WARNING: Hackers Exploiting 2 New Microsoft Exchange Zero-Days in the Wild

The Hacker News Daily Updates Supply Chain Security Checklist Follow these steps to strengthen your organization's supply chain security and reduce your risk. Download Now Sponsored LATEST NEWS Sep 30, 2022 Cyber Attacks Against Middle East Governments Hide Malware in Windows logo An espionage-focused threat actor has been observed using a steganographic trick to conceal a previously undocumented backdoor in a Windows logo in its attacks against Middle Eastern governments. Broadcom's Symantec Threat Hunter Team attributed the updated tooling to a hacking group it tracks ... Read More New Malware Campaign Targeting Job Seekers with Cobalt Strike Beacons A social engineering campaign leveraging job-themed lures is weaponizing a years-old remote code execution flaw in Microsoft Office to deploy Cobalt Strike beacons on compromised hosts. "The payload discovered is a leaked version of a Cobalt Strike beacon," Cisco Talos researchers Chetan ... Read More Why Organisations Need Both EDR and NDR for Complete Network Protection Endpoint devices like desktops, laptops, and mobile phones enable users to connect to enterprise networks and use their resources for their day-to-day work. However, they also expand the attack surface and make the organisation vulnerable to malicious cyberattacks and data breaches. Why Modern ... Read More North Korean Hackers Weaponizing Open-Source Software in Latest Cyber Attacks A "highly operational, destructive, and sophisticated nation-state activity group" with ties to North Korea has been weaponizing open source software in their social engineering campaigns aimed at companies around the world since June 2022. Microsoft's threat intelligence teams, alongside LinkedIn ... Read More Microsoft Confirms 2 New Exchange Zero-Day Flaws Being Used in the Wild Microsoft officially disclosed it investigating two zero-day security vulnerabilities impacting Exchange Server 2013, 2016, and 2019 following reports of in-the-wild exploitation. "The first vulnerability, identified as CVE-2022-41040, is a Server-Side Request Forgery (SSRF) vulnerability, while ... Read More Supply Chain Security Checklist Follow these steps to strengthen your organization's supply chain security and reduce your risk. Download Now Sponsored This email was sent to myemailku.ghdbrevo2018@blogger.com. You are receiving this newsletter because you opted-in to receive relevant communications from The Hacker News. To manage your email newsletter preferences, please click here. Contact The Hacker News: info@thehackernews.com Unsubscribe The Hacker News | Pearls Omaxe, Netaji Subash Place, Pitampura, Delhi 110034 India

Researchers Warn of New Go-based Malware Targeting Windows and Linux Systems

The Hacker News Daily Updates 8 Steps to Better Security: A Simple Cyber Resilience Guide for Business ($18.00 Value) FREE for a Limited Time Harden your business against internal and external cybersecurity threats with a single accessible resource. Download Now Sponsored LATEST NEWS Sep 29, 2022 Researchers Uncover Covert Attack Campaign Targeting Military Contractors A new covert attack campaign singled out multiple military and weapons contractor companies with spear-phishing emails to trigger a multi-stage infection process designed to deploy an unknown payload on compromised machines. The highly-targeted intrusions, dubbed STEEP#MAVERICK by Securonix, also ... Read More Five Steps to Mitigate the Risk of Credential Exposure Every year, billions of credentials appear online, be it on the dark web, clear web, paste sites, or in data dumps shared by cybercriminals. These credentials are often used for account takeover attacks, exposing organizations to breaches, ransomware, and data theft.  While CISOs are aware of ... Read More Swachh City Platform Suffers Data Breach Leaking 16 Million User Records A threat actor by the name of LeakBase has shared a database containing personal information allegedly affecting 16 million users of Swachh City, an Indian complaint redressal platform. Leaked details include usernames, email addresses, password hashes, mobile numbers, one-time passwords, last ... Read More Hackers Aid Protests Against Iranian Government with Proxies, Leaks and Hacks Several hacktivist groups are using Telegram and other tools to aid anti-government protests in Iran to bypass regime censorship restrictions amid ongoing unrest in the country following the death of Mahsa Amini in custody. "Key activities are data leaking and selling, including officials' phone ... Read More Researchers Warn of New Go-based Malware Targeting Windows and Linux Systems A new, multi-functional Go-based malware dubbed Chaos has been rapidly growing in volume in recent months to ensnare a wide range of Windows, Linux, small office/home office (SOHO) routers, and enterprise servers into its botnet. "Chaos functionality includes the ability to enumerate the host ... Read More 8 Steps to Better Security: A Simple Cyber Resilience Guide for Business ($18.00 Value) FREE for a Limited Time Harden your business against internal and external cybersecurity threats with a single accessible resource. Download Now Sponsored This email was sent to myemailku.ghdbrevo2018@blogger.com. You are receiving this newsletter because you opted-in to receive relevant communications from The Hacker News. To manage your email newsletter preferences, please click here. Contact The Hacker News: info@thehackernews.com Unsubscribe The Hacker News | Pearls Omaxe, Netaji Subash Place, Pitampura, Delhi 110034 India