Update Now: Microsoft Releases Patches for 3 Actively Exploited Windows Vulnerabilities

The Hacker News Daily Updates [Newsletter]( [cover]( [Security Basics Quick Reference Guide]( Businesses worldwide are at risk for security breaches. [Download Now]( Sponsored LATEST NEWS Feb 15, 2023 [Regular Pen Testing Is Key to Resolving Conflict Between SecOps and DevOps]( In an ideal world, security and development teams would be working together in perfect harmony. But we live in a world of competing priorities, where DevOps and security departments often butt heads with each other. Agility and security are often at odds with each other— if a new feature is delivered quickly but contains security vulnerabilities, the SecOps team will need to scramble the ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [Experts Warn of 'Beep' - A New Evasive Malware That Can Fly Under the Radar]( Cybersecurity researchers have unearthed a new piece of evasive malware dubbed Beep that's designed to fly under the radar and drop additional payloads onto a compromised host. "It seemed as if the authors of this malware were trying to implement as many anti-debugging and anti-VM (anti-sandbox) techniques as they could find," Minerva Labs researcher Natalie Zargarov said. "One such ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [Google Rolling Out Privacy Sandbox Beta on Android 13 Devices]( Google announced on Tuesday that it's officially rolling out Privacy Sandbox on Android in beta to eligible mobile devices running Android 13. "The Privacy Sandbox Beta provides new APIs that are designed with privacy at the core, and don't use identifiers that can track your activity across apps and websites," the search and advertising giant said. "Apps that choose to participate in the ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [Update Now: Microsoft Releases Patches for 3 Actively Exploited Windows Vulnerabilities]( Microsoft on Tuesday released security updates to address 75 flaws spanning its product portfolio, three of which have come under active exploitation in the wild. The updates are in addition to 22 flaws the Windows maker patched in its Chromium-based Edge browser over the past month. Of the 75 vulnerabilities, nine are rated Critical and 66 are rated Important in severity. 37 out of 75 bugs ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [Massive AdSense Fraud Campaign Uncovered - 10,000+ WordPress Sites Infected]( The threat actors behind the black hat redirect malware campaign have scaled up their campaign to use more than 70 bogus domains mimicking URL shorteners and infect over 10,800 websites. "The main objective is still ad fraud by artificially increasing traffic to pages which contain the AdSense ID which contain Google ads for revenue generation," Sucuri researcher Ben Martin said in a ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [Python Developers Beware: Clipper Malware Found in 450+ PyPI Packages!]( Malicious actors have published more than 451 unique Python packages on the official Python Package Index (PyPI) repository in an attempt to infect developer systems with clipper malware. Software supply chain security company Phylum, which spotted the libraries, said the ongoing activity is a follow-up to a campaign that was initially disclosed in November 2022. The initial vector entails ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [A CISOs Practical Guide to Storage and Backup Ransomware Resiliency]( One thing is clear. The "business value" of data continues to grow, making it an organization's primary piece of intellectual property. From a cyber risk perspective, attacks on data are the most prominent threat to organizations. Regulators, cyber insurance firms, and auditors are paying much closer attention to the integrity, resilience, and recoverability of organization data – as well ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [Chinese Hackers Targeting South American Diplomatic Entities with ShadowPad]( Microsoft on Monday attributed a China-based cyber espionage actor to a set of attacks targeting diplomatic entities in South America. The tech giant's Security Intelligence team is tracking the cluster under the emerging moniker DEV-0147, describing the activity as an "expansion of the group's data exfiltration operations that traditionally targeted government agencies and think tanks in ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [cover]( [Security Basics Quick Reference Guide]( Businesses worldwide are at risk for security breaches. [Download Now]( Sponsored This email was sent to {EMAIL}. You are receiving this newsletter because you opted-in to receive relevant communications from The Hacker News. To manage your email newsletter preferences, please [click here](. Contact The Hacker News: info@thehackernews.com [Unsubscribe]( The Hacker News | Pearls Omaxe, Netaji Subash Place, Pitampura, Delhi 110034 India