in cryptocurrency stolen from hot wallets due to a zero-day security flaw in General Bytes' ATM software.

Learn more: https://thehackernews.com/2023/03/hackers-steal-over-16-million-in-crypto.html

55 zero-day vulnerabilities exploited in 2022, with Microsoft, Google, and Apple software the most targeted!

Though lower than 81 in 2021, still a significant uptick in recent years.

Learn more: https://thehackernews.com/2023/03/from-ransomware-to-cyber-espionage-55.html

⚠️ Beware of ShellBot malware! Weak SSH credentials on #Linux servers are being exploited in a new campaign. ShellBot can perform DDoS attacks & exfiltrate data.

Learn more: https://thehackernews.com/2023/03/new-shellbot-ddos-malware-targeting.html

⚡️ New "Bad Magic" activity cluster targeting gov't, agriculture & transportation orgs in Donetsk, Lugansk & Crimea amid ongoing Russia-Ukraine conflict using a new modular framework, "CommonMagic."

Learn more: https://thehackernews.com/2023/03/new-bad-magic-cyber-threat-disrupt.html

BreachForums has been officially taken down, but the administrator promises "it's not the end."

Learn more: https://thehackernews.com/2023/03/breachforums-administrator-baphomet.html

Speculations arise that law enforcement may have obtained access to the site's configurations and user information.

New malware alert!

REF2924, a threat group targeting entities in South and Southeast Asia, has been spotted deploying NAPLISTENER - an HTTP listener designed to evade network-based detection.

Learn more: https://thehackernews.com/2023/03/new-naplistener-malware-used-by-ref2924.html

🚨 NuGet Repository under attack! New malicious campaign aims to infect DotNET developer systems with cryptocurrency stealer malware.

Learn more: https://thehackernews.com/2023/03/rogue-nuget-packages-infect-net.html

Beware of 13 rogue packages downloaded 160k+ times in the past month.