Alert: U.S. and U.K. Warn of Russian Hackers Exploiting Cisco Router Flaws

The Hacker News Daily Updates [Newsletter]( [cover]( [Cybersecurity in 2023 and beyond: 12 leaders share their forecasts]( What obstacles and opportunities might be in store foryour organization? These 2023 forecasts from leaders at the cyber front lines reveal a range of insights and strategies [Download Now]( Sponsored LATEST NEWS Apr 19, 2023 [Pakistani Hackers Use Linux Malware Poseidon to Target Indian Government Agencies]( The Pakistan-based advanced persistent threat (APT) actor known as Transparent Tribe used a two-factor authentication (2FA) tool used by Indian government agencies as a ruse to deliver a new Linux backdoor called Poseidon. "Poseidon is a second-stage payload malware associated with Transparent Tribe," Uptycs security researcher Tejaswini Sandapolla said in a technical report published this ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [Uncovering (and Understanding) the Hidden Risks of SaaS Apps]( Recent data breaches across CircleCI, LastPass, and Okta underscore a common theme: The enterprise SaaS stacks connected to these industry-leading apps can be at serious risk for compromise. CircleCI, for example, plays an integral, SaaS-to-SaaS role for SaaS app development. Similarly, tens of thousands of organizations rely on Okta and LastPass security roles for SaaS identity and ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [ICS Village & GRIMM Cyber Team Up for Interactive CyPhy™ Experience at RSAC]( GRIMM's interactive approach to learning, coupled with ICS Village's mission for awareness, delivers a compelling experience using real IT and industrial equipment. RSAC attendees can visit our ICS sandbox and explore our CyberTown virtual ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [U.S. and U.K. Warn of Russian Hackers Exploiting Cisco Router Flaws for Espionage]( U.K. and U.S. cybersecurity and intelligence agencies have warned of Russian nation-state actors exploiting now-patched flaws in networking equipment from Cisco to conduct reconnaissance and deploy malware against targets. The intrusions, per the authorities, took place in 2021 and targeted a small number of entities in Europe, U.S. government institutions, and about 250 Ukrainian victims. ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [Iranian Government-Backed Hackers Targeting U.S. Energy and Transit Systems]( An Iranian government-backed actor known as Mint Sandstorm has been linked to attacks aimed at critical infrastructure in the U.S. between late 2021 to mid-2022. "This Mint Sandstorm subgroup is technically and operationally mature, capable of developing bespoke tooling and quickly weaponizing N-day vulnerabilities, and has demonstrated agility in its operational focus, which appears to ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [Critical Flaws in vm2 JavaScript Library Can Lead to Remote Code Execution]( A fresh round of patches has been made available for the vm2 JavaScript library to address two critical flaws that could be exploited to break out of the sandbox protections. Both the flaws – CVE-2023-29199 and CVE-2023-30547 – are rated 9.8 out of 10 on the CVSS scoring system and have been addressed in versions 3.9.16 and 3.9.17, respectively. Successful exploitation of the bugs, which ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [YouTube Videos Distributing Aurora Stealer Malware via Highly Evasive Loader]( Cybersecurity researchers have detailed the inner workings of a highly evasive loader named "in2al5d p3in4er" (read: invalid printer) that's used to deliver the Aurora information stealer malware. "The in2al5d p3in4er loader is compiled with Embarcadero RAD Studio and targets endpoint workstations using advanced anti-VM (virtual machine) technique," cybersecurity firm Morphisec said in a ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [Goldoson Android Malware Infects Over 100 Million Google Play Store Downloads]( A new Android malware strain named Goldoson has been detected in the official Google Play Store spanning more than 60 legitimate apps that collectively have over 100 million downloads. An additional eight million installations have been tracked through ONE store, a leading third-party app storefront in South Korea. The rogue component is part of a third-party software library used by the apps ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [cover]( [Cybersecurity in 2023 and beyond: 12 leaders share their forecasts]( What obstacles and opportunities might be in store foryour organization? These 2023 forecasts from leaders at the cyber front lines reveal a range of insights and strategies [Download Now]( Sponsored This email was sent to {EMAIL}. You are receiving this newsletter because you opted-in to receive relevant communications from The Hacker News. To manage your email newsletter preferences, please [click here](. Contact The Hacker News: info@thehackernews.com [Unsubscribe]( The Hacker News | Pearls Omaxe, Netaji Subash Place, Pitampura, Delhi 110034 India