Hackers sneak “More_Eggs” malware into resumes sent to corporate hiring managers.

Views expressed in this cybersecurity-cybercrime update are those of the reporters and correspondents.

Accessed on 21 April 2022, 2013 UTC.

Content provided by email subscription to “The Hacker News Daily Updates.”

Source:

https://mail.google.com/mail/u/0/#inbox/FMfcgzGpFWTLksrZzxXdLXFrxPKSLBSC

Please click link or scroll down to read your selections.

The Hacker News Daily Updates
50+ Security Tips to Protect Yourself When Browsing Online

Download this free PDF cheat sheet packed full of tips to help you stay safe and secure when you’re online.

Download Now Sponsored
LATEST NEWS Apr 21, 2022
Hackers Sneak ‘More_Eggs’ Malware Into Resumes Sent to Corporate Hiring Managers

A new set of phishing attacks delivering the more_eggs malware has been observed striking corporate hiring managers with bogus resumes as an infection vector, a year after potential candidates looking for work on LinkedIn were lured with weaponized job offers. “This year the more_eggs operation …

Read More
Amazon’s Hotpatch for Log4j Flaw Found Vulnerable to Privilege Escalation Bug

The “hotpatch” released by Amazon Web Services (AWS) in response to the Log4Shell vulnerabilities could be leveraged for container escape and privilege escalation, allowing an attacker to seize control of the underlying host. “Aside from containers, unprivileged processes can also exploit the …

Read More
Unpatched Bug in RainLoop Webmail Could Give Hackers Access to all Emails

An unpatched high-severity security flaw has been disclosed in the open-source RainLoop web-based email client that could be weaponized to siphon emails from victims’ inboxes. “The code vulnerability […] can be easily exploited by an attacker by sending a malicious email to a victim that uses …

Read More
Critical Chipset Bugs Open Millions of Android Devices to Remote Spying

Three security vulnerabilities have been disclosed in the audio decoders of Qualcomm and MediaTek chips that, if left unresolved, could allow an adversary to remotely gain access to media and audio conversations from affected mobile devices. According to Israeli cybersecurity company Check Point, …

Read More
New Incident Report Reveals How Hive Ransomware Targets Organizations

A recent Hive ransomware attack carried out by an affiliate involved the exploitation of “ProxyShell” vulnerabilities in the Microsoft Exchange Server that were disclosed last year to encrypt an unnamed customer’s network. “The actor managed to achieve its malicious goals and encrypt the …

Read More
50+ Security Tips to Protect Yourself When Browsing Online

Download this free PDF cheat sheet packed full of tips to help you stay safe and secure when you’re online.

Download Now Sponsored