New malware alert!

REF2924, a threat group targeting entities in South and Southeast Asia, has been spotted deploying NAPLISTENER - an HTTP listener designed to evade network-based detection.

Learn more: https://thehackernews.com/2023/03/new-naplistener-malware-used-by-ref2924.html

🚨 NuGet Repository under attack! New malicious campaign aims to infect DotNET developer systems with cryptocurrency stealer malware.

Learn more: https://thehackernews.com/2023/03/rogue-nuget-packages-infect-net.html

Beware of 13 rogue packages downloaded 160k+ times in the past month.

⚠️ CISA warns of critical flaws in Industrial Control Systems from Keysight, Delta Electronics, Siemens, VISAM, Rockwell Automation, and Hitachi Energy.

Learn more: https://thehackernews.com/2023/03/cisa-alerts-on-critical-security.html

Update your software ASAP to avoid potential security breaches!

💻 Chinese state-sponsored 🕵️‍♂️ threat actors infiltrate Microsoft Exchange servers in new wave of cyber attacks on Middle East telecoms.

Learn more: https://thehackernews.com/2023/03/operation-soft-cell-chinese-hackers.html

Researchers find a custom variant of Mimikatz, called mim221, with new anti-detection features.

🚨 German and South Korean intel agencies warn of Kimsuky cyberattacks targeting Gmail inboxes via malicious browser extensions.

The group has also extended its attacks to Android malware strains such as FastFire, FastSpy, and RambleOn.

Read: https://thehackernews.com/2023/03/german-and-south-korean-agencies-warn.html

🔥 Heads up! New Nexus Android banking trojan is here, targeting 450 financial apps & crypto services.

It can even read 2FA codes from SMS & Google Authenticator by exploiting Android's accessibility services.

Learn more: https://thehackernews.com/2023/03/nexus-new-rising-android-banking-trojan.html

⚠️Chinese nation-state groups are getting better at bypassing security!

Learn more: https://thehackernews.com/2023/03/researchers-uncover-chinese-nation.html

They are now using TONEINS, TONESHELL, and PUBLOAD malware for more effective infiltration, as well as HIUPAN and ACNSHELL for reverse shell.

Don't let third-party app access put your company's data at risk!

Join our upcoming webinar to learn about the potential dangers and get expert insights on how to keep your SaaS apps secure.

Learn from the experts - register today: https://thn.news/risk-of-3rd-party-saas-apps

🐍 Python developers, beware! Malicious package on PyPI uses Unicode to evade detection and deploy info-stealing malware!

📢 Learn more: https://thehackernews.com/2023/03/malicious-python-package-uses-unicode.html

GitHub replaces RSA SSH host key after brief exposure in public repository to prevent any bad actor from impersonating the service or eavesdropping on users' operations over SSH.

Learn more: https://thehackernews.com/2023/03/github-swiftly-replaces-exposed-rsa-ssh.html

OpenAI discloses a Redis bug causing certain ChatGPT users' personal info and chat titles to be exposed.

Learn more: https://thehackernews.com/2023/03/openai-reveals-redis-bug-behind-chatgpt.html

Conor Brian Fitzpatrick, the 20-year-old founder and admin of the now-defunct BreachForums, has been charged in the U.S. with conspiracy to commit access device fraud. If found guilty, he faces up to five years in prison.

Read: https://thehackernews.com/2023/03/20-year-old-breachforums-founder-faces.html

🚨 Microsoft releases out-of-band update for privacy-defeating flaw in Windows 10 & 11 screenshot editing tools!

Learn more: https://thehackernews.com/2023/03/microsoft-issues-patch-for-acropalypse.html

🔒 Dubbed "aCropalypse," the #vulnerability allows malicious actors to recover edited parts of screenshots.

⚠️ MacOS Alert! MacStealer targeting Apple devices running macOS Catalina & later, M1/M2 CPUs.

The malware Telegram for C&C, stealing documents, browser cookies, iCloud keychain, passwords & credit card info.

Learn more: https://thehackernews.com/2023/03/new-macstealer-macos-malware-steals.html

Heads up, iPhone and iPad users! Apple has backported fixes for an actively exploited vulnerability (CVE-2023-23529) to older models.

Details: https://thehackernews.com/2023/03/apple-issues-urgent-security-update-for.html

Make sure to update to iOS 15.7.4 and iPadOS 15.7.4 ASAP to stay protected.

U.S. President Joe Biden signs an executive order restricting the use of commercial spyware by federal government agencies, citing security and counterintelligence risks.

Learn more: https://thehackernews.com/2023/03/president-biden-signs-executive-order.html

🚨 New phishing campaign targets European entities using Remcos RAT & Formbook via DBatLoader malware!

Read: https://thehackernews.com/2023/03/stealthy-dbatloader-malware-loader.html

DBatLoader exploits multi-layered obfuscated HTML & OneNote attachments, and leverages image steganography to evade detection engines.

New IcedID Lite and Forked malware variants discovered!

Threat actors pivot away from banking fraud functionality to focus on payload delivery, including #ransomware.

Learn more: https://thehackernews.com/2023/03/icedid-malware-shifts-focus-from.html

APT group SideCopy, known for targeting India & Afghanistan government agencies, has launched a new phishing campaign delivering Action RAT and AuTo Stealer.

Learn more: https://thehackernews.com/2023/03/pakistan-origin-sidecopy-linked-to-new.html

🚀 Microsoft unveils Security Copilot in preview! Powered by OpenAI's GPT-4, it offers end-to-end defense 🔒 at machine speed and scale.

Details here: https://thehackernews.com/2023/03/microsoft-introduces-gpt-4-ai-powered.html