1. Home
  2. Discover
  3. Technology
  4. The Hacker News

Warning: Xenomorph Android Banking Trojan is Back and Stronger Than Ever!

The Hacker News Daily Updates
Newsletter
cover

Augmenting Your Microsoft EOP and MDO Email Security Infrastructure

How can you augment, rather than duplicate, the native security functionality present in Microsoft Office 365?

Download Now Sponsored
LATEST NEWS Mar 10, 2023

When Partial Protection is Zero Protection: The MFA Blind Spots No One Talks About

Multi-factor Authentication (MFA) has long ago become a standard security practice. With a wide consensus on its ability to fend off more than 99% percent of account takeover attacks, it's no wonder why security architects regard it as a must-have in their environments. However, what seems to be less known are the inherent coverage limitations of traditional MFA solutions. While compatible ...

Read More
Twitter Facebook LinkedIn

Xenomorph Android Banking Trojan Returns with a New and More Powerful Variant

A new variant of the Android banking trojan named Xenomorph has surfaced in the wild, the latest findings from ThreatFabric reveal. Named "Xenomorph 3rd generation" by the Hadoken Security Group, the threat actor behind the operation, the updated version comes with new features that allow it to perform financial fraud in a seamless manner. "This new version of the malware adds many ...

Read More
Twitter Facebook LinkedIn

North Korean UNC2970 Hackers Expands Operations with New Malware Families

A North Korean espionage group tracked as UNC2970 has been observed employing previously undocumented malware families as part of a spear-phishing campaign targeting U.S. and European media and technology organizations since June 2022. Google-owned Mandiant said the threat cluster shares "multiple overlaps" with a long-running operation dubbed "Dream Job" that employs job recruitment lures ...

Read More
Twitter Facebook LinkedIn

Hackers Exploiting Remote Desktop Software Flaws to Deploy PlugX Malware

Security vulnerabilities in remote desktop programs such as Sunlogin and AweSun are being exploited by threat actors to deploy the PlugX malware. AhnLab Security Emergency Response Center (ASEC), in a new analysis, said it marks the continued abuse of the flaws to deliver a variety of payloads on compromised systems. This includes the Sliver post-exploitation framework, XMRig ...

Read More
Twitter Facebook LinkedIn

IceFire Ransomware Exploits IBM Aspera Faspex to Attack Linux-Powered Enterprise Networks

A previously known Windows-based ransomware strain known as IceFire has expanded its focus to target Linux enterprise networks belonging to several media and entertainment sector organizations across the world. The intrusions entail the exploitation of a recently disclosed deserialization vulnerability in IBM Aspera Faspex file-sharing software (CVE-2022-47986, CVSS score: 9.8), according ...

Read More
Twitter Facebook LinkedIn

Does Your Help Desk Know Who's Calling?

Phishing, the theft of users' credentials or sensitive data using social engineering, has been a significant threat since the early days of the internet – and continues to plague organizations today, accounting for more than 30% of all known breaches. And with the mass migration to remote working during the pandemic, hackers have ramped up their efforts to steal login credentials as they ...

Read More
Twitter Facebook LinkedIn

Iranian Hackers Target Women Involved in Human Rights and Middle East Politics

Iranian state-sponsored actors are continuing to engage in social engineering campaigns targeting researchers by impersonating a U.S. think tank. "Notably the targets in this instance were all women who are actively involved in political affairs and human rights in the Middle East region," Secureworks Counter Threat Unit (CTU) said in a report shared with The Hacker News. The ...

Read More
Twitter Facebook LinkedIn

New ScrubCrypt Crypter Used in Cryptojacking Attacks Targeting Oracle WebLogic

The infamous cryptocurrency miner group called 8220 Gang has been observed using a new crypter called ScrubCrypt to carry out cryptojacking operations. According to Fortinet FortiGuard Labs, the attack chain commences with the successful exploitation of susceptible Oracle WebLogic servers to download a PowerShell script that contains ScrubCrypt. Crypters are a type of software that can ...

Read More
Twitter Facebook LinkedIn
cover

Augmenting Your Microsoft EOP and MDO Email Security Infrastructure

How can you augment, rather than duplicate, the native security functionality present in Microsoft Office 365?

Download Now Sponsored

This email was sent to you. You are receiving this newsletter because you opted-in to receive relevant communications from The Hacker News. To manage your email newsletter preferences, please click here.

