CISA adds recently disclosed Zimbra bug to its Exploited Vulnerabilities Catalog

CISA adds recently disclosed Zimbra bug to its Exploited Vulnerabilities Catalog,

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) expanded its Known Exploited Vulnerabilities Catalog to include a recently disclosed zero-day flaw in the Zimbra email platform citing evidence of active exploitation in the wild.
Tracked as CVE-2022-24682 (CVSS score: 6.1), the issue concerns a cross-site scripting (XSS) vulnerability in the Calendar feature in Zimbra

,

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) expanded its Known Exploited Vulnerabilities Catalog to include a recently disclosed zero-day flaw in the Zimbra email platform citing evidence of active exploitation in the wild.
Tracked as CVE-2022-24682 (CVSS score: 6.1), the issue concerns a cross-site scripting (XSS) vulnerability in the Calendar feature in Zimbra

, ,
https://thehackernews.com/2022/02/cisa-adds-recently-disclosed-zimbra-bug.html

100 Million Samsung Galaxy Phones Affected with Flawed Hardware Encryption Feature

100 Million Samsung Galaxy Phones Affected with Flawed Hardware Encryption Feature,

A group of academics from Tel Aviv University have disclosed details of now-patched « severe » design flaws affecting about 100 million Android-based Samsung smartphones that could have resulted in the extraction of secret cryptographic keys.
The shortcomings are the result of an analysis of the cryptographic design and implementation of Android’s hardware-backed Keystore in Samsung’s Galaxy S8,

,

A group of academics from Tel Aviv University have disclosed details of now-patched « severe » design flaws affecting about 100 million Android-based Samsung smartphones that could have resulted in the extraction of secret cryptographic keys.
The shortcomings are the result of an analysis of the cryptographic design and implementation of Android’s hardware-backed Keystore in Samsung’s Galaxy S8,

, ,
https://thehackernews.com/2022/02/100-million-samsung-galaxy-phones.html

<div>CISA Warns of High-Severity Flaws in Schneider and GE Digital’s SCADA Software</div>

CISA Warns of High-Severity Flaws in Schneider and GE Digital’s SCADA Software

,

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) last week published an industrial control system (ICS) advisory related to multiple vulnerabilities impacting Schneider Electric’s Easergy medium voltage protection relays.
« Successful exploitation of these vulnerabilities may disclose device credentials, cause a denial-of-service condition, device reboot, or allow an attacker to

,

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) last week published an industrial control system (ICS) advisory related to multiple vulnerabilities impacting Schneider Electric’s Easergy medium voltage protection relays.
« Successful exploitation of these vulnerabilities may disclose device credentials, cause a denial-of-service condition, device reboot, or allow an attacker to

, ,
https://thehackernews.com/2022/02/cisa-warns-of-high-severity-flaws-in.html

Reborn of Emotet: New Features of the Botnet and How to Detect it

Reborn of Emotet: New Features of the Botnet and How to Detect it,

One of the most dangerous and infamous threats is back again. In January 2021, global officials took down the botnet. Law enforcement sent a destructive update to the Emotet’s executables. And it looked like the end of the trojan’s story. 
But the malware never ceased to surprise. 
November 2021, it was reported that TrickBot no longer works alone and delivers Emotet. And ANY.RUN with colleagues

,

One of the most dangerous and infamous threats is back again. In January 2021, global officials took down the botnet. Law enforcement sent a destructive update to the Emotet’s executables. And it looked like the end of the trojan’s story. 
But the malware never ceased to surprise. 
November 2021, it was reported that TrickBot no longer works alone and delivers Emotet. And ANY.RUN with colleagues

, ,
https://thehackernews.com/2022/02/reborn-of-emotet-new-features-of-botnet.html

Experts Create Apple AirTag Clone That Can Bypass Anti-Tracking Measures

Experts Create Apple AirTag Clone That Can Bypass Anti-Tracking Measures,

Cybersecurity researchers have managed to build a clone of Apple Airtag that circumvents the anti-stalking protection technology built into its Find My Bluetooth-based tracking protocol.
The result is a stealth AirTag that can successfully track an iPhone user for over five days without triggering a tracking notification, Positive Security’s co-founder Fabian Bräunlein said in a deep-dive

,

Cybersecurity researchers have managed to build a clone of Apple Airtag that circumvents the anti-stalking protection technology built into its Find My Bluetooth-based tracking protocol.
The result is a stealth AirTag that can successfully track an iPhone user for over five days without triggering a tracking notification, Positive Security’s co-founder Fabian Bräunlein said in a deep-dive

, ,
https://thehackernews.com/2022/02/experts-create-apple-airtag-clone-that.html

