Hackerzhome

hackerzhome-logo-bg

Cybersecurity news all over the world

HACKERZHOME NEWS

March 8, 2023

Wednesday

Following the selling of 160GB of data on a hacking community, Acer confirms the intrusion.

A server storing confidential papers needed by repair professionals was compromised by threat actors, according to Taiwanese computer company Acer.


Yet according to the business, the findings of its preliminary inquiry do not show that this security problem has affected consumer data.


The discovery of a data breach follows a threat actor’s alleged sale of 160GB of Acer data taken in mid-February 2023 on a well-known hacking site.


Technical manuals, software tools, backend infrastructure information, product model documentation for smartphones, tablets, and laptops, BIOS images, ROM files, ISO files, and replacement digital product keys, according to the threat actor, are among the items in the stolen material (RDPK).


The threat actor published screenshots of technical schematics for the Acer V206HQL display, documents, BIOS definitions, and private documents as evidence that they had stolen data.


The data poster stated that they were offering the complete dataset for sale to the highest bidder, and they made it clear that they would only accept the anonymous cryptocurrency Monero (XMR) as payment.


This hack follows a string of security lapses for Acer over the previous few years.

NEWS 1
Following the selling of 160GB of data on a hacking community, Acer confirms the intrusion.

Breaking news

LIVE

You are not up to date!

Subscribe to our newsletter and stay updated on cybersecurity news

To avoid detection, a new virus variant incorporates a "radio quiet" option.

High-profile government organisations in Vietnam, Thailand, and Indonesia are being targeted by the Sharp Panda cyberespionage hacking gang using a new version of the “Soul” malware architecture.

Prior spying operations against important Southeast Asian businesses used a specific malware that was later linked to several Chinese APTs.

Check Point discovered a fresh malware campaign that utilized spear-phishing attempts to gain entry in late 2022 and last into 2023.

Check Point was able to identify Chinese hackers working on behalf of the Chinese government by using the RoyalRoad RTF kit, C2 server addresses, and the hacker’s working hours.

The TTPs and tools are compatible with Sharp Panda actions that have already been observed.

NEWS 2

For placing advertisements and promotions in this newspaper, or anywhere on our website, contact us through email at [email protected] or fill out this contact form.

Share this news:

March 8, 2023 /

Wednesday

Hackerzhome News

2

Have you heard?
Malware Was Once Dropped Via Old Windows ‘Fake Folders’ UAC Bypass Know more!

Two significant code execution flaws in Android were fixed in the March 2023 version.

Two significant code execution flaws in Android were fixed in the March 2023 version.

Two critical-severity remote code execution (RCE) vulnerabilities affecting Android Systems running versions 11, 12, and 13 have been fixed as part of Google’s March 2023 security updates for Android.

This time, two different security patch levels—2023-03-05 and 2023-03-01—are used to address the problems. The initial pack comprises 31 fixes for fundamental Android components like Foundation, System, and Google Play.

Google has withheld all information regarding the two issues, which are identified as CVE-2023-20951 and CVE-2023-20954, in order to stop attackers from actively exploiting them before users can install the available fixes.

Two critical-severity defects on closed-source Qualcomm components, listed as CVE-2022-33213 and CVE-2022-33256, are the most serious problems that have been patched this month.

The remaining vulnerabilities for this patch level are all high-severity and of an unknown kind.

Go to Settings System System Update and select “Check for updates” to upgrade your Android smartphone. As an alternative, go to Settings Security & Privacy Updates Security update.

NEWS 3

Attacks by the Emotet malware are back after a three-month hiatus.

Attacks by the Emotet malware are back after a three-month hiatus.
NEWS 4

After a three-month hiatus, the Emotet malware organization has resumed blasting dangerous emails, rebuilding its network, and infecting devices all over the world as of Tuesday morning.

Malicious Microsoft Word and Excel document attachments in emails are a common way for Emotet to spread. The Emotet DLL is downloaded and loaded into memory when users open these pages and macros are turned on.

Once Emotet is loaded, the malware will sit quietly, waiting for orders from a remote command and control server.

At some point, the malware will download additional payloads like Cobalt Strike or other malware that frequently results in ransomware attacks, or it may harvest the victims’ emails and contacts for use in future Emotet campaigns.

Today, the Emotet botnet started sending emails once more, according to the cybersecurity firm Cofense and the Emotet-tracking organization Cryptolaemus.

Ivan succeeded in getting E4 to send spam as of 1200UTC. Red Dawn templates are currently incredibly huge, weighing in at more than 500MB.
There is currently a respectable flow of spam. Tweeted Cryptolaemus was a septet of payload URLs and nasty macros.

Microsoft Excel now automatically blocks XLL add-ins that are not trusted.

According to Microsoft, untrusted XLL add-ins are now automatically blocked by Excel’s spreadsheet software in all Microsoft 365 tenants globally.

When this modification originally rolled out to Insiders in January and reached an initial testing phase, the firm disclosed it by adding a new entry to the Microsoft 365 roadmap.

By the end of March, the new capability will have been made available to all desktop customers in the Current, Monthly Enterprise, and Semi-Annual Enterprise channels.

For Excel Windows desktop applications that use XLL add-ins, we are implementing the following default change: According to a recent Microsoft 365 message Centre post, XLL add-ins from untrusted sources will now be prohibited by default.

The XLL blocking will be enabled by default in tenants going forward, and when users attempt to enable material from untrusted sources, a warning will be shown, alerting them to the potential risk and allowing them to learn more about why the warning is there.

This is a part of a larger initiative to combat the development of malware campaigns that have been utilizing different Office document formats as an infection vector in recent years.

Microsoft Excel now automatically blocks XLL add-ins that are not trusted.
NEWS 5

For placing advertisements and promotions in this newspaper, or anywhere on our website, contact us through email at [email protected] or fill out this contact form.

Share this news: