Experts Create Apple AirTag Clone That Can Bypass Anti-Tracking Measures

Experts Create Apple AirTag Clone That Can Bypass Anti-Tracking Measures,

Cybersecurity researchers have managed to build a clone of Apple Airtag that circumvents the anti-stalking protection technology built into its Find My Bluetooth-based tracking protocol.
The result is a stealth AirTag that can successfully track an iPhone user for over five days without triggering a tracking notification, Positive Security’s co-founder Fabian Bräunlein said in a deep-dive

,

Cybersecurity researchers have managed to build a clone of Apple Airtag that circumvents the anti-stalking protection technology built into its Find My Bluetooth-based tracking protocol.
The result is a stealth AirTag that can successfully track an iPhone user for over five days without triggering a tracking notification, Positive Security’s co-founder Fabian Bräunlein said in a deep-dive

, ,
https://thehackernews.com/2022/02/experts-create-apple-airtag-clone-that.html

Iranian Hackers Using New Spying Malware That Abuses Telegram Messenger API

Iranian Hackers Using New Spying Malware That Abuses Telegram Messenger API,

An Iranian geopolitical nexus threat actor has been uncovered deploying two new targeted malware that come with « simple » backdoor functionalities as part of an intrusion against an unnamed Middle East government entity in November 2021.
Cybersecurity company Mandiant attributed the attack to an uncategorized cluster it’s tracking under the moniker UNC3313, which it assesses with « moderate

,

An Iranian geopolitical nexus threat actor has been uncovered deploying two new targeted malware that come with « simple » backdoor functionalities as part of an intrusion against an unnamed Middle East government entity in November 2021.
Cybersecurity company Mandiant attributed the attack to an uncategorized cluster it’s tracking under the moniker UNC3313, which it assesses with « moderate

, ,
https://thehackernews.com/2022/02/iranian-hackers-using-new-spying.html

Social Media Hijacking Malware Spreading Through Gaming Apps on Microsoft Store

Social Media Hijacking Malware Spreading Through Gaming Apps on Microsoft Store,

A new malware capable of controlling social media accounts is being distributed through Microsoft’s official app store in the form of trojanized gaming apps, infecting more than 5,000 Windows machines in Sweden, Bulgaria, Russia, Bermuda, and Spain.
Israeli cybersecurity company Check Point dubbed the malware « Electron Bot, » in reference to a command-and-control (C2) domain used in recent

,

A new malware capable of controlling social media accounts is being distributed through Microsoft’s official app store in the form of trojanized gaming apps, infecting more than 5,000 Windows machines in Sweden, Bulgaria, Russia, Bermuda, and Spain.
Israeli cybersecurity company Check Point dubbed the malware « Electron Bot, » in reference to a command-and-control (C2) domain used in recent

, ,
https://thehackernews.com/2022/02/social-media-hijacking-malware.html

Russia-Ukraine War: Phishing, Malware and Hacker Groups Taking Sides

Russia-Ukraine War: Phishing, Malware and Hacker Groups Taking Sides,

Ukraine’s Computer Emergency Response Team (CERT-UA) has warned of Belarusian state-sponsored hackers targeting its military personnel and related individuals as part of a phishing campaign mounted amidst Russia’s military invasion of the country.
« Mass phishing emails have recently been observed targeting private ‘i.ua’ and ‘meta.ua’ accounts of Ukrainian military personnel and related

,

Ukraine’s Computer Emergency Response Team (CERT-UA) has warned of Belarusian state-sponsored hackers targeting its military personnel and related individuals as part of a phishing campaign mounted amidst Russia’s military invasion of the country.
« Mass phishing emails have recently been observed targeting private ‘i.ua’ and ‘meta.ua’ accounts of Ukrainian military personnel and related

, ,
https://thehackernews.com/2022/02/russia-ukraine-war-phishing-malware-and.html

New « SockDetour » Fileless, Socketless Backdoor Targets U.S. Defense Contractors

New « SockDetour » Fileless, Socketless Backdoor Targets U.S. Defense Contractors

,

Cybersecurity researchers have taken the wraps off a previously undocumented and stealthy custom malware called SockDetour that targeted U.S.-based defense contractors with the goal of being used as a secondary implant on compromised Windows hosts.
« SockDetour is a backdoor that is designed to remain stealthily on compromised Windows servers so that it can serve as a backup backdoor in case the

,

Cybersecurity researchers have taken the wraps off a previously undocumented and stealthy custom malware called SockDetour that targeted U.S.-based defense contractors with the goal of being used as a secondary implant on compromised Windows hosts.
« SockDetour is a backdoor that is designed to remain stealthily on compromised Windows servers so that it can serve as a backup backdoor in case the

