New research reveals that threat actors are exploiting Cloudflare Tunnels for covert communication channels from compromised hosts, maintaining persistent access.

Read details here: https://thehackernews.com/2023/08/hackers-abusing-cloudflare-tunnels-for.html

🔔 Microsoft's August 2023 Patch Tuesday: 74 vulnerabilities fixed, 6 Critical and 67 Important security flaws addressed.

Stay up to date with the latest updates here ➡️ https://thehackernews.com/2023/08/microsoft-releases-patches-for-74-new.html

Say goodbye to 2G vulnerabilities.

Android 14 introduces a new feature that allows IT admins to disable 2G network support, enhancing protection against interception and cyber threats.

Learn more about this: https://thehackernews.com/2023/08/new-android-14-security-feature-it.html

⚠️ Warning! Cybercriminals are actively targeting vulnerable Kubernetes clusters, deploying crypto miners and backdoors.

Don't let your small or medium-sized organization fall victim.

Discover the risks now: https://thehackernews.com/2023/08/malicious-campaigns-exploit-weak.html

New report uncovers connections between Rhysida and Vice Society ransomware groups. Provides details on targeting, tools, and victim profiles.

Read more: https://thehackernews.com/2023/08/new-report-exposes-vice-societys.html

Latest report uncovers connection between China's Ministry of State Security hackers and global cyber attacks.

RedHotel Group carried out extensive intrusions across 17 countries.

Learn more: https://thehackernews.com/2023/08/china-linked-hackers-strike-worldwide.html

Struggling to keep up with evolving cyber threats?

Explore the power of Penetration Testing as a Service (PTaaS) – a combination of AI, automation, and human expertise for continuous security validation.

Learn more: https://thehackernews.com/2023/08/continuous-security-validation-with.html

🚨 CPU Security Alert: Collide+Power, Downfall, and Inception!

New side-channel attacks exploit vulnerabilities in all modern Intel and AMD CPUs, risking data theft and unauthorized access.

Dive into the details: https://thehackernews.com/2023/08/collidepower-downfall-and-inception-new.html

A Blow to Cybercriminals!

Interpol takes down phishing-as-a-service platform 16Shop and makes arrests in Indonesia and Japan. Operation targets large-scale phishing attacks.

Learn how this operation: https://thehackernews.com/2023/08/interpol-busts-phishing-as-service.html

Cybercriminals are increasingly using 'EvilProxy' Phishing-as-a-Service (PhaaS) toolkit to carry out account takeovers.

Their primary targets are C-level executives, resulting in thousands of breached Microsoft 365 accounts.

Details: https://thehackernews.com/2023/08/cybercriminals-increasingly-using.html

Researchers uncover critical security flaws in the popular Chinese language input app, Tencent's Sogou Input Method, putting over 455 million monthly users at risk.

Details 👉 https://thehackernews.com/2023/08/encryption-flaws-in-popular-chinese.html

New Threat Alert: Malicious actors are leveraging the legitimate Rust-based injector Freeze[.]rs to deploy the XWorm malware in targeted environments.

https://thehackernews.com/2023/08/new-attack-alert-freezers-injector.html

🚨 New attack vector alert! Attackers leveraging Microsoft Cross-Tenant Synchronization for lateral movement & persistence.

Learn how Vectra AI reveals insights on this technique and helps defenders stay ahead.

Read the full article: https://thehackernews.com/2023/08/emerging-attacker-exploit-microsoft.html

Researchers uncover Statc Stealer, a dangerous malware targeting Windows devices. It steals login data, cookies, cryptocurency wallets, and sensitive information.

Find out more in this: https://thehackernews.com/2023/08/new-statc-stealer-malware-emerges-your.html

⚠️ CISA has added a high-severity security flaw (CVE-2023-38180) in Microsoft's .NET and Visual Studio to its Known Exploited Vulnerabilities catalog.

For more details, check out: https://thehackernews.com/2023/08/cisa-adds-microsoft-net-vulnerability.html

🚨A series of 15 high-severity vulnerabilities dubbed CoDe16 have been uncovered in CODESYS V3 SDK, posing RCE and DoS risks to Operational Technology (OT) environments.

Find out more about these: https://thehackernews.com/2023/08/15-new-codesys-sdk-flaws-expose-ot.html

Russian threat actors suspected in cyberattack on South African power company using a new variant of the SystemBC #malware called DroxiDat.

Read details here: https://thehackernews.com/2023/08/new-systembc-malware-variant-targets.html

APT31 has been linked to the use of sophisticated backdoors that are capable of stealing sensitive data, even from air-gapped systems.

To learn more about their cyber espionage tactics, visit: https://thehackernews.com/2023/08/researchers-shed-light-on-apt31s.html

🔑🔒 Google Chrome 116 add support for quantum-resistant encryption algorithms to encrypt TLS connections.

Learn more about X25519Kyber768: https://thehackernews.com/2023/08/enhancing-tls-security-google-adds.html

Decade-Long Cyber Espionage Operation!

MoustachedBouncer targets foreign embassies in Belarus. Discover how this skilled group employs AitM attacks and advanced tools.

Read: https://thehackernews.com/2023/08/researchers-uncover-decade-long-cyber.html

🚨 Critical Python URL parsing flaw (CVE-2023-24329) discovered! Allows domain filter bypass, enabling file reads & command execution.

Find details here: https://thehackernews.com/2023/08/new-python-url-parsing-flaw-enables.html