CISA Warns of Active Attacks Exploiting Fortra MFT, TerraMaster NAS, and Intel Driver Flaws

The Hacker News Daily Updates [Newsletter]( [cover]( [Emerging Cybersecurity Technologies]( | Live Virtual Event | March 23, 2023 | 11am-5:15pm EST | [Download Now]( Sponsored LATEST NEWS Feb 11, 2023 [Enigma, Vector, and TgToxic: The New Threats to Cryptocurrency Users]( Suspected Russian threat actors have been targeting Eastern European users in the crypto industry with fake job opportunities as bait to install information-stealing malware on compromised hosts. The attackers "use several highly obfuscated and under-development custom loaders in order to infect those involved in the cryptocurrency industry with Enigma stealer," Trend Micro researchers ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [CISA Warns of Active Attacks Exploiting Fortra MFT, TerraMaster NAS, and Intel Driver Flaws]( The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added three flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active abuse in the wild. Included among the three is CVE-2022-24990, a bug affecting TerraMaster network-attached storage (TNAS) devices that could lead to unauthenticated remote code execution with the highest privileges. ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [Researchers Uncover Obfuscated Malicious Code in PyPI Python Packages]( Four different rogue packages in the Python Package Index (PyPI) have been found to carry out a number of malicious actions, including dropping malware, deleting the netstat utility, and manipulating the SSH authorized_keys file. The packages in question are aptx, bingchilling2, httops, and tkint3rs, all of which were collectively downloaded about 450 times before they were taken down. ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [North Korean Hackers Targeting Healthcare with Ransomware to Fund its Operations]( State-backed hackers from North Korea are conducting ransomware attacks against healthcare and critical infrastructure facilities to fund illicit activities, U.S. and South Korean cybersecurity and intelligence agencies warned in a joint advisory. The attacks, which demand cryptocurrency ransoms in exchange for recovering access to encrypted files, are designed to support North ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [3 Overlooked Cybersecurity Breaches]( Here are three of the worst breaches, attacker tactics and techniques of 2022, and the security controls that can provide effective, enterprise security protection for them. #1: 2 RaaS Attacks in 13 Months Ransomware as a service is a type of attack in which the ransomware software and infrastructure are leased out to the attackers. These ransomware services can be purchased on the dark web ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [U.K. and U.S. Sanction 7 Russians for TrickBot, Ryuk, and Conti Ransomware Attacks]( In a first-of-its-kind coordinated action, the U.K. and U.S. governments on Thursday levied sanctions against seven Russian nationals for their affiliation to the TrickBot, Ryuk, and Conti cybercrime operation. The individuals designated under sanctions are Vitaly Kovalev (aka Alex Konor, Bentley, or Bergen), Maksim Mikhailov (aka Baget), Valentin Karyagin (aka Globus), Mikhail Iskritskiy ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [Reddit Suffers Security Breach Exposing Internal Documents and Source Code]( Popular social news aggregation platform Reddit has disclosed that it was the victim of a security incident that enabled unidentified threat actors to gain unauthorized access to internal documents, code, and some unspecified business systems. The company blamed it on a "sophisticated and highly-targeted phishing attack" that took place on February 5, 2023, aimed at its employees. The ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [Critical Infrastructure at Risk from New Vulnerabilities Found in Wireless IIoT Devices]( A set of 38 security vulnerabilities has been uncovered in wireless industrial internet of things (IIoT) devices from four different vendors that could pose a significant attack surface for threat actors looking to exploit operational technology (OT) environments. "Threat actors can exploit vulnerabilities in Wireless IIoT devices to gain initial access to internal OT networks," ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [cover]( [Emerging Cybersecurity Technologies]( | Live Virtual Event | March 23, 2023 | 11am-5:15pm EST | [Download Now]( Sponsored This email was sent to {EMAIL}. You are receiving this newsletter because you opted-in to receive relevant communications from The Hacker News. To manage your email newsletter preferences, please [click here](. Contact The Hacker News: info@thehackernews.com [Unsubscribe]( The Hacker News | Pearls Omaxe, Netaji Subash Place, Pitampura, Delhi 110034 India