The Hacker News Daily Updates

"GuLoader Malware... targets E-Commerce Industry."

Views expressed in this cybersecurity, cybercrime update are those of the reporters and correspondents.  Accessed on 06 February 2023, 1424 UTC.  Content supplied by email subscription to "The Hacker News Daily Updates."

Source: https://mail.google.com/mail/u/0/#inbox/FMfcgzGrcXhGDbrckqmzXmmSBTsFlklb ("The Hacker News Daily Updates").

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net and https://paper.li/RussellRoberts).

The Hacker News Daily Updates

Building trust with persistent third-party risk management Strong third-party relationships are more important than ever to businesses today. As the recent pandemic has clearly demonstrated, any disruptions to strategic partnerships--such as supply chain networks and manufacturers--can have a huge impact on a brand’s reputation and financial well-being. That’s why robust third-party risk management (TPRM) should play a key role in any company’s overall risk management strategy. Download Now Sponsored

LATEST NEWS Feb 6, 2023

GuLoader Malware Using Malicious NSIS Executable to Target E-Commerce Industry E-commerce industries in South Korea and the U.S. are at the receiving end of an ongoing GuLoader malware campaign, cybersecurity firm Trellix disclosed late last month. The malspam activity is notable for transitioning away from malware-laced Microsoft Word documents to NSIS executable files for loading the malware. Other countries targeted as part of the campaign include Germany, Saudi ... Read More

Microsoft: Iranian Nation-State Group Sanctioned by U.S. Behind Charlie Hebdo Hack An Iranian nation-state group sanctioned by the U.S. government has been attributed to the hack of the French satirical magazine Charlie Hebdo in early January 2023. Microsoft, which disclosed details of the incident, is tracking the activity cluster under its chemical element-themed moniker NEPTUNIUM, which is an Iran-based company known as Emennet Pasargad. In January 2022, the U.S. ... Read More

5 Must Haves in an Automated Security Platform Researching and committing to an automated security platform can be a confusing process. You know you need to get compliant – quickly. And, you understand that an automated platform can help make that happen. What should you focus on when deciding which platform is right for ... Read More

SaaS in the Real World: Who's Responsible to Secure this Data? When SaaS applications started growing in popularity, it was unclear who was responsible for securing the data. Today, most security and IT teams understand the shared responsibility model, in which the SaaS vendor is responsible for securing the application, while the organization is responsible for securing their data.  What’s far murkier, however, is where the data responsibility lies on ... Read More

OpenSSH Releases Patch for New Pre-Auth Double Free Vulnerability The maintainers of OpenSSH have released OpenSSH 9.2 to address a number of security bugs, including a memory safety vulnerability in the OpenSSH server (sshd). Tracked as CVE-2023-25136, the shortcoming has been classified as a pre-authentication double free vulnerability that was introduced in version 9.1. "This is not believed to be exploitable, and it occurs in the unprivileged ... Read More

FormBook Malware Spreads via Malvertising Using MalVirt Loader to Evade Detection An ongoing malvertising campaign is being used to distribute virtualized .NET loaders that are designed to deploy the FormBook information-stealing malware. "The loaders, dubbed MalVirt, use obfuscated virtualization for anti-analysis and evasion along with the Windows Process Explorer driver for terminating processes," SentinelOne researchers Aleksandar Milenkoski and Tom Hegel said in ... Read More

PixPirate: New Android Banking Trojan Targeting Brazilian Financial Institutions A new Android banking trojan has set its eyes on Brazilian financial institutions to commit fraud by leveraging the PIX payments platform. Italian cybersecurity company Cleafy, which discovered the malware between the end of 2022 and the beginning of 2023, is tracking it under the name PixPirate. "PixPirate belongs to the newest generation of Android banking trojan, as it can perform ATS ... Read More

New Wave of Ransomware Attacks Exploiting VMware Bug to Target ESXi Servers VMware ESXi hypervisors are the target of a new wave of attacks designed to deploy ransomware on compromised systems. "These attack campaigns appear to exploit CVE-2021-21974, for which a patch has been available since February 23, 2021," the Computer Emergency Response Team (CERT) of France said in an advisory on Friday. VMware, in its own alert released at the time, described the issue as ... Read More

Building trust with persistent third-party risk management Strong third-party relationships are more important than ever to businesses today. As the recent pandemic has clearly demonstrated, any disruptions to strategic partnerships--such as supply chain networks and manufacturers--can have a huge impact on a brand’s reputation and financial well-being. That’s why robust third-party risk management (TPRM) should play a key role in any company’s overall risk management strategy. Download Now Sponsored

BleepingComputer.com: Latest cybersecurity news

"Dashline password manager opened-sourced its Android and iOS apps."

Views expressed in this cybersecurity, cybercrime update are those of the reporters and correspondents.  Accessed on 05 February 2023, 2142 UTC. Content supplied by "BleepingComputer.com."

Source:  https://www.bleepingcomputer.com/ (Latest cybersecurity news from "BleepingComputer.com").

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net and https://paper.li/RussellRoberts).

LATEST ARTICLES

• 
   
  SECURITY

Dashlane password manager open-sourced its Android and iOS apps

• Dashlane announced it had made the source code for its Android and iOS apps available on GitHub under the Creative Commons Attribution-NonCommercial 4.0 license.

  • BILL TOULAS
   
  • FEBRUARY 05, 2023
   
  • 12:17 PM
   
  •  0
• 
   
  SECURITY, CRYPTOCURRENCY

New Dingo crypto token found charging a 99% transaction fee

• Researchers at IT security company Check Point security have flagged Dingo Token as a potential scam after finding a function that allows the project's owner to manipulate trading fees up to 99% of the transaction value.

