Cyber Espionage Group Earth Kitsune Deploys WhiskerSpy Backdoor in Latest Attacks

The cyber espionage threat actor tracked as Earth Kitsune has been observed deploying a new backdoor called WhiskerSpy as part of a social engineering campaign.
Earth Kitsune, active since at least 2019, is known to primarily target individuals interested in North Korea with self-developed malware such as dneSpy and agfSpy. Previously documented intrusions have entailed the use of watering holes

https://thehackernews.com/2023/02/north-...group.html

Google Reveals Alarming Surge in Russian Cyber Attacks Against Ukraine

Russia's cyber attacks against Ukraine surged by 250% in 2022 when compared to two years ago, Google's Threat Analysis Group (TAG) and Mandiant disclosed in a new joint report.
The targeting, which coincided and has since persisted following the country's military invasion of Ukraine in February 2022, focused heavily on the Ukrainian government and military entities, alongside critical

https://thehackernews.com/2023/02/google...ge-in.html

How to Detect New Threats via Suspicious Activities

Unknown malware presents a significant cybersecurity threat and can cause serious damage to organizations and individuals alike. When left undetected, malicious code can gain access to confidential information, corrupt data, and allow attackers to gain control of systems. Find out how to avoid these circumstances and detect unknown malicious behavior efficiently. 
Challenges of new threats'

https://thehackernews.com/2023/02/how-to...s-via.html

Norway Seizes $5.84 Million in Cryptocurrency Stolen by Lazarus Hackers

Norwegian police agency Økokrim has announced the seizure of 60 million NOK (about $5.84 million) worth of cryptocurrency stolen by the Lazarus Group in March 2022 following the Axie Infinity Ronin Bridge hack.
"This case shows that we also have a great capacity to follow the money on the blockchain, even if the criminals use advanced methods," the Oslo-based crime-fighting unit said in a

https://thehackernews.com/2023/02/norway...on-in.html

Researchers Warn of ReverseRAT Backdoor Targeting Indian Government Agencies

A spear-phishing campaign targeting Indian government entities aims to deploy an updated version of a backdoor called ReverseRAT.
Cybersecurity firm ThreatMon attributed the activity to a threat actor tracked as SideCopy.
SideCopy is a threat group of Pakistani origin that shares overlaps with another actor called Transparent Tribe. It is so named for mimicking the infection chains associated

https://thehackernews.com/2023/02/resear...kdoor.html

Coinbase Employee Falls for SMS Scam in Cyber Attack, Limited Data Exposed

Popular cryptocurrency exchange platform Coinbase disclosed that it experienced a cybersecurity attack that targeted its employees.
The company said its "cyber controls prevented the attacker from gaining direct system access and prevented any loss of funds or compromise of customer information."
The incident, which took place on February 5, 2023, resulted in the exposure of a "limited amount of

https://thehackernews.com/2023/02/coinba...am-in.html

Researchers Discover Numerous Samples of Information Stealer 'Stealc' in the Wild

A new information stealer called Stealc that's being advertised on the dark web could emerge as a worthy competitor to other malware of its ilk.
"The threat actor presents Stealc as a fully featured and ready-to-use stealer, whose development relied on Vidar, Raccoon, Mars, and RedLine stealers," SEKOIA said in a Monday report.
The French cybersecurity company said it discovered more than 40

https://thehackernews.com/2023/02/resear...es-of.html

The Future of Network Security: Predictive Analytics and ML-Driven Solutions

As the digital age evolves and continues to shape the business landscape, corporate networks have become increasingly complex and distributed. The amount of data a company collects to detect malicious behaviour constantly increases, making it challenging to detect deceptive and unknown attack patterns and the so-called "needle in the haystack". With a growing number of cybersecurity threats,

https://thehackernews.com/2023/02/the-fu...urity.html

MyloBot Botnet Spreading Rapidly Worldwide: Infecting Over 50,000 Devices Daily

A sophisticated botnet known as MyloBot has compromised thousands of systems, with most of them located in India, the U.S., Indonesia, and Iran.
That's according to new findings from BitSight, which said it's "currently seeing more than 50,000 unique infected systems every day," down from a high of 250,000 unique hosts in 2020.
Furthermore, an analysis of MyloBot's infrastructure has found

https://thehackernews.com/2023/02/mylobo...pidly.html

VMware Patches Critical Vulnerability in Carbon Black App Control Product

VMware on Tuesday released patches to address a critical security vulnerability affecting its Carbon Black App Control product.
Tracked as CVE-2023-20858, the shortcoming carries a CVSS score of 9.1 out of a maximum of 10 and impacts App Control versions 8.7.x, 8.8.x, and 8.9.x.
The virtualization services provider describes the issue as an injection vulnerability. Security researcher Jari

https://thehackernews.com/2023/02/vmware...ility.html