The Hacker News Daily Updates

Cryptocurrency miners target Dockers, AWS, and Alibaba Cloud.

Views expressed in this cybersecurity-cyber crime update are those of the reporters and correspondents.

Accessed on 22 April 2022, 2145 UTC.

Content provided by email subscription to "The Hacker News Daily Updates."

Source: https://mail.google.com/mail/u/0/#inbox/FMfcgzGpFWVTmXkJpMdqVkbnDPJwrjfp

Please click link or scroll down to read your selections.

Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.blogspot.com).

The Hacker News Daily Updates

Security Orchestration Dummies Understaffed security teams struggle to execute standard processes across products in the face of rising alert volumes. Security orchestration has rapidly emerged to fill in these industry gaps by providing general-purpose workflow automation and oversight across security products. Download Now Sponsored

LATEST NEWS Apr 22, 2022

Researcher Releases PoC for Recent Java Cryptographic Vulnerability A proof-of-concept (PoC) code demonstrating a newly disclosed digital signature bypass vulnerability in Java has been shared online.  The high-severity flaw in question, CVE-2022-21449 (CVSS score: 7.5), impacts the following version of Java SE and Oracle GraalVM Enterprise Edition - Oracle Java ... Read More

Watch Out! Cryptocurrency Miners Targeting Dockers, AWS and Alibaba Cloud LemonDuck, a cross-platform cryptocurrency mining botnet, is targeting Docker to mine cryptocurrency on Linux systems as part of an active malware campaign. "It runs an anonymous mining operation by the use of proxy pools, which hide the wallet addresses," CrowdStrike said in a new report. "It ... Read More

QNAP Advises Users to Update NAS Firmware to Patch Apache HTTP Vulnerabilities Network-attached storage (NAS) appliance maker QNAP on Thursday said it's investigating its lineup for potential impact arising from two security vulnerabilities that were addressed in the Apache HTTP server last month. The critical flaws, tracked as CVE-2022-22721 and CVE-2022-23943, are rated ... Read More

Cisco Releases Security Patches for TelePresence, RoomOS and Umbrella VA Networking equipment maker Cisco has released security updates to address three high-severity vulnerabilities in its products that could be exploited to cause a denial-of-service (DoS) condition and take control of affected systems. The first of the three flaws, CVE-2022-20783 (CVSS score: 7.5), ... Read More

Hackers Sneak 'More_Eggs' Malware Into Resumes Sent to Corporate Hiring Managers A new set of phishing attacks delivering the more_eggs malware has been observed striking corporate hiring managers with bogus resumes as an infection vector, a year after potential candidates looking for work on LinkedIn were lured with weaponized job offers. "This year the more_eggs operation ... Read More

Security Orchestration Dummies Understaffed security teams struggle to execute standard processes across products in the face of rising alert volumes. Security orchestration has rapidly emerged to fill in these industry gaps by providing general-purpose workflow automation and oversight across security products. Download Now Sponsored