<div>CISA Warns of High-Severity Flaws in Schneider and GE Digital’s SCADA Software</div>

CISA Warns of High-Severity Flaws in Schneider and GE Digital’s SCADA Software

,

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) last week published an industrial control system (ICS) advisory related to multiple vulnerabilities impacting Schneider Electric’s Easergy medium voltage protection relays.
« Successful exploitation of these vulnerabilities may disclose device credentials, cause a denial-of-service condition, device reboot, or allow an attacker to

,

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) last week published an industrial control system (ICS) advisory related to multiple vulnerabilities impacting Schneider Electric’s Easergy medium voltage protection relays.
« Successful exploitation of these vulnerabilities may disclose device credentials, cause a denial-of-service condition, device reboot, or allow an attacker to

, ,
https://thehackernews.com/2022/02/cisa-warns-of-high-severity-flaws-in.html

Reborn of Emotet: New Features of the Botnet and How to Detect it

Reborn of Emotet: New Features of the Botnet and How to Detect it,

One of the most dangerous and infamous threats is back again. In January 2021, global officials took down the botnet. Law enforcement sent a destructive update to the Emotet’s executables. And it looked like the end of the trojan’s story. 
But the malware never ceased to surprise. 
November 2021, it was reported that TrickBot no longer works alone and delivers Emotet. And ANY.RUN with colleagues

,

One of the most dangerous and infamous threats is back again. In January 2021, global officials took down the botnet. Law enforcement sent a destructive update to the Emotet’s executables. And it looked like the end of the trojan’s story. 
But the malware never ceased to surprise. 
November 2021, it was reported that TrickBot no longer works alone and delivers Emotet. And ANY.RUN with colleagues

, ,
https://thehackernews.com/2022/02/reborn-of-emotet-new-features-of-botnet.html

Experts Create Apple AirTag Clone That Can Bypass Anti-Tracking Measures

Experts Create Apple AirTag Clone That Can Bypass Anti-Tracking Measures,

Cybersecurity researchers have managed to build a clone of Apple Airtag that circumvents the anti-stalking protection technology built into its Find My Bluetooth-based tracking protocol.
The result is a stealth AirTag that can successfully track an iPhone user for over five days without triggering a tracking notification, Positive Security’s co-founder Fabian Bräunlein said in a deep-dive

,

Cybersecurity researchers have managed to build a clone of Apple Airtag that circumvents the anti-stalking protection technology built into its Find My Bluetooth-based tracking protocol.
The result is a stealth AirTag that can successfully track an iPhone user for over five days without triggering a tracking notification, Positive Security’s co-founder Fabian Bräunlein said in a deep-dive

, ,
https://thehackernews.com/2022/02/experts-create-apple-airtag-clone-that.html

Iranian Hackers Using New Spying Malware That Abuses Telegram Messenger API

Iranian Hackers Using New Spying Malware That Abuses Telegram Messenger API,

An Iranian geopolitical nexus threat actor has been uncovered deploying two new targeted malware that come with « simple » backdoor functionalities as part of an intrusion against an unnamed Middle East government entity in November 2021.
Cybersecurity company Mandiant attributed the attack to an uncategorized cluster it’s tracking under the moniker UNC3313, which it assesses with « moderate

,

An Iranian geopolitical nexus threat actor has been uncovered deploying two new targeted malware that come with « simple » backdoor functionalities as part of an intrusion against an unnamed Middle East government entity in November 2021.
Cybersecurity company Mandiant attributed the attack to an uncategorized cluster it’s tracking under the moniker UNC3313, which it assesses with « moderate

, ,
https://thehackernews.com/2022/02/iranian-hackers-using-new-spying.html

Social Media Hijacking Malware Spreading Through Gaming Apps on Microsoft Store

Social Media Hijacking Malware Spreading Through Gaming Apps on Microsoft Store,

A new malware capable of controlling social media accounts is being distributed through Microsoft’s official app store in the form of trojanized gaming apps, infecting more than 5,000 Windows machines in Sweden, Bulgaria, Russia, Bermuda, and Spain.
Israeli cybersecurity company Check Point dubbed the malware « Electron Bot, » in reference to a command-and-control (C2) domain used in recent

,

A new malware capable of controlling social media accounts is being distributed through Microsoft’s official app store in the form of trojanized gaming apps, infecting more than 5,000 Windows machines in Sweden, Bulgaria, Russia, Bermuda, and Spain.
Israeli cybersecurity company Check Point dubbed the malware « Electron Bot, » in reference to a command-and-control (C2) domain used in recent

