Newsletter Subject
Urgent: Microsoft Issues Patches for 97 Flaws, Including Active Ransomware Exploit
From
nl00.net
Email Address
news@news.nl00.net
Sent On
Wed, Apr 12, 2023 12:15 PM
Email Preheader Text
The Hacker News Daily Updates Online accounts hold significant value for online businesses and their
HTML
The Hacker News Daily Updates
[Newsletter]( [cover]( [Why Account Security Doesn't Stop at Login]( Online accounts hold significant value for online businesses and their users, making them a prime target for fraud and abuse. [Download Now]( Sponsored LATEST NEWS Apr 12, 2023 [Israel-based Spyware Firm QuaDream Targets High-Risk iPhones with Zero-Click Exploit]( Threat actors using hacking tools from an Israeli surveillanceware vendor named QuaDream targeted at least five members of civil society in North America, Central Asia, Southeast Asia, Europe, and the Middle East. According to findings from a group of researchers from the Citizen Lab, the spyware campaign was directed against journalists, political opposition figures, and an NGO worker in ... [Read More](
[Twitter]( [Facebook]( [LinkedIn]( [The Service Accounts Challenge: Can't See or Secure Them Until It's Too Late]( Here's a hard question to answer: 'How many service accounts do you have in your environment?'. A harder one is: 'Do you know what these accounts are doing?'. And the hardest is probably: 'If any of your service account was compromised and used to access resources would you be able to detect and stop that in real-time?'. Since most identity and security teams would provide a negative ... [Read More](
[Twitter]( [Facebook]( [LinkedIn]( [Urgent: Microsoft Issues Patches for 97 Flaws, Including Active Ransomware Exploit]( It's the second Tuesday of the month, and Microsoft has released another set of security updates to fix a total of 97 flaws impacting its software, one of which has been actively exploited in ransomware attacks in the wild. Seven of the 97 bugs are rated Critical and 90 are rated Important in severity. Interestingly, 45 of the shortcomings are remote code execution flaws, followed by ... [Read More](
[Twitter]( [Facebook]( [LinkedIn]( [North Korean Hackers Uncovered as Mastermind in 3CX Supply Chain Attack]( Enterprise communications service provider 3CX confirmed that the supply chain attack targeting its desktop application for Windows and macOS was the handiwork of a threat actor with North Korean nexus. The findings are the result of an interim assessment conducted by Google-owned Mandiant, whose services were enlisted after the intrusion came to light late last month. The threat ... [Read More](
[Twitter]( [Facebook]( [LinkedIn]( [Newly Discovered "By-Design" Flaw in Microsoft Azure Could Expose Storage Accounts to Hackers]( A "by-design flaw" uncovered in Microsoft Azure could be exploited by attackers to gain access to storage accounts, move laterally in the environment, and even execute remote code. "It is possible to abuse and leverage Microsoft Storage Accounts by manipulating Azure Functions to steal access-tokens of higher privilege identities, move laterally, potentially access critical business assets, ... [Read More](
[Twitter]( [Facebook]( [LinkedIn]( [Cybercriminals Turn to Android Loaders on Dark Web to Evade Google Play Security]( Malicious loader programs capable of trojanizing Android applications are being traded on the criminal underground for up to $20,000 as a way to evade Google Play Store defenses. "The most popular application categories to hide malware and unwanted software include cryptocurrency trackers, financial apps, QR-code scanners, and even dating apps," Kaspersky said in a new report based on ... [Read More](
[Twitter]( [Facebook]( [LinkedIn]( [[eBook] A Step-by-Step Guide to Cyber Risk Assessment]( In today's perilous cyber risk landscape, CISOs and CIOs must defend their organizations against relentless cyber threats, including ransomware, phishing, attacks on infrastructure, supply chain breaches, malicious insiders, and much more. Yet at the same time, security leaders are also under tremendous pressure to reduce costs and invest wisely. One of the most effective ways for CISOs ... [Read More](
[Twitter]( [Facebook]( [LinkedIn]( [Cryptocurrency Stealer Malware Distributed via 13 NuGet Packages]( Cybersecurity researchers have detailed the inner workings of the cryptocurrency stealer malware that was distributed via 13 malicious NuGet packages as part of a supply chain attack targeting .NET developers. The sophisticated typosquatting campaign, which was uncovered by JFrog late last month, impersonated legitimate packages to execute PowerShell code designed to retrieve a follow-on ... [Read More](
[Twitter]( [Facebook]( [LinkedIn]( [cover]( [Why Account Security Doesn't Stop at Login]( Online accounts hold significant value for online businesses and their users, making them a prime target for fraud and abuse. [Download Now]( Sponsored This email was sent to {EMAIL}. You are receiving this newsletter because you opted-in to receive relevant communications from The Hacker News. To manage your email newsletter preferences, please [click here](. Contact The Hacker News: info@thehackernews.com
[Unsubscribe]( The Hacker News | Pearls Omaxe, Netaji Subash Place, Pitampura, Delhi 110034 India
EDM Keywords (58)
yet
windows
way
used
uncovered
traded
total
today
stop
step
sponsored
shortcomings
sent
see
secure
retrieve
result
researchers
receiving
read
probably
possible
part
organizations
opted
newsletter
much
month
microsoft
mastermind
manage
macos
late
know
identity
hardest
handiwork
hackers
group
fraud
follow
fix
findings
exploited
environment
enlisted
email
directed
detect
detailed
contact
compromised
attackers
answer
also
accounts
abuse
able
90