The Hacker News Daily Updates

"Dark Pink APT Group targets governments and military in APAC Region."

Views expressed in this cybersecurity, cybercrime update are those of the reporters and correspondents.  Accessed on 11 January 2023, 1327 UTC.  Content provided by email subscription to "The Hacker News Daily Updates."

Source: https://mail.google.com/mail/u/0/#inbox/FMfcgzGrbvJhwDmHwcCRvRwdMqBbPLzp

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net and https://paper.li/RussellRoberts).

The Hacker News Daily Updates
Newsletter
cover

What Elite Threat Hunters See that Others Miss

Organizations are turning to Team Cymru to get ahead of high criticality cyber threats.

Download NowSponsored
LATEST NEWSJan 11, 2023

Unlock Your Potential: Get 9 Online Cyber Security Courses for Just $49.99

Are you looking to take your career in the information security industry to the next level? Look no further than the 2023 Certified Technology Professional Bundle! This unparalleled offer grants you lifetime access to nine comprehensive courses in information security, hacking, and cybersecurity at a remarkable price of just $49.99. Yes, you heard me right. Instead of paying the full price of ...

Read More
TwitterFacebookLinkedIn

Dark Pink APT Group Targets Governments and Military in APAC Region

Government and military organizations in the Asia-Pacific region are being targeted by a previously unknown advanced persistent threat (APT) actor, per the latest research. Singapore-headquartered Group-IB, in a report shared with The Hacker News, said it's tracking the ongoing campaign under the name Dark Pink and attributed seven successful attacks to the adversarial collective between ...

Read More
TwitterFacebookLinkedIn

Still managing compliance on spreadsheets? Time for compliance automation.

Know your risk and compliance posture at all times. Automate your compliance journey here.

Read More
TwitterFacebookLinkedIn

Microsoft Issues January 2023 Patch Tuesday Updates, Warns of Zero-Day Exploit

The first Patch Tuesday fixes shipped by Microsoft for 2023 have addressed a total of 98 security flaws, including one bug that the company said is being actively exploited in the wild. 11 of the 98 issues are rated Critical and 87 are rated Important in severity, with one of the vulnerabilities also listed as publicly known at the time of release. Separately, the Windows maker is expected ...

Read More
TwitterFacebookLinkedIn

StrongPity Hackers Distribute Trojanized Telegram App to Target Android Users

The advanced persistent threat (APT) group known as StrongPity has targeted Android users with a trojanized version of the Telegram app through a fake website that impersonates a video chat service called Shagle. "A copycat website, mimicking the Shagle service, is used to distribute StrongPity's mobile backdoor app," ESET malware researcher Lukáš Štefanko said in a technical report. "The app ...

Read More
TwitterFacebookLinkedIn

Expert Analysis Reveals Cryptographic Weaknesses in Threema Messaging App

A comprehensive analysis of the cryptographic protocols used in the Swiss encrypted messaging application Threema has revealed a number of loopholes that could be exploited to break authentication protections and even recover users' private keys. The seven attacks span three different threat models, according to ETH Zurich researchers Kenneth G. Paterson, Matteo Scarlata, and Kien Tuong ...

Read More
TwitterFacebookLinkedIn

Italian Users Warned of Malware Attack Targeting Sensitive Information

A new malware campaign has been observed targeting Italy with phishing emails designed to deploy an information stealer on compromised Windows systems. "The info-stealer malware steals sensitive information like system info, crypto wallet and browser histories, cookies, and credentials of crypto wallets from victim machines," Uptycs security researcher Karthickkumar Kathiresan said in a ...

Read More
TwitterFacebookLinkedIn

Severe Security Flaw Found in "jsonwebtoken" Library Used by 22,000+ Projects

A high-severity security flaw has been disclosed in the open source jsonwebtoken (JWT) library that, if successfully exploited, could lead to remote code execution on a target server. "By exploiting this vulnerability, attackers could achieve remote code execution (RCE) on a server verifying a maliciously crafted JSON web token (JWT) request," Palo Alto Networks Unit 42 researcher Artur ...

Read More
TwitterFacebookLinkedIn
cover

What Elite Threat Hunters See that Others Miss

Organizations are turning to Team Cymru to get ahead of high criticality cyber threats.

Download NowSponsored

Comments

Popular posts from this blog

The Cyberwire Daily Briefing

SecurityWeek Briefing

BleepingComputer.com