, ,
https://thehackernews.com/2022/02/social-media-hijacking-malware.html

Russia-Ukraine War: Phishing, Malware and Hacker Groups Taking Sides

Russia-Ukraine War: Phishing, Malware and Hacker Groups Taking Sides,

Ukraine’s Computer Emergency Response Team (CERT-UA) has warned of Belarusian state-sponsored hackers targeting its military personnel and related individuals as part of a phishing campaign mounted amidst Russia’s military invasion of the country.
« Mass phishing emails have recently been observed targeting private ‘i.ua’ and ‘meta.ua’ accounts of Ukrainian military personnel and related

,

Ukraine’s Computer Emergency Response Team (CERT-UA) has warned of Belarusian state-sponsored hackers targeting its military personnel and related individuals as part of a phishing campaign mounted amidst Russia’s military invasion of the country.
« Mass phishing emails have recently been observed targeting private ‘i.ua’ and ‘meta.ua’ accounts of Ukrainian military personnel and related

, ,
https://thehackernews.com/2022/02/russia-ukraine-war-phishing-malware-and.html

New « SockDetour » Fileless, Socketless Backdoor Targets U.S. Defense Contractors

New « SockDetour » Fileless, Socketless Backdoor Targets U.S. Defense Contractors

,

Cybersecurity researchers have taken the wraps off a previously undocumented and stealthy custom malware called SockDetour that targeted U.S.-based defense contractors with the goal of being used as a secondary implant on compromised Windows hosts.
« SockDetour is a backdoor that is designed to remain stealthily on compromised Windows servers so that it can serve as a backup backdoor in case the

,

Cybersecurity researchers have taken the wraps off a previously undocumented and stealthy custom malware called SockDetour that targeted U.S.-based defense contractors with the goal of being used as a secondary implant on compromised Windows hosts.
« SockDetour is a backdoor that is designed to remain stealthily on compromised Windows servers so that it can serve as a backup backdoor in case the

, ,
https://thehackernews.com/2022/02/new-sockdetour-fileless-socketless.html

Iran’s MuddyWater Hacker Group Using New Malware in Worldwide Cyber Attacks

Iran’s MuddyWater Hacker Group Using New Malware in Worldwide Cyber Attacks

,

Cybersecurity agencies from the U.K. and the U.S. have laid bare a new malware used by the Iranian government-sponsored advanced persistent threat (APT) group in attacks targeting government and commercial networks worldwide.
« MuddyWater actors are positioned both to provide stolen data and accesses to the Iranian government and to share these with other malicious cyber actors, » the agencies 

,

Cybersecurity agencies from the U.K. and the U.S. have laid bare a new malware used by the Iranian government-sponsored advanced persistent threat (APT) group in attacks targeting government and commercial networks worldwide.
« MuddyWater actors are positioned both to provide stolen data and accesses to the Iranian government and to share these with other malicious cyber actors, » the agencies 

, ,
https://thehackernews.com/2022/02/irans-muddywater-hacker-group-using-new.html

Putin Warns Russian Critical Infrastructure to Brace for Potential Cyber Attacks

Putin Warns Russian Critical Infrastructure to Brace for Potential Cyber Attacks,

The Russian government on Thursday warned of cyber attacks aimed at domestic critical infrastructure operators, as the country’s full-blown invasion of Ukraine enters the second day.
In addition to cautioning of the « threat of an increase in the intensity of computer attacks, » Russia’s National Computer Incident Response and Coordination Center said that the « attacks can be aimed at disrupting

,

The Russian government on Thursday warned of cyber attacks aimed at domestic critical infrastructure operators, as the country’s full-blown invasion of Ukraine enters the second day.
In addition to cautioning of the « threat of an increase in the intensity of computer attacks, » Russia’s National Computer Incident Response and Coordination Center said that the « attacks can be aimed at disrupting

, ,
https://thehackernews.com/2022/02/putin-warns-russian-critical.html

Notorious TrickBot Malware Gang Shuts Down its Botnet Infrastructure

Notorious TrickBot Malware Gang Shuts Down its Botnet Infrastructure,

The modular Windows crimeware platform known as TrickBot formally shuttered its infrastructure on Thursday after reports emerged of its imminent retirement amid a lull in its activity for almost two months, marking an end to one of the most persistent malware campaigns in recent years.
« TrickBot is gone… It is official now as of Thursday, February 24, 2022. See you soon… or not, » AdvIntel’s

,

The modular Windows crimeware platform known as TrickBot formally shuttered its infrastructure on Thursday after reports emerged of its imminent retirement amid a lull in its activity for almost two months, marking an end to one of the most persistent malware campaigns in recent years.
« TrickBot is gone… It is official now as of Thursday, February 24, 2022. See you soon… or not, » AdvIntel’s

, ,
https://thehackernews.com/2022/02/notorious-trickbot-malware-gang-shuts.html