New Mirai Variant Exploiting 13 RCE Flaws to Target Linux and IoT Devices

The Hacker News Daily Updates
Newsletter
cover

The 3 Approaches to Breach & Attack Simulation Technologies

Demand for the latest and most comprehensive testing solutions continues to grow to counter the ever-increasing wave of cybercrime. Find out what methods organizations are using to meet this demand.

Download Now Sponsored
LATEST NEWS Feb 17, 2023

Armenian Entities Hit by New Version of OxtaRAT Spying Tool

Entities in Armenia have come under a cyber attack using an updated version of a backdoor called OxtaRAT that allows remote access and desktop surveillance. "The tool capabilities include searching for and exfiltrating files from the infected machine, recording the video from the web camera and desktop, remotely controlling the compromised machine with TightVNC, installing a web ...

Read More
Twitter Facebook LinkedIn

New Mirai Botnet Variant 'V3G4' Exploiting 13 Flaws to Target Linux and IoT Devices

A new variant of the notorious Mirai botnet has been found leveraging several security vulnerabilities to propagate itself to Linux and IoT devices. Observed during the second half of 2022, the new version has been dubbed V3G4 by Palo Alto Networks Unit 42, which identified three different campaigns likely conducted by the same threat actor. "Once the vulnerable devices are compromised, ...

Read More
Twitter Facebook LinkedIn

Critical RCE Vulnerability Discovered in ClamAV Open Source Antivirus Software

Cisco has rolled out security updates to address a critical flaw reported in the ClamAV open source antivirus engine that could lead to remote code execution on susceptible devices. Tracked as CVE-2023-20032 (CVSS score: 9.8), the issue relates to a case of remote code execution residing in the HFS+ file parser component. The flaw affects versions 1.0.0 and earlier, 0.105.1 and earlier, ...

Read More
Twitter Facebook LinkedIn

Researchers Hijack Popular NPM Package with Millions of Downloads

A popular npm package with more than 3.5 million weekly downloads has been found vulnerable to an account takeover attack. "The package can be taken over by recovering an expired domain name for one of its maintainers and resetting the password," software supply chain security company Illustria said in a report. While npm's security protections limit users to have only one active email ...

Read More
Twitter Facebook LinkedIn

Researchers Link SideWinder Group to Dozens of Targeted Attacks in Multiple Countries

The prolific SideWinder group has been attributed as the nation-state actor behind attempted attacks against 61 entities in Afghanistan, Bhutan, Myanmar, Nepal, and Sri Lanka between June and November 2021. Targets included government, military, law enforcement, banks, and other organizations, according to an exhaustive report published by Group-IB, which also found links between the ...

Read More
Twitter Facebook LinkedIn

Hackers Using Google Ads to Spread FatalRAT Malware Disguised as Popular Apps

Chinese-speaking individuals in Southeast and East Asia are the targets of a new rogue Google Ads campaign that delivers remote access trojans such as FatalRAT to compromised machines. The attacks involve purchasing ad slots to appear in Google search results and direct users looking for popular applications to rogue websites hosting trojanized installers, ESET said in a report published ...

Read More
Twitter Facebook LinkedIn

Researchers Warn of Critical Security Bugs in Schneider Electric Modicon PLCs

Security researchers have disclosed two new vulnerabilities affecting Schneider Electric Modicon programmable logic controllers (PLCs) that could allow for authentication bypass and remote code execution. The flaws, tracked as CVE-2022-45788 (CVSS score: 7.5) and CVE-2022-45789 (CVSS score: 8.1), are part of a broader collection of security defects tracked by Forescout as OT:ICEFALL. ...

Read More
Twitter Facebook LinkedIn

Breaking the Security "Black Box" in DBs, Data Warehouses and Data Lakes

Security teams typically have great visibility over most areas, for example, the corporate network, endpoints, servers, and cloud infrastructure. They use this visibility to enforce the necessary security and compliance requirements. However, this is not the case when it comes to sensitive data sitting in production or analytic databases, data warehouses or data lakes. Security teams have ...

Read More
Twitter Facebook LinkedIn
cover

The 3 Approaches to Breach & Attack Simulation Technologies

Demand for the latest and most comprehensive testing solutions continues to grow to counter the ever-increasing wave of cybercrime. Find out what methods organizations are using to meet this demand.

Download Now Sponsored

This email was sent to you. You are receiving this newsletter because you opted-in to receive relevant communications from The Hacker News. To manage your email newsletter preferences, please click here.

