OpenSSL Releases Patch for 2 New High-Severity Vulnerabilities

The Hacker News Daily Updates How to Build a Security Operations Center (On a Budget) Whether you’re protecting a bank or the local grocery store, certain common sense security rules apply. Download Now Sponsored LATEST NEWS Nov 2, 2022 Multiple Vulnerabilities Reported in Checkmk IT Infrastructure Monitoring Software Multiple vulnerabilities have been disclosed in Checkmk IT Infrastructure monitoring software that could be chained together by an unauthenticated, remote attacker to fully take over affected servers.  "These vulnerabilities can be chained together by an unauthenticated, remote attacker to gain ... Read More These Android Apps with a Million Play Store Installations Redirect Users to Malicious Sites A set of four Android apps released by the same developer has been discovered directing victims to malicious websites as part of an adware and information-stealing campaign. The apps, published by a developer named Mobile apps Group and currently available on the Play Store, have been collectively ... Read More Inside Raccoon Stealer V2 Raccoon Stealer is back on the news again. US officials arrested Mark Sokolovsky, one of the malware actors behind this program. In July 2022, after several months of the shutdown, a Raccoon Stealer V2 went viral. Last week, the Department of Justice's press release stated that the malware ... Read More Experts Warn of SandStrike Android Spyware Infecting Devices via Malicious VPN App A previously undocumented Android spyware campaign has been found striking Persian-speaking individuals by masquerading as a seemingly harmless VPN application. Russian cybersecurity firm Kaspersky is tracking the campaign under the moniker SandStrike. It has not been attributed to any particular ... Read More Dropbox Breach: Hackers Unauthorizedly Accessed 130 GitHub Source Code Repositories File hosting service Dropbox on Tuesday disclosed that it was the victim of a phishing campaign that allowed unidentified threat actors to gain unauthorized access to 130 of its source code repositories on GitHub. "These repositories included our own copies of third-party libraries slightly ... Read More OpenSSL Releases Patch for 2 New High-Severity Vulnerabilities The OpenSSL project has rolled out fixes to contain two high-severity flaws in its widely used cryptography library that could result in a denial-of-service (DoS) and remote code execution. The issues, tracked as CVE-2022-3602 and CVE-2022-3786, have been described as buffer overrun ... Read More Researchers Disclose Details of Critical 'CosMiss' RCE Flaw Affecting Azure Cosmos DB Microsoft on Tuesday said it addressed an authentication bypass vulnerability in Jupyter Notebooks for Azure Cosmos DB that enabled full read and write access. The tech giant said the problem was introduced on August 12, 2022, and rectified worldwide on October 6, 2022, two days after responsible ... Read More Chinese Hackers Using New Stealthy Infection Chain to Deploy LODEINFO Malware The Chinese state-sponsored threat actor known as Stone Panda has been observed employing a new stealthy infection chain in its attacks aimed at Japanese entities. Targets include media, diplomatic, governmental and public sector organizations and think-tanks in Japan, according ... Read More How to Build a Security Operations Center (On a Budget) Whether you’re protecting a bank or the local grocery store, certain common sense security rules apply. Download Now Sponsored This email was sent to myemailku.ghdbrevo2018@blogger.com. You are receiving this newsletter because you opted-in to receive relevant communications from The Hacker News. To manage your email newsletter preferences, please click here. Contact The Hacker News: info@thehackernews.com Unsubscribe The Hacker News | Pearls Omaxe, Netaji Subash Place, Pitampura, Delhi 110034 India