New Go-based Botnet Exploiting Exploiting Dozens of IoT Vulnerabilities to Expand its Network

The Hacker News Daily Updates [Newsletter]( [cover]( [Developing and Testing an Effective Breach Response Plan]( Data breaches are accelerating. We share what organizations must do after their data is exposed to help avoid a data disaster. [Download Now]( Sponsored LATEST NEWS Dec 7, 2022 [Vice Society Ransomware Attackers Targeted Dozens of Schools in 2022]( The Vice Society cybercrime group has disproportionately targeted educational institutions, accounting for 33 victims in 2022 and surpassing other ransomware families like LockBit, BlackCat, BianLian, and Hive. Other prominent industry verticals targeted include healthcare, governments, manufacturing, retail, and legal services, according to an analysis of leak site data by Palo Alto ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [How XDR Helps Protect Critical Infrastructure]( Critical infrastructure is important for societal existence, growth, and development. Societies are reliant on the services provided by critical infrastructure sectors like telecommunication, energy, healthcare, transportation, and information technology. Safety and security are necessary for the optimal operation of these critical infrastructures. Critical infrastructure is made up of ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [Chinese Hackers Using Russo-Ukrainian War Decoys to Target APAC and European Entities]( The China-linked nation-state hacking group referred to as Mustang Panda is using lures related to the ongoing Russo-Ukrainian War to attack entities in Europe and the Asia Pacific. That's according to the BlackBerry Research and Intelligence Team, which analyzed a RAR archive file titled "Political Guidance for the new EU approach towards Russia.rar." Some of the targeted countries ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [Russian Hackers Spotted Targeting U.S. Military Weapons and Hardware Supplier]( A state-sponsored hacking group with links to Russia has been linked to attack infrastructure that spoofs the Microsoft login page of Global Ordnance, a legitimate U.S.-based military weapons and hardware supplier. Recorded Future attributed the new infrastructure to a threat activity group it tracks under the name TAG-53, and is broadly known by the cybersecurity community as Blue ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [Microsoft Alerts Cryptocurrency Industry of Targeted Cyberattacks]( Cryptocurrency investment companies are the target of a developing threat cluster that uses Telegram groups to seek out potential victims. Microsoft's Security Threat Intelligence Center (MSTIC) is tracking the activity under the name DEV-0139, and builds upon a recent report from Volexity that attributed the same set of attacks to North Korea's Lazarus Group. "DEV-0139 joined Telegram ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [New Go-based Botnet Exploiting Exploiting Dozens of IoT Vulnerabilities to Expand its Network]( A novel Go-based botnet called Zerobot has been observed in the wild proliferating by taking advantage of nearly two dozen security vulnerabilities in the internet of things (IoT) devices and other software. The botnet "contains several modules, including self-replication, attacks for different protocols, and self-propagation," Fortinet FortiGuard Labs researcher Cara Lin said. "It ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [Chinese Hackers Target Middle East Telecoms in Latest Cyber Attacks]( A malicious campaign targeting the Middle East is likely linked to BackdoorDiplomacy, an advanced persistent threat (APT) group with ties to China. The espionage activity, directed against a telecom company in the region, is said to have commenced on August 19, 2021 through the successful exploitation of ProxyShell flaws in the Microsoft Exchange Server. Initial compromise leveraged ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [Iranian State Hackers Targeting Key Figures in Activism, Journalism, and Politics]( Hackers with ties to the Iranian government have been linked to an ongoing social engineering and credential phishing campaign directed against human rights activists, journalists, researchers, academics, diplomats, and politicians working in the Middle East. At least 20 individuals are believed to have been targeted, Human Rights Watch (HRW) said in a report published Monday, attributing ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [cover]( [Developing and Testing an Effective Breach Response Plan]( Data breaches are accelerating. We share what organizations must do after their data is exposed to help avoid a data disaster. [Download Now]( Sponsored This email was sent to {EMAIL}. You are receiving this newsletter because you opted-in to receive relevant communications from The Hacker News. To manage your email newsletter preferences, please [click here](. Contact The Hacker News: info@thehackernews.com [Unsubscribe]( The Hacker News | Pearls Omaxe, Netaji Subash Place, Pitampura, Delhi 110034 India