Lazarus Group Exploits Zero-Day Vulnerability to Hack South Korean Financial Entity

The North Korea-linked Lazarus Group has been observed weaponizing flaws in an undisclosed software to breach a financial business entity in South Korea twice within a span of a year.
While the first attack in May 2022 entailed the use of a vulnerable version of a certificate software that's widely used by public institutions and universities, the re-infiltration in October 2022 involved the

https://thehackernews.com/2023/03/lazaru...o-day.html

Syxsense Platform: Unified Security and Endpoint Management

As threats grow and attack surfaces get more complex, companies continue to struggle with the multitude of tools they utilize to handle endpoint security and management. This can leave gaps in an enterprise's ability to identify devices that are accessing the network and in ensuring that those devices are compliant with security policies. These gaps are often seen in outdated spreadsheets that

https://thehackernews.com/2023/03/syxsen...y-and.html

Jenkins Security Alert: New Security Flaws Could Allow Code Execution Attacks

A pair of severe security vulnerabilities have been disclosed in the Jenkins open source automation server that could lead to code execution on targeted systems.
The flaws, tracked as CVE-2023-27898 and CVE-2023-27905, impact the Jenkins server and Update Center, and have been collectively christened CorePlague by cloud security firm Aqua. All versions of Jenkins versions prior to 2.319.2 are

https://thehackernews.com/2023/03/jenkin...urity.html

New Critical Flaw in FortiOS and FortiProxy Could Give Hackers Remote Access

Fortinet has released fixes to address 15 security flaws, including one critical vulnerability impacting FortiOS and FortiProxy that could enable a threat actor to take control of affected systems.
The issue, tracked as CVE-2023-25610, is rated 9.3 out of 10 for severity and was internally discovered and reported by its security teams.
"A buffer underwrite ('buffer underflow') vulnerability in

https://thehackernews.com/2023/03/new-cr...s-and.html

New ScrubCrypt Crypter Used in Cryptojacking Attacks Targeting Oracle WebLogic

The infamous cryptocurrency miner group called 8220 Gang has been observed using a new crypter called ScrubCrypt to carry out cryptojacking operations.
According to Fortinet FortiGuard Labs, the attack chain commences with successful exploitation of susceptible Oracle WebLogic servers to download a PowerShell script that contains ScrubCrypt.
Crypters are a type of software that can encrypt,

https://thehackernews.com/2023/03/new-sc...ed-in.html

Iranian Hackers Target Women Involved in Human Rights and Middle East Politics

Iranian state-sponsored actors are continuing to engage in social engineering campaigns targeting researchers by impersonating a U.S. think tank.
"Notably the targets in this instance were all women who are actively involved in political affairs and human rights in the Middle East region," Secureworks Counter Threat Unit (CTU) said in a report shared with The Hacker News.
The cybersecurity

https://thehackernews.com/2023/03/irania...olved.html

Does Your Help Desk Know Who's Calling?

Phishing, the theft of users' credentials or sensitive data using social engineering, has been a significant threat since the early days of the internet – and continues to plague organizations today, accounting for more than 30% of all known breaches. And with the mass migration to remote working during the pandemic, hackers have ramped up their efforts to steal login credentials as they take

https://thehackernews.com/2023/03/does-y...lling.html

IceFire Ransomware Exploits IBM Aspera Faspex to Attack Linux-Powered Enterprise Net

A previously known Windows-based ransomware strain known as IceFire has expanded its focus to target Linux enterprise networks belonging to several media and entertainment sector organizations across the world.
The intrusions entail the exploitation of a recently disclosed deserialization vulnerability in IBM Aspera Faspex file-sharing software (CVE-2022-47986, CVSS score: 9.8), according to

https://thehackernews.com/2023/03/icefir...mware.html

Hackers Exploiting Remote Desktop Software Flaws to Deploy PlugX Malware

Security vulnerabilities in remote desktop programs such as Sunlogin and AweSun are being exploited by threat actors to deploy the PlugX malware.
AhnLab Security Emergency Response Center (ASEC), in a new analysis, said it marks the continued abuse of the flaws to deliver a variety of payloads on compromised systems.
This includes the Sliver post-exploitation framework, XMRig cryptocurrency

https://thehackernews.com/2023/03/hacker...sktop.html

Ford Flips the Script with ‘Men's Only Edition,’ Celebrating the Crucial Role Wo

In recognition of International Women's Day and Women's History Month, Ford Motor Company is celebrating the significant role that women have played in the development of the modern automobile by launching a new video, “The Ford Explorer Men's Only Edition.”


https://media.ford.com/content/fordmedia...the-c.html