TheHackerNews

April 2, 2022 The North Korean state-backed hacking crew, otherwise known as the Lazarus Group, has been attributed to yet another financially motivated campaign that leverages a trojanized decentralized finance (DeFi) wallet app to distribute a fully-featured backdoor onto compromised Windows systems. The app, which is equipped with functionalities to save and manage a cryptocurrency wallet, …

North Korean Hackers Distributing Trojanized DeFi Wallet Apps to Steal Victims’ Crypto Read More »

April 2, 2022 Threat actor groups like Wizard Spider and Sandworm have been wreaking havoc over the past few years – developing and deploying cybercrime tools like Conti, Trickbot, and Ryuk ransomware. Most recently, Sandworm (suspected to be a Russian cyber-military unit) unleashed cyberattacks against Ukranian infrastructure targets. To ensure cybersecurity providers are battle ready, …

Results Overview: 2022 MITRE ATT&CK Evaluation – Wizard Spider and Sandworm Edition Read More »

April 2, 2022 Networking equipment maker Zyxel has pushed security updates for a critical vulnerability affecting some of its business firewall and VPN products that could enable an attacker to take control of the devices. “An authentication bypass vulnerability caused by the lack of a proper access control mechanism has been found in the CGI …

Zyxel Releases Patches for Critical Bug Affecting Business Firewall and VPN Devices Read More »

April 1, 2022 Apple on Thursday rolled out emergency patches to address two zero-day flaws in its mobile and desktop operating systems that it said may have been exploited in the wild. The shortcomings have been fixed as part of updates to iOS and iPadOS 15.4.1, macOS Monterey 12.3.1, tvOS 15.4.1, and watchOS 8.5.1. Both the vulnerabilities have been …

Apple Issues Patches for 2 Actively Exploited Zero-Days in iPhone, iPad and Mac Devices Read More »

April 1, 2022 The maintainers of Spring Framework have released an emergency patch to address a newly disclosed remote code execution flaw that, if successfully exploited, could allow an unauthenticated attacker to take control of a targeted system. Tracked as CVE-2022-22965, the high-severity flaw impacts Spring Framework versions 5.3.0 to 5.3.17, 5.2.0 to 5.2.19, and other older, unsupported …

Security Patch Releases for Critical Zero-Day Bug in Java Spring Framework Read More »

April 1, 2022 Researchers have disclosed what they say is the first-ever Python-based ransomware strain specifically designed to target exposed Jupyter notebooks, a web-based interactive computing platform that allows editing and running programs via a browser. “The attackers gained initial access via misconfigured environments, then ran a ransomware script that encrypts every file on a …

New Python-based Ransomware Targeting JupyterLab Web Notebooks Read More »

April 1, 2022 Three security vulnerabilities have been disclosed in the popular Wyze Cam devices that grant malicious actors to execute arbitrary code and access camera feeds as well as unauthorizedly read the SD cards, the latter of which remained unresolved for nearly three years after the initial discovery. The security flaws relate to an …

Bugs in Wyze Cams Could Let Attackers Takeover Devices and Access Video Feeds Read More »

April 1, 2022 A zero-day remote code execution (RCE) vulnerability has come to light in the Spring framework shortly after a Chinese security researcher briefly leaked a proof-of-concept (PoC) exploit on GitHub before deleting their account. According to cybersecurity firm Praetorian, the unpatched flaw impacts Spring Core on Java Development Kit (JDK) versions 9 and later and is a bypass for …

Unpatched Java Spring Framework 0-Day RCE Bug Threatens Enterprise Web Apps Security Read More »

April 1, 2022 A Belarusian threat actor known as Ghostwriter (aka UNC1151) has been spotted leveraging the recently disclosed browser-in-the-browser (BitB) technique as part of their credential phishing campaigns exploiting the ongoing Russo-Ukrainian conflict. The method, which masquerades as a legitimate domain by simulating a browser window within the browser, makes it possible to mount convincing social …

Hackers Increasingly Using ‘Browser-in-the-Browser’ Technique in Ukraine Related Attacks Read More »

April 1, 2022 Taiwanese company QNAP this week revealed that a selected number of its network-attached storage (NAS) appliances are affected by a recently-disclosed bug in the open-source OpenSSL cryptographic library. “An infinite loop vulnerability in OpenSSL has been reported to affect certain QNAP NAS,” the company said in an advisory published on March 29, 2022. “If …

QNAP Warns of OpenSSL Infinite Loop Vulnerability Affecting NAS Devices Read More »