Victory against cybercrime: Hive Ransomware Infrastructure Seized

The Hacker News Daily Updates [Newsletter]( [cover]( [The 3 Approaches to Breach & Attack Simulation Technologies]( Demand for the latest and most comprehensive testing solutions continues to grow to counter the ever-increasing wave of cybercrime. Find out what methods organizations are using to meet this demand. [Download Now]( Sponsored LATEST NEWS Jan 27, 2023 [Researchers Discover New PlugX Malware Variant Spreading via Removable USB Devices]( Cybersecurity researchers have uncovered a PlugX sample that employs sneaky methods to infect attached removable USB media devices in order to propagate the malware to additional systems. "This PlugX variant is wormable and infects USB devices in such a way that it conceals itself from the Windows operating file system," Palo Alto Networks Unit 42 researchers Mike Harbison and Jen ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [3 Lifehacks While Analyzing Orcus RAT in a Malware Sandbox]( Orcus is a Remote Access Trojan with some distinctive characteristics. The RAT allows attackers to create plugins and offers a robust core feature set that makes it quite a dangerous malicious program in its class. RAT is quite a stable type that always makes it to the top. ANY.RUN’s top malware types in 2022 That's why you'll definitely come across this type in your practice, and the ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [British Cyber Agency Warns of Russian and Iranian Hackers Targeting Key Industries]( The U.K. National Cyber Security Centre (NCSC) on Thursday warned of spear-phishing attacks mounted by Russian and Iranian state-sponsored actors for information-gathering operations. "The attacks are not aimed at the general public but targets in specified sectors, including academia, defense, government organizations, NGOs, think tanks, as well as politicians, journalists and activists," ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [Hive Ransomware Infrastructure Seized in Joint International Law Enforcement Effort]( In what's a case of hacking the hackers, the darknet infrastructure associated with the Hive ransomware-as-a-service (RaaS) operation has been seized as part of a coordinated law enforcement effort involving 13 countries. "Law enforcement identified the decryption keys and shared them with many of the victims, helping them regain access to their data without paying the cybercriminals," ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [Google Takes Down 50,000 Instances of Pro-Chinese DRAGONBRIDGE Influence Operation]( Google on Thursday disclosed it took steps to dismantle over 50,000 instances of activity orchestrated by a pro-Chinese influence operation known as DRAGONBRIDGE in 2022. "Most DRAGONBRIDGE activity is low quality content without a political message, populated across many channels and blogs," the company's Threat Analysis Group (TAG) said in a report shared with The Hacker News. "However, ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [Researchers Release PoC Exploit for Windows CryptoAPI Bug Discovered by NSA]( Proof-of-concept (Poc) code has been released for a now-patched high-severity security flaw in the Windows CryptoAPI that the U.S. National Security Agency (NSA) and the U.K. National Cyber Security Centre (NCSC) reported to Microsoft last year. Tracked as CVE-2022-34689 (CVSS score: 7.5), the spoofing vulnerability was addressed by the tech giant as part of Patch Tuesday updates released ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [Researchers Uncover Connection b/w Moses Staff and Emerging Abraham's Ax Hacktivists Group]( New research has linked the operations of a politically motivated hacktivist group known as Moses Staff to another nascent threat actor named Abraham's Ax that emerged in November 2022. This is based on "several commonalities across the iconography, videography, and leak sites used by the groups, suggesting they are likely operated by the same entity," Secureworks Counter Threat Unit ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [Is Once-Yearly Pen Testing Enough for Your Organization?]( Any organization that handles sensitive data must be diligent in its security efforts, which include regular pen testing. Even a small data breach can result in significant damage to an organization's reputation and bottom line. There are two main reasons why regular pen testing is necessary for secure web application development: Security: Web applications are constantly evolving, and ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [cover]( [The 3 Approaches to Breach & Attack Simulation Technologies]( Demand for the latest and most comprehensive testing solutions continues to grow to counter the ever-increasing wave of cybercrime. Find out what methods organizations are using to meet this demand. [Download Now]( Sponsored This email was sent to {EMAIL}. You are receiving this newsletter because you opted-in to receive relevant communications from The Hacker News. To manage your email newsletter preferences, please [click here](. Contact The Hacker News: info@thehackernews.com [Unsubscribe]( The Hacker News | Pearls Omaxe, Netaji Subash Place, Pitampura, Delhi 110034 India