Contact The Hacker News: info@thehackernews.com
Unsubscribe

The Hacker News | Pearls Omaxe, Netaji Subash Place, Pitampura, Delhi 110034 India

Older messages

Update Now: Microsoft Releases Patches for 3 Actively Exploited Windows Vulnerabilities

Friday, February 17, 2023

The Hacker News Daily Updates Newsletter cover Security Basics Quick Reference Guide Businesses worldwide are at risk for security breaches. Download Now Sponsored LATEST NEWS Feb 15, 2023 Regular Pen

Alert: ESXiArgs Ransomware Hits Over 500 New Targets in European Countries

Friday, February 17, 2023

The Hacker News Daily Updates Newsletter cover Understanding Cyber Insurance Identity Security Requirements for 2023 Gain a comprehensive understanding of cyber insurance protection. Download Now

Zero-Day ALERT - Apple's iOS, iPadOS, macOS, and Safari Under Attack

Tuesday, February 14, 2023

The Hacker News Daily Updates Newsletter cover Benchmarking Cyber Risk and Readiness Understanding the Prevalence and Risk of Internet Exposed Protocols on Organizations Networks Download Now Sponsored

Hackers Targeting U.S. and German Firms Monitor Victims' Desktops with Screenshotter

Monday, February 13, 2023

The Hacker News Daily Updates Newsletter cover Emerging Cybersecurity Technologies | Live Virtual Event | March 23, 2023 | 11am-5:15pm EST | Download Now Sponsored LATEST NEWS Feb 13, 2023 Honeypot-

CISA Warns of Active Attacks Exploiting Fortra MFT, TerraMaster NAS, and Intel Driver Flaws

Saturday, February 11, 2023

The Hacker News Daily Updates Newsletter cover Emerging Cybersecurity Technologies | Live Virtual Event | March 23, 2023 | 11am-5:15pm EST | Download Now Sponsored LATEST NEWS Feb 11, 2023 Enigma,

You Might Also Like

Christmas On Repeat 🎅

Monday, December 23, 2024

Christmas nostalgia is a hell of a drug. Here's a version for your browser. Hunting for the end of the long tail • December 22, 2024 Hey all, Ernie here with a refresh of a piece from our very

SRE Weekly Issue #456

Monday, December 23, 2024

View on sreweekly.com A message from our sponsor, FireHydrant: On-call during the holidays? Spend more time taking in some R&R and less getting paged. Let alerts make their rounds fairly with our

The Power of an Annual Review & Grammarly acquires Coda

Sunday, December 22, 2024

I am looking for my next role, Zen Browser got a fresh new look, Flipboard introduces Surf, Campsite shuts down, and a lot more in this week's issue of Creativerly. Creativerly The Power of an

Daily Coding Problem: Problem #1645 [Hard]

Sunday, December 22, 2024

Daily Coding Problem Good morning! Here's your coding interview problem for today. This problem was asked by Facebook. Implement regular expression matching with the following special characters: .

PD#606 How concurrecy works: A visual guide

Sunday, December 22, 2024

A programmer had a problem. "I'll solve it with threads!". has Now problems. two he ͏ ‌ ͏ ‌ ͏ ‌ ͏ ‌ ͏ ‌ ͏ ‌ ͏ ‌ ͏ ‌ ͏ ‌ ͏ ‌ ͏ ‌ ͏ ‌ ͏ ‌ ͏ ‌ ͏ ‌ ͏ ‌ ͏ ‌ ͏ ‌ ͏ ‌ ͏ ‌ ͏ ‌ ͏ ‌ ͏ ‌ ͏ ‌ ͏ ‌ ͏ ‌

RD#486 (React) Things I Regret Not Knowing Earlier

Sunday, December 22, 2024

Keep coding, stay curious, and remember—you've got this ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌

🎶 GIFs Are Neat, but I Want Clips With Sound — Your Own Linux Desktop in the Cloud

Sunday, December 22, 2024

Also: 9 Games That Were Truly Ahead of Their Time, and More! How-To Geek Logo December 22, 2024 Did You Know Dextrose is another name for glucose, so if you see it listed prominently on the ingredients

o3—the new state-of-the-art reasoning model - Sync #498

Sunday, December 22, 2024

Plus: Nvidia's new tiny AI supercomputer; Veo 2 and Imagen 3; Google and Microsoft release reasoning models; Waymo to begin testing in Tokyo; Apptronik partners with DeepMind; and more! ͏ ͏ ͏ ͏ ͏ ͏

Sunday Digest | Featuring 'The World’s 20 Largest Economies, by GDP (PPP)' 📊

Sunday, December 22, 2024

Every visualization published this week, in one place. Dec 22, 2024 | View Online | Subscribe | VC+ | Download Our App Hello, welcome to your Sunday Digest. This week, we visualized public debt by

Android Weekly #654 🤖

Sunday, December 22, 2024

View in web browser 654 December 22nd, 2024 Articles & Tutorials Sponsored Solving ANRs with OpenTelemetry While OpenTelemetry is the new observability standard, it lacks official support for many