WARNING: Hackers Exploiting 2 New Microsoft Exchange Zero-Days in the Wild

The Hacker News Daily Updates Supply Chain Security Checklist Follow these steps to strengthen your organization's supply chain security and reduce your risk. Download Now Sponsored LATEST NEWS Sep 30, 2022 Cyber Attacks Against Middle East Governments Hide Malware in Windows logo An espionage-focused threat actor has been observed using a steganographic trick to conceal a previously undocumented backdoor in a Windows logo in its attacks against Middle Eastern governments. Broadcom's Symantec Threat Hunter Team attributed the updated tooling to a hacking group it tracks ... Read More New Malware Campaign Targeting Job Seekers with Cobalt Strike Beacons A social engineering campaign leveraging job-themed lures is weaponizing a years-old remote code execution flaw in Microsoft Office to deploy Cobalt Strike beacons on compromised hosts. "The payload discovered is a leaked version of a Cobalt Strike beacon," Cisco Talos researchers Chetan ... Read More Why Organisations Need Both EDR and NDR for Complete Network Protection Endpoint devices like desktops, laptops, and mobile phones enable users to connect to enterprise networks and use their resources for their day-to-day work. However, they also expand the attack surface and make the organisation vulnerable to malicious cyberattacks and data breaches. Why Modern ... Read More North Korean Hackers Weaponizing Open-Source Software in Latest Cyber Attacks A "highly operational, destructive, and sophisticated nation-state activity group" with ties to North Korea has been weaponizing open source software in their social engineering campaigns aimed at companies around the world since June 2022. Microsoft's threat intelligence teams, alongside LinkedIn ... Read More Microsoft Confirms 2 New Exchange Zero-Day Flaws Being Used in the Wild Microsoft officially disclosed it investigating two zero-day security vulnerabilities impacting Exchange Server 2013, 2016, and 2019 following reports of in-the-wild exploitation. "The first vulnerability, identified as CVE-2022-41040, is a Server-Side Request Forgery (SSRF) vulnerability, while ... Read More Supply Chain Security Checklist Follow these steps to strengthen your organization's supply chain security and reduce your risk. Download Now Sponsored This email was sent to myemailku.ghdbrevo2018@blogger.com. You are receiving this newsletter because you opted-in to receive relevant communications from The Hacker News. To manage your email newsletter preferences, please click here. Contact The Hacker News: info@thehackernews.com Unsubscribe The Hacker News | Pearls Omaxe, Netaji Subash Place, Pitampura, Delhi 110034 India