🔒 Google's Authenticator app just got a major upgrade!

The new sync option lets users back up their time-based one-time passwords (TOTPs) to the cloud, so you never lose access to your accounts.

Read details: https://thehackernews.com/2023/04/google-authenticator-app-gets-cloud.html

BlueNoroff, a suspected subgroup of Lazarus Group, is now targeting Apple's macOS with new malware RustBucket, highlighting hackers' expanding toolsets for cross-platform threats.

Learn more: https://thehackernews.com/2023/04/lazarus-subgroup-targeting-apple.html

ALERT: Iranian hackers have been linked to a new wave of phishing attacks targeting Israel, using an updated version of a backdoor called PowerLess.

Read details: https://thehackernews.com/2023/04/iranian-hackers-launch-sophisticated.html

🔥 New SLP protocol vulnerability (CVE-2023-29552) could be weaponized for massive DoS amplification attacks with an amplification factor of up to 2,200.

Learn more: https://thehackernews.com/2023/04/new-slp-vulnerability-could-let.html

More than 2,000 global organizations and 54,000 SLP instances are said to be affected.

Heads up VMware users!

Make sure to update your Workstation and Fusion software as the company has released updates to fix several security flaws, including a critical buffer-overflow vulnerability (CVE-2023-20869).

Read details: https://thehackernews.com/2023/04/vmware-releases-critical-patches-for.html

🚨 A dangerous default configuration in Apache Superset has been discovered, which could allow attackers to gain RCE, harvest credentials, and compromise data.

For more details, read about CVE-2023-27524 at https://thehackernews.com/2023/04/apache-superset-vulnerability-insecure.html

To fix this issue, upgrade to version 2.1.

Evasive Panda, a Chinese APT group, targets international NGOs in Mainland China with the MgBot modular malware framework to steal files, log keystrokes, harvest clipboard data, and record audio streams.

Read details: https://thehackernews.com/2023/04/chinese-hackers-using-mgbot-malware-to.html

Alert! Charming Kitten, the Iranian nation-state group, strikes again! This time, with a new malware named "BellaCiao," capable of delivering customized malware payloads.

Learn more about this latest threat: https://thehackernews.com/2023/04/charming-kittens-new-bellaciao-malware.html

Chinese threat actor Alloy Taurus has been caught using a Linux variant of a backdoor called PingPull to target financial institutions and government entities.

Find out more about their latest cyber activity: https://thehackernews.com/2023/04/chinese-hackers-using-pingpull-linux.html

Microsoft confirms active exploitation of PaperCut servers linked to Cl0p and LockBit ransomware attacks. Threat actor Lace Tempest identified as the main culprit, overlapping with FIN11, TA505, and Evil Corp.

Learn more : https://thehackernews.com/2023/04/microsoft-confirms-papercut-servers.html

RTM Locker, a private ransomware-as-a-service provider, has developed its first Linux-targeting ransomware that can infect Linux, NAS, and ESXi hosts.

Read details: https://thehackernews.com/2023/04/rtm-lockers-first-linux-ransomware.html

⚡ New politically-motivated surveillance campaign, dubbed "Paperbug," detected in Tajikistan, targeting government officials, telecom services, and public service infrastructures.

Read details: https://thehackernews.com/2023/04/paperbug-attack-new-politically.html

Google has obtained a court order in the US to disrupt the distribution of the information-stealing malware CryptBot that has infected over 670,000 computers.

Read more about this: https://thehackernews.com/2023/04/google-gets-court-order-to-take-down.html

South Korea's education, construction, diplomatic, and political institutions are under attack by the Tonto Team, a China-aligned threat actor.

Find out how they're using a file related to anti-malware products to execute their attacks: https://thehackernews.com/2023/04/tonto-team-uses-anti-malware-file-to.html

ALERT: A new Magecart campaign is using fake payment screens that are hard to detect and look more authentic than the original pages, in order to capture sensitive data from unsuspecting users.

Read details: https://thehackernews.com/2023/04/attention-online-shoppers-dont-be.html

🔒 Alert: Zyxel releases critical security patches for firewall devices. CVE-2023-28771 could allow remote code execution on affected systems.

Read details: https://thehackernews.com/2023/04/zyxel-firewall-devices-vulnerable-to.html

ATP, USG FLEX, VPN, and ZyWALL/USG devices are impacted.

New analysis reveals the evolution of ViperSoftX infostealer #malware: stronger encryption, anti-analysis techniques, and clever delivery methods.

Read details: https://thehackernews.com/2023/04/vipersoftx-infostealer-adopts.html

Attention Apple users! A new information stealer for macOS has been discovered, called Atomic Stealer, which can steal your Keychain passwords, system information, and even your macOS password.

Read details: https://thehackernews.com/2023/04/new-atomic-macos-stealer-can-steal-your.html

CISA has issued an Industrial Control Systems medical advisory warning of critical vulnerabilities in Illumina's DNA sequencing instruments, including privilege misconfiguration and remote IP address binding.

Read details: https://thehackernews.com/2023/04/cisa-warns-of-critical-flaws-in.html

OpenAI is back in 🇮🇹 Italy!

ChatGPT is now available after meeting data protection requirements.

Read: https://thehackernews.com/2023/04/chatgpt-is-back-in-italy-after.html