From
nl00.net
Email Address
news@news.nl00.net
Sent On
Tue, Jan 24, 2023 01:15 PM
Email Preheader Text
The Hacker News Daily Updates Arm yourself with knowledge! Sponsored LATEST NEWS Jan 24, 2023 The U.
HTML
The Hacker News Daily Updates
[Newsletter]( [cover]( [Cybercrime Survival Guide]( Arm yourself with knowledge! [Download Now]( Sponsored LATEST NEWS Jan 24, 2023 [FBI Says North Korean Hackers Behind $100 Million Horizon Bridge Crypto Theft]( The U.S. Federal Bureau of Investigation (FBI) on Monday confirmed that North Korean threat actors were responsible for the theft of $100 million in cryptocurrency assets from Harmony Horizon Bridge in June 2022. The law enforcement agency attributed the hack to the Lazarus Group and APT38, the latter of which is a North Korean state-sponsored threat group that specializes in financial ... [Read More](
[Twitter]( [Facebook]( [LinkedIn]( [Security Navigator Research: Some Vulnerabilities Date Back to the Last Millennium]( Vulnerability analysis results in Orange Cyberdefenses' Security Navigator show that some vulnerabilities first discovered in 1999 are still found in networks today. This is concerning. Age of VOC findings Our Vulnerability Scans are performed on a recurring basis, which provides us the opportunity to examine the difference between when a scan was performed on an Asset, and when a given ... [Read More](
[Twitter]( [Facebook]( [LinkedIn]( [Emotet Malware Makes a Comeback with New Evasion Techniques]( The Emotet malware operation has continued to refine its tactics in an effort to fly under the radar, while also acting as a conduit for other dangerous malware such as Bumblebee and IcedID. Emotet, which officially reemerged in late 2021 following a coordinated takedown of its infrastructure by authorities earlier that year, has continued to be a persistent threat that's distributed ... [Read More](
[Twitter]( [Facebook]( [LinkedIn]( [Apple Issues Updates for Older Devices to Fix Actively Exploited Vulnerability]( Apple has backported fixes for a recently disclosed critical security flaw affecting older devices, citing evidence of active exploitation. The issue, tracked as CVE-2022-42856, is a type confusion vulnerability in the WebKit browser engine that could result in arbitrary code execution when processing maliciously crafted web content. While it was originally addressed by the company on ... [Read More](
[Twitter]( [Facebook]( [LinkedIn]( [Facebook Introduces New Features for End-to-End Encrypted Messenger App]( Meta Platforms on Monday announced that it has started to expand global testing of end-to-end encryption (E2EE) in Messenger chats by default. "Over the next few months, more people will continue to see some of their chats gradually being upgraded with an extra layer of protection provided by end-to-end encryption," Meta's Melissa Miranda said. The social media behemoth said it intends to ... [Read More](
[Twitter]( [Facebook]( [LinkedIn]( [Samsung Galaxy Store App Found Vulnerable to Sneaky App Installs and Fraud]( Two security flaws have been disclosed in Samsung's Galaxy Store app for Android that could be exploited by a local attacker to stealthily install arbitrary apps or direct prospective victims to fraudulent landing pages on the web. The issues, tracked as CVE-2023-21433 and CVE-2023-21434, were discovered by NCC Group and notified to the South Korean chaebol in November and December 2022. ... [Read More](
[Twitter]( [Facebook]( [LinkedIn]( [SaaS Security Posture Management (SSPM) as a Layer in Your Identity Fabric]( The move to SaaS and other cloud tools has put an emphasis on Identity & Access Management (IAM). After all, user identity is one of the only barriers standing between sensitive corporate data and any unauthorized access. The tools used to define IAM make up its identity fabric. The stronger the fabric, the more resistant identities are to pressure from threat actors. However, those ... [Read More](
[Twitter]( [Facebook]( [LinkedIn]( [Threat Actors Turn to Sliver as Open Source Alternative to Popular C2 Frameworks]( The legitimate command-and-control (C2) framework known as Sliver is gaining more traction from threat actors as it emerges as an open source alternative to Cobalt Strike and Metasploit. The findings come from Cybereason, which detailed its inner workings in an exhaustive analysis last week. Sliver, developed by cybersecurity company BishopFox, is a Golang-based cross-platform ... [Read More](
[Twitter]( [Facebook]( [LinkedIn]( [cover]( [Cybercrime Survival Guide]( Arm yourself with knowledge! [Download Now]( Sponsored This email was sent to {EMAIL}. You are receiving this newsletter because you opted-in to receive relevant communications from The Hacker News. To manage your email newsletter preferences, please [click here](. Contact The Hacker News: info@thehackernews.com
[Unsubscribe]( The Hacker News | Pearls Omaxe, Netaji Subash Place, Pitampura, Delhi 110034 India
EDM Keywords (68)
year
web
upgraded
traction
theft
tactics
stronger
started
sponsored
specializes
sliver
sent
see
scan
samsung
saas
responsible
refine
receiving
read
radar
put
pressure
performed
people
opted
opportunity
one
november
notified
next
newsletter
move
months
metasploit
manage
layer
latter
intends
infrastructure
hack
gaining
fly
fabric
exploited
examine
end
emphasis
emerges
email
effort
discovered
disclosed
difference
detailed
default
cybereason
could
continued
continue
contact
conduit
company
comeback
bumblebee
asset
apt38
android
1999