Microsoft Details Gatekeeper Bypass Vulnerability in Apple macOS Systems

The Hacker News Daily Updates Zero Trust is the Outcome of Identity-Based Access Control Zero trust entered the security lexicon with a bang. Once derided as merely a buzzword, zero trust is now the de-facto method to deal with the overwhelming number of human-centric threats and device vulnerabilities brought to the fore by digital transformation. But what is the pivot point on which zero trust turns? Download Now Sponsored LATEST NEWS Dec 21, 2022 Raspberry Robin Worm Strikes Again, Targeting Telecom and Government Systems The Raspberry Robin worm has been used in attacks against telecommunications and government office systems across Latin America, Australia, and Europe since at least September 2022. "The main payload itself is packed with more than 10 layers for obfuscation and is capable of delivering a fake payload once it detects sandboxing and security analytics tools," Trend Micro researcher Christopher ... Read More The Rise of the Rookie Hacker - A New Trend to Reckon With More zero knowledge attacks, more leaked credentials, more Gen-Z cyber crimes - 2022 trends and 2023 predictions. Cybercrime remains a major threat to individuals, businesses, and governments around the world. Cybercriminals continue to take advantage of the prevalence of digital devices and the internet to perpetrate their crimes. As the internet of things continues to develop, ... Read More GodFather Android Banking Trojan Targeting Users of Over 400 Banking and Crypto Apps An Android banking trojan known as GodFather is being used to target users of more than 400 banking and cryptocurrency apps spanning across 16 countries. This includes 215 banks, 94 crypto wallet providers, and 110 crypto exchange platforms serving users in the U.S., Turkey, Spain, Italy, Canada, and Canada, among others, Singapore-headquartered Group-IB said in a report shared with The ... Read More Ransomware Hackers Using New Way to Bypass MS Exchange ProxyNotShell Mitigations Threat actors affiliated with a ransomware strain known as Play are leveraging a never-before-seen exploit chain that bypasses blocking rules for ProxyNotShell flaws in Microsoft Exchange Server to achieve remote code execution (RCE) through Outlook Web Access (OWA). "The new exploit method bypasses URL rewrite mitigations for the Autodiscover endpoint," CrowdStrike researchers Brian ... Read More Ukraine's DELTA Military System Users Under Attack from Info Stealing Malware The Computer Emergency Response Team of Ukraine (CERT-UA) this week disclosed that users of the Delta situational awareness program received phishing emails from a compromised email account belonging to the Ministry of Defense. The attacks, which have been attributed to a threat cluster dubbed UAC-0142, aimed to infect systems with two pieces of data-stealing malware referred to as FateGrab ... Read More Beware: Cybercriminals Launch New BrasDex Android Trojan Targeting Brazilian Banking Users The threat actors behind the Windows banking malware known as Casbaneiro has been attributed as behind a novel Android trojan called BrasDex that has been observed targeting Brazilian users as part of an ongoing multi-platform campaign. BrasDex features a "complex keylogging system designed to abuse Accessibility Services to extract credentials specifically from a set of Brazilian targeted ... Read More Russian Hackers Targeted Petroleum Refinery in NATO Country During Ukraine War The Russia-linked Gamaredon group attempted to unsuccessfully break into a large petroleum refining company within a NATO member state earlier this year amid the ongoing Russo-Ukrainian war. The attack, which took place on August 30, 2022, is just one of multiple intrusions orchestrated by the advanced persistent threat (APT) that's attributed to Russia's Federal Security Service ... Read More A Guide to Efficient Patch Management with Action1 Keeping your software up to date is vital for cybersecurity. Read the patching strategy guide by Action1 and learn the best practices to identify, prioritize, and deploy updates effectively. Eliminate patching routine through automation and with a predictable plan at hand. Here are the key elements of the ... Read More 2022 Research Results: IT & Cybersecurity Operations Brought to you by InformationWeek (a $499 Value) Download Now Sponsored This email was sent to myemailku.ghdbrevo2018@blogger.com. You are receiving this newsletter because you opted-in to receive relevant communications from The Hacker News. To manage your email newsletter preferences, please click here. Contact The Hacker News: info@thehackernews.com Unsubscribe The Hacker News | Pearls Omaxe, Netaji Subash Place, Pitampura, Delhi 110034 India