From
nl00.net
Email Address
news@news.nl00.net
Sent On
Fri, Feb 17, 2023 01:22 PM
Email Preheader Text
The Hacker News Daily Updates Demand for the latest and most comprehensive testing solutions continu
HTML
The Hacker News Daily Updates
[Newsletter]( [cover]( [The 3 Approaches to Breach & Attack Simulation Technologies]( Demand for the latest and most comprehensive testing solutions continues to grow to counter the ever-increasing wave of cybercrime. Find out what methods organizations are using to meet this demand. [Download Now]( Sponsored LATEST NEWS Feb 17, 2023 [Armenian Entities Hit by New Version of OxtaRAT Spying Tool]( Entities in Armenia have come under a cyber attack using an updated version of a backdoor called OxtaRAT that allows remote access and desktop surveillance. "The tool capabilities include searching for and exfiltrating files from the infected machine, recording the video from the web camera and desktop, remotely controlling the compromised machine with TightVNC, installing a web ... [Read More](
[Twitter]( [Facebook]( [LinkedIn]( [New Mirai Botnet Variant 'V3G4' Exploiting 13 Flaws to Target Linux and IoT Devices]( A new variant of the notorious Mirai botnet has been found leveraging several security vulnerabilities to propagate itself to Linux and IoT devices. Observed during the second half of 2022, the new version has been dubbed V3G4 by Palo Alto Networks Unit 42, which identified three different campaigns likely conducted by the same threat actor. "Once the vulnerable devices are compromised, ... [Read More](
[Twitter]( [Facebook]( [LinkedIn]( [Critical RCE Vulnerability Discovered in ClamAV Open Source Antivirus Software]( Cisco has rolled out security updates to address a critical flaw reported in the ClamAV open source antivirus engine that could lead to remote code execution on susceptible devices. Tracked as CVE-2023-20032 (CVSS score: 9.8), the issue relates to a case of remote code execution residing in the HFS+ file parser component. The flaw affects versions 1.0.0 and earlier, 0.105.1 and earlier, ... [Read More](
[Twitter]( [Facebook]( [LinkedIn]( [Researchers Hijack Popular NPM Package with Millions of Downloads]( A popular npm package with more than 3.5 million weekly downloads has been found vulnerable to an account takeover attack. "The package can be taken over by recovering an expired domain name for one of its maintainers and resetting the password," software supply chain security company Illustria said in a report. While npm's security protections limit users to have only one active email ... [Read More](
[Twitter]( [Facebook]( [LinkedIn]( [Researchers Link SideWinder Group to Dozens of Targeted Attacks in Multiple Countries]( The prolific SideWinder group has been attributed as the nation-state actor behind attempted attacks against 61 entities in Afghanistan, Bhutan, Myanmar, Nepal, and Sri Lanka between June and November 2021. Targets included government, military, law enforcement, banks, and other organizations, according to an exhaustive report published by Group-IB, which also found links between the ... [Read More](
[Twitter]( [Facebook]( [LinkedIn]( [Hackers Using Google Ads to Spread FatalRAT Malware Disguised as Popular Apps]( Chinese-speaking individuals in Southeast and East Asia are the targets of a new rogue Google Ads campaign that delivers remote access trojans such as FatalRAT to compromised machines. The attacks involve purchasing ad slots to appear in Google search results and direct users looking for popular applications to rogue websites hosting trojanized installers, ESET said in a report published ... [Read More](
[Twitter]( [Facebook]( [LinkedIn]( [Researchers Warn of Critical Security Bugs in Schneider Electric Modicon PLCs]( Security researchers have disclosed two new vulnerabilities affecting Schneider Electric Modicon programmable logic controllers (PLCs) that could allow for authentication bypass and remote code execution. The flaws, tracked as CVE-2022-45788 (CVSS score: 7.5) and CVE-2022-45789 (CVSS score: 8.1), are part of a broader collection of security defects tracked by Forescout as OT:ICEFALL. ... [Read More](
[Twitter]( [Facebook]( [LinkedIn]( [Breaking the Security "Black Box" in DBs, Data Warehouses and Data Lakes]( Security teams typically have great visibility over most areas, for example, the corporate network, endpoints, servers, and cloud infrastructure. They use this visibility to enforce the necessary security and compliance requirements. However, this is not the case when it comes to sensitive data sitting in production or analytic databases, data warehouses or data lakes. Security teams have ... [Read More](
[Twitter]( [Facebook]( [LinkedIn]( [cover]( [The 3 Approaches to Breach & Attack Simulation Technologies]( Demand for the latest and most comprehensive testing solutions continues to grow to counter the ever-increasing wave of cybercrime. Find out what methods organizations are using to meet this demand. [Download Now]( Sponsored This email was sent to {EMAIL}. You are receiving this newsletter because you opted-in to receive relevant communications from The Hacker News. To manage your email newsletter preferences, please [click here](. Contact The Hacker News: info@thehackernews.com
[Unsubscribe]( The Hacker News | Pearls Omaxe, Netaji Subash Place, Pitampura, Delhi 110034 India
EDM Keywords (48)
visibility
video
using
use
targets
taken
sponsored
southeast
sent
rolled
resetting
report
recovering
receiving
read
propagate
production
part
package
opted
one
npm
newsletter
millions
meet
manage
maintainers
linux
latest
june
grow
forescout
fatalrat
example
enforce
email
dozens
downloads
counter
contact
comes
come
case
attributed
armenia
areas
appear
address
2022