Iranian Hackers Using New Spying Malware That Abuses Telegram Messenger API

Iranian Hackers Using New Spying Malware That Abuses Telegram Messenger API,

An Iranian geopolitical nexus threat actor has been uncovered deploying two new targeted malware that come with « simple » backdoor functionalities as part of an intrusion against an unnamed Middle East government entity in November 2021.
Cybersecurity company Mandiant attributed the attack to an uncategorized cluster it’s tracking under the moniker UNC3313, which it assesses with « moderate

,

An Iranian geopolitical nexus threat actor has been uncovered deploying two new targeted malware that come with « simple » backdoor functionalities as part of an intrusion against an unnamed Middle East government entity in November 2021.
Cybersecurity company Mandiant attributed the attack to an uncategorized cluster it’s tracking under the moniker UNC3313, which it assesses with « moderate

, ,
https://thehackernews.com/2022/02/iranian-hackers-using-new-spying.html

Social Media Hijacking Malware Spreading Through Gaming Apps on Microsoft Store

Social Media Hijacking Malware Spreading Through Gaming Apps on Microsoft Store,

A new malware capable of controlling social media accounts is being distributed through Microsoft’s official app store in the form of trojanized gaming apps, infecting more than 5,000 Windows machines in Sweden, Bulgaria, Russia, Bermuda, and Spain.
Israeli cybersecurity company Check Point dubbed the malware « Electron Bot, » in reference to a command-and-control (C2) domain used in recent

,

A new malware capable of controlling social media accounts is being distributed through Microsoft’s official app store in the form of trojanized gaming apps, infecting more than 5,000 Windows machines in Sweden, Bulgaria, Russia, Bermuda, and Spain.
Israeli cybersecurity company Check Point dubbed the malware « Electron Bot, » in reference to a command-and-control (C2) domain used in recent

, ,
https://thehackernews.com/2022/02/social-media-hijacking-malware.html

Russia-Ukraine War: Phishing, Malware and Hacker Groups Taking Sides

Russia-Ukraine War: Phishing, Malware and Hacker Groups Taking Sides,

Ukraine’s Computer Emergency Response Team (CERT-UA) has warned of Belarusian state-sponsored hackers targeting its military personnel and related individuals as part of a phishing campaign mounted amidst Russia’s military invasion of the country.
« Mass phishing emails have recently been observed targeting private ‘i.ua’ and ‘meta.ua’ accounts of Ukrainian military personnel and related

,

Ukraine’s Computer Emergency Response Team (CERT-UA) has warned of Belarusian state-sponsored hackers targeting its military personnel and related individuals as part of a phishing campaign mounted amidst Russia’s military invasion of the country.
« Mass phishing emails have recently been observed targeting private ‘i.ua’ and ‘meta.ua’ accounts of Ukrainian military personnel and related

, ,
https://thehackernews.com/2022/02/russia-ukraine-war-phishing-malware-and.html

New « SockDetour » Fileless, Socketless Backdoor Targets U.S. Defense Contractors

New « SockDetour » Fileless, Socketless Backdoor Targets U.S. Defense Contractors

,

Cybersecurity researchers have taken the wraps off a previously undocumented and stealthy custom malware called SockDetour that targeted U.S.-based defense contractors with the goal of being used as a secondary implant on compromised Windows hosts.
« SockDetour is a backdoor that is designed to remain stealthily on compromised Windows servers so that it can serve as a backup backdoor in case the

,

Cybersecurity researchers have taken the wraps off a previously undocumented and stealthy custom malware called SockDetour that targeted U.S.-based defense contractors with the goal of being used as a secondary implant on compromised Windows hosts.
« SockDetour is a backdoor that is designed to remain stealthily on compromised Windows servers so that it can serve as a backup backdoor in case the

, ,
https://thehackernews.com/2022/02/new-sockdetour-fileless-socketless.html

Iran’s MuddyWater Hacker Group Using New Malware in Worldwide Cyber Attacks

Iran’s MuddyWater Hacker Group Using New Malware in Worldwide Cyber Attacks

,

Cybersecurity agencies from the U.K. and the U.S. have laid bare a new malware used by the Iranian government-sponsored advanced persistent threat (APT) group in attacks targeting government and commercial networks worldwide.
« MuddyWater actors are positioned both to provide stolen data and accesses to the Iranian government and to share these with other malicious cyber actors, » the agencies 

,

Cybersecurity agencies from the U.K. and the U.S. have laid bare a new malware used by the Iranian government-sponsored advanced persistent threat (APT) group in attacks targeting government and commercial networks worldwide.
« MuddyWater actors are positioned both to provide stolen data and accesses to the Iranian government and to share these with other malicious cyber actors, » the agencies 

, ,
https://thehackernews.com/2022/02/irans-muddywater-hacker-group-using-new.html