The Hacker News Daily Updates

"New ShellBot DDos malware targets poorly managed Linux servers."

Views expressed in this cybersecurity, cybercrime update are those of the reporters and correspondents.  Accessed on 21 March 2023, 1321 UTC.  Content provided by email subscription to "The Hacker News Daily Updates."

Source:  https://mail.google.com/mail/u/0/#inbox/FMfcgzGslbPSKQwLfrTSXtbNXdxhhMJJ ("The Hacker News Daily Updates").

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net and https://paper.li/RussellRoberts).

The Hacker News Daily Updates

Guide to Open Source Software Security How to gain visibility to all your security risks Download Now Sponsored

LATEST NEWS Mar 21, 2023

New ShellBot DDoS Malware Targeting Poorly Managed Linux Servers Poorly managed Linux SSH servers are being targeted as part of a new campaign that deploys different variants of malware called ShellBot. "ShellBot, also known as PerlBot, is a DDoS Bot malware developed in Perl and characteristically uses IRC protocol to communicate with the C&C server," AhnLab Security Emergency response Center (ASEC) said in a report. ShellBot is installed on servers ... Read More

The Best Defense Against Cyber Threats for Lean Security Teams H0lyGh0st, Magecart, and a slew of state-sponsored hacker groups are diversifying their tactics and shifting their focus to… You. That is, if you're in charge of cybersecurity for a small-to-midsize enterprise (SME). Why? Bad actors know that SMEs typically have a smaller security budget, less infosec manpower, and possibly weak or missing security controls to protect their data ... Read More

CTF 101 workshop: Learn how to solve your first CTF hacking challenge Want to compete in CTFs but don't know where to start? Join Snyk's CTF 101 workshop and build the security skills and experience you need to compete in ... Read More

From Ransomware to Cyber Espionage: 55 Zero-Day Vulnerabilities Weaponized in 2022 As many as 55 zero-day vulnerabilities were exploited in the wild in 2022, with most of the flaws discovered in software from Microsoft, Google, and Apple. While this figure represents a decrease from the year before, when a staggering 81 zero-days were weaponized, it still represents a significant uptick in recent years of threat actors leveraging unknown security flaws to their advantage. ... Read More

Hackers Steal Over $1.6 Million in Crypto from General Bytes Bitcoin ATMs Using Zero-Day Flaw Bitcoin ATM maker General Bytes disclosed that unidentified threat actors stole cryptocurrency from hot wallets by exploiting a zero-day security flaw in its software. "The attacker was able to upload his own java application remotely via the master service interface used by terminals to upload videos and run it using 'batm' user privileges," the company said in an advisory published over ... Read More

New DotRunpeX Malware Delivers Multiple Malware Families via Malicious Ads A new piece of malware dubbed dotRunpeX is being used to distribute numerous known malware families such as Agent Tesla, Ave Maria, BitRAT, FormBook, LokiBot, NetWire, Raccoon Stealer, RedLine Stealer, Remcos, Rhadamanthys, and Vidar. "DotRunpeX is a new injector written in .NET using the Process Hollowing technique and used to infect systems with a variety of known malware families," ... Read More

Mispadu Banking Trojan Targets Latin America: 90,000+ Credentials Stolen A banking trojan dubbed Mispadu has been linked to multiple spam campaigns targeting countries like Bolivia, Chile, Mexico, Peru, and Portugal with the goal of stealing credentials and delivering other payloads. The activity, which commenced in August 2022, is currently ongoing, Ocelot Team from Latin American cybersecurity firm Metabase Q said in a report shared with The Hacker News. ... Read More

New Cyber Platform Lab 1 Decodes Dark Web Data to Uncover Hidden Supply Chain Breaches 2022 was the year when inflation hit world economies, except in one corner of the global marketplace – stolen data. Ransomware payments fell by over 40% in 2022 compared to 2021. More organisations chose not to pay ransom demands, according to findings by blockchain firm Chainalysis. Nonetheless, stolen data has value beyond a price tag, and in risky ways you may not expect. Evaluating ... Read More

Guide to Open Source Software Security How to gain visibility to all your security risks Download Now Sponsored