The Hacker News Daily Updates

"BlueNoroff APT hackers use new ways to bypass Windows MotW protection."

Views expressed in this cybersecurity, cybercrime update are those of the reporters and correspondents.  Accessed on 27 December 2022, 2022 UTC. Content supplied by email subscription to "The Hacker News Daily Updates."

Source: https://mail.google.com/mail/u/0/?tab=rm&ogbl#inbox/FMfcgzGrblZlkwRDkwlNbKJTZmvfLzTn

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net and https://paper.li/RussellRoberts).

The Hacker News Daily Updates

Data in Motion to Accelerate Your Mission Learn how a cohesive enterprise data strategy that fosters data movement with built-in analytics and AI can help agencies securely harness their data and improve mission outcomes. Download Now Sponsored

LATEST NEWS Dec 27, 2022

BlueNoroff APT Hackers Using New Ways to Bypass Windows MotW Protection BlueNoroff, a subcluster of the notorious Lazarus Group, has been observed adopting new techniques into its playbook that enable it to bypass Windows Mark of the Web (MotW) protections. This includes the use of optical disk image (.ISO extension) and virtual hard disk (.VHD extension) file formats as part of a novel infection chain, Kaspersky disclosed in a report published today. ... Read More

Facebook to Pay $725 Million to settle Lawsuit Over Cambridge Analytica Data Leak Meta Platforms, the parent company of Facebook, Instagram, and WhatsApp, has agreed to pay $725 million to settle a long-running class-action lawsuit filed in 2018. The legal dispute sprang up in response to revelations that the social media giant allowed third-party apps such as those used by Cambridge Analytica to access users' personal information without their consent for ... Read More

GuLoader Malware Utilizing New Techniques to Evade Security Software Cybersecurity researchers have exposed a wide variety of techniques adopted by an advanced malware downloader called GuLoader to evade security software. "New shellcode anti-analysis technique attempts to thwart researchers and hostile environments by scanning entire process memory for any virtual machine (VM)-related strings," CrowdStrike researchers Sarang Sonawane and Donato Onofri said in ... Read More

2022 Top Five Immediate Threats in Geopolitical Context As we are nearing the end of 2022, looking at the most concerning threats of this turbulent year in terms of testing numbers offers a threat-based perspective on what triggers cybersecurity teams to check how vulnerable they are to specific threats. These are the threats that were most tested to validate resilience with the Cymulate security posture management platform between January 1st ... Read More

PrivateLoader PPI Service Found Distributing Info-Stealing RisePro Malware The pay-per-install (PPI) malware downloader service known as PrivateLoader is being used to distribute a previously documented information-stealing malware dubbed RisePro. Flashpoint spotted the newly identified stealer on December 13, 2022, after it discovered "several sets of logs" exfiltrated using the malware on an illicit cybercrime marketplace called Russian Market. A C++-based ... Read More

W4SP Stealer Discovered in Multiple PyPI Packages Under Various Names Threat actors have published yet another round of malicious packages to Python Package Index (PyPI) with the goal of delivering information-stealing malware on compromised developer machines. Interestingly, while the malware goes by a variety of names like ANGEL Stealer, Celestial Stealer, Fade Stealer, Leaf $tealer, PURE Stealer, Satan Stealer, and @skid Stealer, cybersecurity company ... Read More

FrodoPIR: New Privacy-Focused Database Querying System The developers behind the Brave open-source web browser have revealed a new privacy-preserving data querying and retrieval system called FrodoPIR. The idea, the company said, is to use the technology to build out a wide range of use cases such as safe browsing, scanning passwords against breached databases, certificate revocation checks, and streaming, among others. The scheme is ... Read More

Researchers Warn of Kavach 2FA Phishing Attacks Targeting Indian Govt. Officials A new targeted phishing campaign has zoomed in on a two-factor authentication solution called Kavach that's used by Indian government officials. Cybersecurity firm Securonix dubbed the activity STEPPY#KAVACH, attributing it to a threat actor known as SideCopy based on tactical overlaps with prior attacks. ".LNK files are used to initiate code execution which eventually downloads and runs ... Read More

Achieve Balanced Security and Performance with Next-Generation Software-Defined WAN The LAN can often be the beginning or end of many security events. Download Now Sponsored

This email was sent to kh6jrm@gmail.com. You are receiving this newsletter because you opted-in to receive relevant communications from The Hacker News. To manage your email newsletter preferences, please click here. Contact The Hacker News: info@thehackernews.com Unsubscribe The Hacker News | Pearls Omaxe, Netaji Subash Place, Pitampura, Delhi 110034 India