Contact The Hacker News: info@thehackernews.com
Unsubscribe

The Hacker News | Pearls Omaxe, Netaji Subash Place, Pitampura, Delhi 110034 India

Key phrases

North Korean espionage group infamous cryptocurrency miner group MDO Email Security Infrastructure Xenomorph Android Banking Trojan Secureworks Counter Threat Unit US think tank Remote desktop software Hadoken Security Group native security functionality standard security practice The MFA Blind inherent coverage limitations job recruitment lures remote desktop programs Sliver postexploitation framework LinuxPowered Enterprise Networks Linux enterprise networks Middle East Politics Middle East region Fortinet FortiGuard Labs account takeover attacks Windowsbased ransomware strain traditional MFA solutions undocumented malware families entertainment sector organizations Iranian statesponsored actors social engineering campaigns New ScrubCrypt Crypter New Malware Families

Older messages

New Critical Flaw in FortiOS and FortiProxy Could Give Hackers Remote Access

Thursday, March 9, 2023

The Hacker News Daily Updates Newsletter cover 3 Real-World Challenges Facing Cybersecurity Organizations: How an Exposure Management Platform Can Help Security programs today are reactive when they

Lazarus Group Exploits Zero-Day Vulnerability to Hack South Korean Financial Entity

Wednesday, March 8, 2023

The Hacker News Daily Updates Newsletter cover Solutions Demo: CyberArk Workforce Password Management Attackers used to focus mainly on privileged users' credentials. But now they'll target

Warning! Shein's Android App Caught Transmitting Your Private Data!

Tuesday, March 7, 2023

The Hacker News Daily Updates Newsletter cover The Threat Profiler's Playbook: 6 Steps to Uncovering Ransomware (& Other Nefarious Activity) How much do you understand about the threats you

Experts Discover Security Flaw in U.S. Govt's Chosen Quantum-Resistant Encryption Algorithm

Monday, March 6, 2023

The Hacker News Daily Updates Newsletter cover The Hacker News Webinar: A MythBusting Special -- 9 Myths about File-based Threats Say goodbye to the myths and hello to the facts - Register for our

Breaking: Mexican Banks Hit by FiXS ATM Malware

Saturday, March 4, 2023

The Hacker News Daily Updates Newsletter cover The Hacker News Webinar: A MythBusting Special -- 9 Myths about File-based Threats Say goodbye to the myths and hello to the facts - Register for our

You Might Also Like

Tesla Autopilot investigation closed

Friday, April 26, 2024

Inside the IBM-HashiCorp deal and Thoma Bravo takes another company private View this email online in your browser By Christine Hall Friday, April 26, 2024 Good afternoon, and welcome to TechCrunch PM.

Microsoft's and Google's bet on AI is paying off - Weekly News Roundup - Issue #464

Friday, April 26, 2024

Plus: AI-controlled F-16 has been dogfighting with humans; Grok-1.5 Vision; BionicBee; Microsoft's AI generates realistic deepfakes from a single photo; and more! ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏

🤓 The Meta Quest Might Be the VR Steam Deck Soon — Games to Play After Finishing Wordle

Friday, April 26, 2024

Also: Why a Cheap Soundbar Is Better Than Nothing, and More! How-To Geek Logo April 26, 2024 Did You Know TMI: Rhinotillexomania is the medical term for obsessive nose picking. 🖥️ Get Those Updates

JSK Daily for Apr 26, 2024

Friday, April 26, 2024

JSK Daily for Apr 26, 2024 View this email in your browser A community curated daily e-mail of JavaScript news A Solid primer on Signals with Ryan Carniato (JS Party #320) Ryan Carniato joins Amal

So are we banning TikTok or what?

Friday, April 26, 2024

Also: Can an influencer really tank an $800M company? View this email online in your browser By Haje Jan Kamps Friday, April 26, 2024 Image Credits: Jonathan Raa/NurPhoto / Getty Images Welcome to

[AI Incubator] 300+ people are already in. Enrollment closes tonight at 11:59pm PT.

Friday, April 26, 2024

How to decide if you're ready. ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌

Daily Coding Problem: Problem #1423 [Medium]

Friday, April 26, 2024

Daily Coding Problem Good morning! Here's your coding interview problem for today. This problem was asked by Google. You are given an array of nonnegative integers. Let's say you start at the

Data science for Product Managers

Friday, April 26, 2024

Crucial resources to empower you with data that matters. ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌

Inner Thoughts

Friday, April 26, 2024

'The Inner Circle' Comes Around... Inner Thoughts By MG Siegler • 26 Apr 2024 View in browser View in browser If you'll allow me a brief meta blurb this week (not a Meta blurb, plenty of

Digest #135: Kubernetes Hacks, Terraform CI/CD, HashiCorp Acquisition, AWS Data Transfer Monitoring

Friday, April 26, 2024

Explore Advanced Kubernetes Techniques, Dive Into Terraform CI/CD Frameworks, Monitor AWS Data Transfer, and Explore Cloud Security with Gitleaks! ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