Linux Users Beware: A stealthy supply chain attack went undetected for 3+ years, stealing passwords and more.

Learn how a trusted "Free Download Manager" site turned malicious and distributed malware.

Read: https://thehackernews.com/2023/09/free-download-manager-site-compromised.html

🔒 Secure offboarding is essential in today's IT landscape. Learn about common pitfalls and how to avoid them in this must-read article.

Read: https://thehackernews.com/2023/09/avoid-these-5-it-offboarding-pitfalls.html

🚨 Critical security flaws discovered in Kubernetes could lead to remote code execution with elevated privileges on Windows endpoints within a cluster.

Learn more about CVE-2023-3676, CVE-2023-3893, and CVE-2023-3955: https://thehackernews.com/2023/09/alert-new-kubernetes-vulnerabilities.html

Microsoft reveals Iranian nation-state actors' password spray attacks targeting the satellite, defense, and pharmaceutical sectors globally.

Learn more about this: https://thehackernews.com/2023/09/iranian-nation-state-actors-employ.html

Cybercriminals behind RedLine and Vidar info-stealers have shifted their focus towards ransomware, employing phishing campaigns and leveraging Extended Validation (EV) code signing certificates.

Read details: https://thehackernews.com/2023/09/cybercriminals-combine-phishing-and-ev.html

⚠️ Attention Facebook Business Users: Python-based NodeStealer #malware has returned. It now targets multiple web browsers to maliciously take over accounts.

Read: https://thehackernews.com/2023/09/nodestealer-malware-now-targets.html

IoT devices are reshaping our world, but also becoming targets for cyberattacks. Learn about IoT-driven DDoS attacks and how to defend against them in our latest article.

Read: https://thehackernews.com/2023/09/ddos-20-iot-sparks-new-ddos-alert.html

Google to Pay $93 Million in Location-Privacy Lawsuit Settlement! California Attorney General exposes Google's misleading practices.

Read details: https://thehackernews.com/2023/09/google-agrees-to-93-million-settlement.html

The rise in cybersecurity vulnerabilities is alarming! Discover the importance of automated threat intelligence in today's digital landscape.

Read: https://thehackernews.com/2023/09/the-interdependence-between-automated.html

TikTok faces a whopping €345 million fine for mishandling children's data in the E.U.

Default public settings, lack of transparency, and more led to this hefty penalty.

Learn more: https://thehackernews.com/2023/09/tiktok-faces-massive-345-million-fine.html

Major crypto hacks by Lazarus Group: Reports confirm $240M stolen since June 2023, with $31M swiped from CoinEx. Find out how they're shifting their focus.

Read: https://thehackernews.com/2023/09/north-koreas-lazarus-group-suspected-in.html

UNC3944 threat actor now turns to ransomware attacks, targeting critical systems. Understand their tactics, and learn how to protect your organization from this growing danger.

Read: https://thehackernews.com/2023/09/financially-motivated-unc3944-threat.html

Software firm Retool suffered a breach with 27 customer accounts hacked after an SMS-based attack.

Google Account sync blamed for the breach, turning multi-factor authentication to single-factor.

Result: $15M in stolen cryptocurrency.

Read: https://thehackernews.com/2023/09/retool-falls-victim-to-sms-based.html

Discover the evolution of Android banking trojans - 'Hook' inherits its powers from 'ERMAC.' How does it outperform its predecessor?

Read on: https://thehackernews.com/2023/09/hook-new-android-banking-trojan-that.html

💻💰 A new cryptojacking operation, AMBERSQUID, is exploiting uncommon AWS services like AWS Amplify, Fargate, and SageMaker.

Read: https://thehackernews.com/2023/09/new-ambersquid-cryptojacking-operation.html

Learn how they fly under the radar.

🔥 Data Leak Alert!

Microsoft accidentally exposed 38TB of private data, including secrets, keys, passwords, and 30K+ internal Teams messages, on AI #GitHub repository due to a security glitch.

Read more in this article: https://thehackernews.com/2023/09/microsoft-ai-researchers-accidentally.html

📢 New Threat Alert — Suspected Pakistani group, Transparent Tribe, evolves tactics! Using fake YouTube apps to spread CapraRAT trojan, targeting Indian entities.

Read: https://thehackernews.com/2023/09/transparent-tribe-uses-fake-youtube.html

Around 12,000 Juniper firewall devices exposed online are vulnerable to a recently disclosed flaw (CVE-2023-36845). This flaw enables unauthenticated code execution without file creation.

Read details: https://thehackernews.com/2023/09/over-12000-juniper-firewalls-found.html

Earth Lusca, a China-linked group, is using a stealthy Linux backdoor called SprySOCKS to target government entities worldwide.

Learn how they operate: https://thehackernews.com/2023/09/earth-luscas-new-sprysocks-linux.html

🚨 Data Security Alert! Did you know 6% of employees paste sensitive data into AI apps weekly? Learn how to prevent data leakage in this upcoming webinar.

Read: https://thehackernews.com/2023/09/live-webinar-overcoming-generative-ai.html

Researchers warn of a new sophisticated campaign, Operation Rusty Flag, deploying Rust-based malware in Azerbaijan.

Learn how this advanced attack works: https://thehackernews.com/2023/09/operation-rusty-flag-azerbaijan.html