Cybercriminals behind RedLine and Vidar info-stealers have shifted their focus towards ransomware, employing phishing campaigns and leveraging Extended Validation (EV) code signing certificates.

Read details: https://thehackernews.com/2023/09/cybercriminals-combine-phishing-and-ev.html

⚠️ Attention Facebook Business Users: Python-based NodeStealer #malware has returned. It now targets multiple web browsers to maliciously take over accounts.

Read: https://thehackernews.com/2023/09/nodestealer-malware-now-targets.html

IoT devices are reshaping our world, but also becoming targets for cyberattacks. Learn about IoT-driven DDoS attacks and how to defend against them in our latest article.

Read: https://thehackernews.com/2023/09/ddos-20-iot-sparks-new-ddos-alert.html

Google to Pay $93 Million in Location-Privacy Lawsuit Settlement! California Attorney General exposes Google's misleading practices.

Read details: https://thehackernews.com/2023/09/google-agrees-to-93-million-settlement.html

The rise in cybersecurity vulnerabilities is alarming! Discover the importance of automated threat intelligence in today's digital landscape.

Read: https://thehackernews.com/2023/09/the-interdependence-between-automated.html

TikTok faces a whopping €345 million fine for mishandling children's data in the E.U.

Default public settings, lack of transparency, and more led to this hefty penalty.

Learn more: https://thehackernews.com/2023/09/tiktok-faces-massive-345-million-fine.html

Major crypto hacks by Lazarus Group: Reports confirm $240M stolen since June 2023, with $31M swiped from CoinEx. Find out how they're shifting their focus.

Read: https://thehackernews.com/2023/09/north-koreas-lazarus-group-suspected-in.html

UNC3944 threat actor now turns to ransomware attacks, targeting critical systems. Understand their tactics, and learn how to protect your organization from this growing danger.

Read: https://thehackernews.com/2023/09/financially-motivated-unc3944-threat.html

Software firm Retool suffered a breach with 27 customer accounts hacked after an SMS-based attack.

Google Account sync blamed for the breach, turning multi-factor authentication to single-factor.

Result: $15M in stolen cryptocurrency.

Read: https://thehackernews.com/2023/09/retool-falls-victim-to-sms-based.html

Discover the evolution of Android banking trojans - 'Hook' inherits its powers from 'ERMAC.' How does it outperform its predecessor?

Read on: https://thehackernews.com/2023/09/hook-new-android-banking-trojan-that.html

💻💰 A new cryptojacking operation, AMBERSQUID, is exploiting uncommon AWS services like AWS Amplify, Fargate, and SageMaker.

Read: https://thehackernews.com/2023/09/new-ambersquid-cryptojacking-operation.html

Learn how they fly under the radar.

🔥 Data Leak Alert!

Microsoft accidentally exposed 38TB of private data, including secrets, keys, passwords, and 30K+ internal Teams messages, on AI #GitHub repository due to a security glitch.

Read more in this article: https://thehackernews.com/2023/09/microsoft-ai-researchers-accidentally.html

📢 New Threat Alert — Suspected Pakistani group, Transparent Tribe, evolves tactics! Using fake YouTube apps to spread CapraRAT trojan, targeting Indian entities.

Read: https://thehackernews.com/2023/09/transparent-tribe-uses-fake-youtube.html

Around 12,000 Juniper firewall devices exposed online are vulnerable to a recently disclosed flaw (CVE-2023-36845). This flaw enables unauthenticated code execution without file creation.

Read details: https://thehackernews.com/2023/09/over-12000-juniper-firewalls-found.html

Earth Lusca, a China-linked group, is using a stealthy Linux backdoor called SprySOCKS to target government entities worldwide.

Learn how they operate: https://thehackernews.com/2023/09/earth-luscas-new-sprysocks-linux.html

🚨 Data Security Alert! Did you know 6% of employees paste sensitive data into AI apps weekly? Learn how to prevent data leakage in this upcoming webinar.

Read: https://thehackernews.com/2023/09/live-webinar-overcoming-generative-ai.html

Researchers warn of a new sophisticated campaign, Operation Rusty Flag, deploying Rust-based malware in Azerbaijan.

Learn how this advanced attack works: https://thehackernews.com/2023/09/operation-rusty-flag-azerbaijan.html

Telecom providers in the Middle East face a stealthy cyber threat called ShroudedSnooper. It uses HTTPSnoop to exploit Windows HTTP kernel drivers.

Learn more: https://thehackernews.com/2023/09/shroudedsnoopers-httpsnoop-backdoor.html

👨🏻‍💻👾 WEBINAR ➤ Discover the power of SSPM + ITDR synergy, learn to detect and neutralize hidden SaaS security threats.

Reserve your spot now: https://thehacker.news/itdr-saas

XWorm, a persistent remote access trojan, has been evolving since 2022. Researchers at AnyRun uncovered its inner workings, including evasion tactics, sandbox detection, and persistence methods.

Learn more: https://thehackernews.com/2023/09/inside-code-of-new-xworm-variant.html

Trend Micro releases patches for critical security flaw, CVE-2023-41179, actively exploited in real-world attacks on Apex One and Worry-Free Business Security solutions for Windows.

Read details: https://thehackernews.com/2023/09/trend-micro-releases-urgent-fix-for.html