The use of Cloudflare R2 for hosting phishing pages has surged by 61x in just six months!

Learn how cybercriminals target Microsoft, Adobe, Dropbox, and more while evading detection and spreading malware.

Details: https://thehackernews.com/2023/08/cybercriminals-abusing-cloudflare-r2.html

Over 1,900+ Citrix NetScaler instances breached in a massive attack exploiting critical vulnerability.

Hackers used automated methods to install web shells, gaining unauthorized access even after patches.

Details: https://thehackernews.com/2023/08/nearly-2000-citrix-netscaler-instances.html

⚠️ Urgent Security Alert!

Critical vulnerabilities discovered in Ivanti Avalanche, an enterprise mobile device management solution. Hackers could exploit these flaws for code execution and more.

Read: https://thehackernews.com/2023/08/critical-security-flaws-affect-ivanti.html

Update your software ASAP!

Google introduces Quantum-Resilient FIDO2 Security Key.

Learn about the ECC/Dilithium hybrid signature schema that enhances security against quantum attacks.

Get the insights: https://thehackernews.com/2023/08/google-introduces-first-quantum.html

Google Workspace's rise brings security tweaks. Discover Chrome's powerful security features, from user-level policies to real-time threat detection.

This guide explains how Google's browser can strengthen your organization's defenses:

https://thehackernews.com/2023/08/guide-how-google-workspace-based.html

Researchers have uncovered security gaps in Microsoft's PowerShell Gallery that could enable typosquatting attacks and metadata spoofing.

Fake malicious packages deceive users and can lead to supply chain attacks.

Read details: https://thehackernews.com/2023/08/experts-uncover-weaknesses-in.html

Cyber Espionage Alert! Ongoing campaign targets NATO-aligned foreign affairs ministries. Attackers use PDFs disguised as diplomatic messages, using Duke malware.

Learn more 👉 https://thehackernews.com/2023/08/russian-hackers-use-zulip-chat-app-for.html

The network perimeter has expanded beyond office walls.

Cloud resources, IoT devices, and remote access points increase potential threats. Stay ahead with continuous network monitoring.

More insights: https://thehackernews.com/2023/08/why-you-need-continuous-network.html

🕵️‍♂️ Citrix ShareFile under attack! Learn about ongoing exploitation of CVE-2023-24489 and how to defend your systems.

Read now: https://thehackernews.com/2023/08/cisa-adds-citrix-sharefile-flaw-to-kev.html

LABRAT exploiting a GitLab flaw for cryptojacking & proxyjacking, using cross-platform malware, kernel-based rootkits, and legit service abuse.

Learn about their monetization of compromised hosts. https://thehackernews.com/2023/08/new-labrat-campaign-exploits-gitlab.html

🛩️ New iOS 16 Exploit Creates Fake Airplane Mode!

Cybersecurity experts discovered a sneaky post-exploit trick allowing attackers to secretly stay connected while your Apple device appears offline, even with Airplane Mode 'on'.

Read: https://thehackernews.com/2023/08/new-apple-ios-16-exploit-enables.html

Espionage Disguised as Ransomware?

Ongoing cyber attacks traced back to China target Southeast Asian gambling. Learn how Bronze Starlight deploys Cobalt Strike beacons and hides motives behind ransomware smokescreens.

Read: https://thehackernews.com/2023/08/china-linked-bronze-starlight-group.html

🔒 New attack alert — "NoFilter" technique exploits Windows Filtering Platform for sneaky privilege escalation.

Evades detection, hijacks admin code to "NT AUTHORITY\SYSTEM."

Find details here: https://thehackernews.com/2023/08/nofilter-attack-sneaky-privilege.html

Goodbye, sneaky extensions!

Google Chrome's upcoming version 117 plans to introduce a new security feature that will notify users after automatically removing any installed extensions that become malicious.

Learn how it works: https://thehackernews.com/2023/08/google-chromes-new-feature-alerts-users.html

Microsoft uncovers revamped BlackCat ransomware variant embedding Impacket & RemCom tools for lateral movement & remote code execution.

Read details: https://thehackernews.com/2023/08/new-blackcat-ransomware-variant-adopts.html

Attention businesses! A sneaky campaign is targeting Zimbra email servers for login credentials. Learn about the ongoing threat and its stealthy strategy.

Read: https://thehackernews.com/2023/08/new-wave-of-attack-campaign-targeting.html

Power of Machine Learning - Supercharge your Zero Trust strategy!

NDR + Machine Learning = the ultimate dynamic duo. These algorithms don't rely on old "Indicators of Compromise" (IoCs) – they learn and evolve to nab new, evolving threat.

Read: https://thehackernews.com/2023/08/the-vulnerability-of-zero-trust-lessons.html

In a coordinated operation across 25 African nations, INTERPOL-AFRIPOL arrested 14 individuals in a crackdown on cybercrime. Over $40M losses linked to 20,674 cyber networks.

Read details: https://thehackernews.com/2023/08/14-suspected-cybercriminals-arrested.html

How are hackers getting around malware detection?

They're using sneaky unsupported compression methods in Android APK files to evade detection!

These undetectable apps, with 3,300 cases found, are harder to analyze.

Details: https://thehackernews.com/2023/08/thousands-of-android-malware-apps-using.html

Juniper Networks released an "out-of-cycle" security patch for Junos OS.

J-Web component flaws have a CVSS rating of 9.8/10, making them a 'Critical' watch-out!

Read details: https://thehackernews.com/2023/08/new-juniper-junos-os-flaws-expose.html

Attackers could remotely execute code by chaining these vulnerabilities.

Sophisticated WoofLocker toolkit update hides malicious JavaScript in PNG images, tricks users with fake tech support scams using advanced fingerprinting and redirection mechanisms.

Read: https://thehackernews.com/2023/08/wooflocker-toolkit-hides-malicious.html