  • BILL TOULAS
   
  • FEBRUARY 05, 2023
   
  • 11:12 AM
   
  •  1
• 
   
  SECURITY

Linux version of Royal Ransomware targets VMware ESXi servers

• Royal Ransomware is the latest ransomware operation to add support for encrypting Linux devices to its most recent malware variants, specifically targeting VMware ESXi virtual machines.

  • SERGIU GATLAN
   
  • FEBRUARY 05, 2023
   
  • 10:15 AM
   
  •  0
• 
   
  SECURITY

NY attorney general forces spyware vendor to alert victims

• The New York attorney general's office has announced a $410,000 fine against a stalkerware developer who used 16 companies to promote surveillance tools illegally.

  • SERGIU GATLAN
   
  • FEBRUARY 04, 2023
   
  • 11:23 AM
   
  •  0
• 
   
  TECHNOLOGY

Bermuda hit by major internet and power outage

• Bermuda experienced a widespread power outage on Friday which impacted the island's internet and phone services. Calling it a "serious incident" at BELCO, the Bermudian power supplier, the government has advised customers to "unplug all sensitive electrical equipment" as crews work around the clock on restoration efforts.

  • AX SHARMA
   
  • FEBRUARY 03, 2023
   
  • 11:27 PM
   
  •  0
• 
   
  SECURITY

The Week in Ransomware - February 3rd 2023 - Ending with a mess

• While the week started slowly, it turned into a big ransomware mess, with attacks striking a big blow at businesses running VMware ESXi servers.

  • LAWRENCE ABRAMS
   
  • FEBRUARY 03, 2023
   
  • 07:47 PM
   
  •  1
• 
   
  SECURITY

TruthFinder, Instant Checkmate confirm data breach affecting 20M customers

• PeopleConnect, the owners of the TruthFinder and Instant Checkmate background check services, confirmed they suffered a data breach after hackers leaked a 2019 backup database containing the info of millions of customers.

  • LAWRENCE ABRAMS
   
  • FEBRUARY 03, 2023
   
  • 06:24 PM
   
  •  0
• 
   
  SECURITY

Massive ESXiArgs ransomware attack targets VMware ESXi servers worldwide

• Admins, hosting providers, and the French Computer Emergency Response Team (CERT-FR) warn that attackers actively target VMware ESXi servers unpatched against a two-year-old remote code execution vulnerability to deploy ransomware.

  • SERGIU GATLAN
   
  • FEBRUARY 03, 2023
   
  • 02:20 PM
   
  •  5
• 
   
  SECURITY

Florida hospital takes IT systems offline after cyberattack

• Tallahassee Memorial HealthCare (TMH) has taken its IT systems offline and suspended non-emergency procedures following a late Thursday cyberattack.

  • SERGIU GATLAN
   
  • FEBRUARY 03, 2023
   
  • 12:37 PM
   
  •  0
• 
   
  SECURITY

GoAnywhere MFT zero-day vulnerability lets hackers breach servers

• The developers of the GoAnywhere MFT file transfer solution are warning customers of zero-day remote code execution vulnerability on exposed administrator consoles.

  • BILL TOULAS
   
  • FEBRUARY 03, 2023
   
  • 11:39 AM
   
  •  0
• 
   
  SECURITY

Atlassian warns of critical Jira Service Management auth flaw

• A critical vulnerability in Atlassian's Jira Service Management Server and Data Center could allow an unauthenticated attacker to impersonate other users and gain remote access to the systems.

  • BILL TOULAS
   
  • FEBRUARY 03, 2023
   
  • 09:31 AM
   
  •  0
• 
   
  SECURITY

Google ads push ‘virtualized’ malware made for antivirus evasion

• An ongoing Google ads malvertising campaign is spreading malware installers that leverage KoiVM virtualization technology to evade detection when installing the Formbook data stealer.

  • BILL TOULAS
   
  • FEBRUARY 02, 2023
   
  • 07:04 PM
   
  •  1
• 
   
  MICROSOFT

Microsoft 365 trial offer blocks access to Windows 10 desktops

• Windows 10 users are reportedly being blocked from accessing their desktops by full-screen trial offers for the Microsoft 365 productivity suite (formerly Office 365).

  • SERGIU GATLAN
   
  • FEBRUARY 02, 2023
   
  • 06:44 PM
   
  •  9
• 
   
  SECURITY

Hackers weaponize Microsoft Visual Studio add-ins to push malware

• Security researchers warn that hackers may start using Microsoft Visual Studio Tools for Office (VSTO) more often as method to achieve persistence and execute code on a target machine via malicious Office add-ins.

  • BILL TOULAS
   
  • FEBRUARY 02, 2023
   
  • 03:23 PM
   
  •  0
• 
   
  MICROSOFT

Microsoft: Scan for outdated Office versions respects your privacy

• Microsoft says the KB5021751 update is respecting users' privacy while scanning for and identifying the number of customers running Office versions that are outdated or approaching their end of support.

  • SERGIU GATLAN
   
  • FEBRUARY 02, 2023
   
  • 03:05 PM
   
  •  1
• 
   
  SECURITY, LEGAL

Former Ubiquiti dev pleads guilty to trying to extort his employer

• Nickolas Sharp, a former Ubiquiti employee who managed the networking device maker's cloud team, pled guilty today to stealing gigabytes worth of files from Ubiquiti's network and trying to extort his employer while posing as an anonymous hacker and a whistleblower.

  • SERGIU GATLAN
   
  • FEBRUARY 02, 2023
   
  • 02:01 PM
   
  •  0

• 1
 
• 2
 
• 3
 
• 4
 
• 5
 

VIEW MORE