, ,
https://thehackernews.com/2022/02/new-sockdetour-fileless-socketless.html

Iran’s MuddyWater Hacker Group Using New Malware in Worldwide Cyber Attacks

Iran’s MuddyWater Hacker Group Using New Malware in Worldwide Cyber Attacks

,

Cybersecurity agencies from the U.K. and the U.S. have laid bare a new malware used by the Iranian government-sponsored advanced persistent threat (APT) group in attacks targeting government and commercial networks worldwide.
« MuddyWater actors are positioned both to provide stolen data and accesses to the Iranian government and to share these with other malicious cyber actors, » the agencies 

,

Cybersecurity agencies from the U.K. and the U.S. have laid bare a new malware used by the Iranian government-sponsored advanced persistent threat (APT) group in attacks targeting government and commercial networks worldwide.
« MuddyWater actors are positioned both to provide stolen data and accesses to the Iranian government and to share these with other malicious cyber actors, » the agencies 

, ,
https://thehackernews.com/2022/02/irans-muddywater-hacker-group-using-new.html

Putin Warns Russian Critical Infrastructure to Brace for Potential Cyber Attacks

Putin Warns Russian Critical Infrastructure to Brace for Potential Cyber Attacks,

The Russian government on Thursday warned of cyber attacks aimed at domestic critical infrastructure operators, as the country’s full-blown invasion of Ukraine enters the second day.
In addition to cautioning of the « threat of an increase in the intensity of computer attacks, » Russia’s National Computer Incident Response and Coordination Center said that the « attacks can be aimed at disrupting

,

The Russian government on Thursday warned of cyber attacks aimed at domestic critical infrastructure operators, as the country’s full-blown invasion of Ukraine enters the second day.
In addition to cautioning of the « threat of an increase in the intensity of computer attacks, » Russia’s National Computer Incident Response and Coordination Center said that the « attacks can be aimed at disrupting

, ,
https://thehackernews.com/2022/02/putin-warns-russian-critical.html

Notorious TrickBot Malware Gang Shuts Down its Botnet Infrastructure

Notorious TrickBot Malware Gang Shuts Down its Botnet Infrastructure,

The modular Windows crimeware platform known as TrickBot formally shuttered its infrastructure on Thursday after reports emerged of its imminent retirement amid a lull in its activity for almost two months, marking an end to one of the most persistent malware campaigns in recent years.
« TrickBot is gone… It is official now as of Thursday, February 24, 2022. See you soon… or not, » AdvIntel’s

,

The modular Windows crimeware platform known as TrickBot formally shuttered its infrastructure on Thursday after reports emerged of its imminent retirement amid a lull in its activity for almost two months, marking an end to one of the most persistent malware campaigns in recent years.
« TrickBot is gone… It is official now as of Thursday, February 24, 2022. See you soon… or not, » AdvIntel’s

, ,
https://thehackernews.com/2022/02/notorious-trickbot-malware-gang-shuts.html

New Flaws Discovered in Cisco’s Network Operating System for Switches

New Flaws Discovered in Cisco’s Network Operating System for Switches

,

Cisco has released software updates to address four security vulnerabilities in its software that could be weaponized by malicious actors to take control of affected systems.
The most critical of the flaws is CVE-2022-20650 (CVSS score: 8.8), which relates to a command injection flaw in the NX-API feature of Cisco NX-OS Software that stems from a lack of sufficient input validation of

,

Cisco has released software updates to address four security vulnerabilities in its software that could be weaponized by malicious actors to take control of affected systems.
The most critical of the flaws is CVE-2022-20650 (CVSS score: 8.8), which relates to a command injection flaw in the NX-API feature of Cisco NX-OS Software that stems from a lack of sufficient input validation of

, ,
https://thehackernews.com/2022/02/new-flaws-discovered-in-ciscos-network.html

TrickBot Gang Likely Shifting Operations to Switch to New Malware

TrickBot Gang Likely Shifting Operations to Switch to New Malware,

TrickBot, the infamous Windows crimeware-as-a-service (CaaS) solution that’s used by a variety of threat actors to deliver next-stage payloads like ransomware, appears to be undergoing a transition of sorts, with no new activity recorded since the start of the year.
The lull in the malware campaigns is « partially due to a big shift from Trickbot’s operators, including working with the operators

,

TrickBot, the infamous Windows crimeware-as-a-service (CaaS) solution that’s used by a variety of threat actors to deliver next-stage payloads like ransomware, appears to be undergoing a transition of sorts, with no new activity recorded since the start of the year.
The lull in the malware campaigns is « partially due to a big shift from Trickbot’s operators, including working with the operators

, ,
https://thehackernews.com/2022/02/trickbot-gang-likely-shifting.html