Realtek Vulnerability Under Attack: Over 134 Million Attempts to Hack IoT Devices

The Hacker News Daily Updates [Newsletter]( [cover]( [The CISOs Report: Perspectives, Challenges and Plans for 2022 and Beyond]( The latest ransomware insights from hundreds of CISOs [Download Now]( Sponsored LATEST NEWS Jan 30, 2023 [Titan Stealer: A New Golang-Based Information Stealer Malware Emerges]( A new Golang-based information stealer malware dubbed Titan Stealer is being advertised by threat actors through their Telegram channel. "The stealer is capable of stealing a variety of information from infected Windows machines, including credential data from browsers and crypto wallets, FTP client details, screenshots, system information, and grabbed files," Uptycs security ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [Realtek Vulnerability Under Attack: Over 134 Million Attempts to Hack IoT Devices]( Researchers are warning about a spike in exploitation attempts weaponizing a critical remote code execution flaw in Realtek Jungle SDK since the start of August 2022. According to Palo Alto Networks Unit 42, the ongoing campaign is said to have recorded 134 million exploit attempts as of December 2022, with 97% of the attacks occurring in the past four months. Close to 50% of the ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [Gootkit Malware Continues to Evolve with New Components and Obfuscations]( The threat actors associated with the Gootkit malware have made "notable changes" to their toolset, adding new components and obfuscations to their infection chains. Google-owned Mandiant is monitoring the activity cluster under the moniker UNC2565, noting that the usage of the malware is "exclusive to this group." Gootkit, also called Gootloader, is spread through compromised websites ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [Microsoft Urges Customers to Secure On-Premises Exchange Servers]( Microsoft is urging customers to keep their Exchange servers updated as well as take steps to bolster the environment, such as enabling Windows Extended Protection and configuring certificate-based signing of PowerShell serialization payloads. "Attackers looking to exploit unpatched Exchange servers are not going to go away," the tech giant's Exchange Team said in a post. "There are too ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [ISC Releases Security Patches for New BIND DNS Software Vulnerabilities]( The Internet Systems Consortium (ISC) has released patches to address multiple security vulnerabilities in the Berkeley Internet Name Domain (BIND) 9 Domain Name System (DNS) software suite that could lead to a denial-of-service (DoS) condition. "A remote attacker could exploit these vulnerabilities to potentially cause denial-of-service conditions and system failures," the U.S. ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [Ukraine Hit with New Golang-based 'SwiftSlicer' Wiper Malware in Latest Cyber Attack]( Ukraine has come under a fresh cyber onslaught from Russia that involved the deployment of a previously undocumented Golang-based data wiper dubbed SwiftSlicer. ESET attributed the attack to Sandworm, a nation-state group linked to Military Unit 74455 of the Main Intelligence Directorate of the General Staff of the Armed Forces of the Russian Federation (GRU). "Once executed it deletes ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [Eliminating SaaS Shadow IT is Now Available via a Self-Service Product, Free of Charge]( The use of software as a service (SaaS) is experiencing rapid growth and shows no signs of slowing down. Its decentralized and easy-to-use nature is beneficial for increasing employee productivity, but it also poses many security and IT challenges. Keeping track of all the SaaS applications that have been granted access to an organization's data is a difficult task. Understanding the risks ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [Experts Uncover the Identity of Mastermind Behind Golden Chickens Malware Service]( Cybersecurity researchers have discovered the real-world identity of the threat actor behind Golden Chickens malware-as-a-service, who goes by the online persona "badbullzvenom." eSentire's Threat Response Unit (TRU), in an exhaustive report published following a 16-month-long investigation, said it "found multiple mentions of the badbullzvenom account being shared between two people." ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [cover]( [Choosing the Best Telemedicine Software--Top 5 Telemedicine Platforms for Your Practice]( Get the critical factors to consider when deciding on a new telemedicine software system for your clinic or practice--along with expert analysis of the top HIPAA compliant telemedicine and telehealth platforms to help in your decision. [Download Now]( Sponsored This email was sent to {EMAIL}. You are receiving this newsletter because you opted-in to receive relevant communications from The Hacker News. To manage your email newsletter preferences, please [click here](. Contact The Hacker News: info@thehackernews.com [Unsubscribe]( The Hacker News | Pearls Omaxe, Netaji Subash Place, Pitampura, Delhi 110034 India