A new malware campaign has been observed distributing three info-stealers—CryptBot, LummaC2, and Rhadamanthys—using CDN cache domains to avoid detection.

Read: https://thehackernews.com/2024/04/coralraider-malware-campaign-exploits.html

⚠️ Malware Alert: A sophisticated campaign called GuptiMiner is exploiting a vulnerability in eScan antivirus to distribute backdoors and crypto miners.

Read on to explore the potential state-sponsored ties: https://thehackernews.com/2024/04/escan-antivirus-update-mechanism.html

⚡ Major security flaws uncovered in popular Chinese keyboard apps, which could expose users' private keystrokes.

Over 1 billion people using Baidu, Honor, iFlytek, OPPO, Samsung, Tencent, Vivo, and Xiaomi devices may be affected.

Details: https://thehackernews.com/2024/04/major-security-flaws-expose-keystrokes.html

IT offboarding is my favorite task! Said no one, ever.

Automate 90% of IT manual offboarding tasks with Nudge Security. Discover ALL SaaS identities and automate steps to revoke access, including OAuth grants and non-SSO accounts.

Get started here: https://thn.news/automated-it-offboarding-software

🕵️‍♂️ Heads up! Researchers have uncovered a sneaky attack delivering malware called SSLoad through phishing emails. This cunning malware infiltrates systems, steals sensitive data, and relays it back to the attackers.

Read: https://thehackernews.com/2024/04/researchers-detail-multistage-attack.html

U.S. Treasury Department has sanctioned two Iranian firms and four individuals for their involvement in malicious cyber activities targeting U.S. companies and government entities on behalf of the IRGC-CEC.

More details. 👇 https://thehackernews.com/2024/04/us-treasury-sanctions-iranian-firms-and.html

What to consider when evaluating tools to help activate & keep up with CTEM?🧐

We got your answers right here⬇️

Check out XM Cyber Buyer’s Guide to Meeting & Maintaining CTEM & start building consistent, actionable exposure remediation plans.

Dowload now: https://thn.news/ctem-buyers-guide

UPDATE — Airbus CERT releases Python scripts to scan for the critical CrushFTP flaw (CVE-2024-4040) that allows remote code execution. The zero-day has been exploited in attacks against U.S. entities.

Check: https://thehackernews.com/2024/04/critical-update-crushftp-zero-day-flaw.html

#infosec

New stealthy malware campaign exploits 2 ZERO-DAY flaws in Cisco devices, enabling covert data collection & reconnaissance by a state-sponsored actor.

Details: https://thehackernews.com/2024/04/state-sponsored-hackers-exploit-two.html

"Line Runner" and "Line Dancer" implants allow config changes and traffic capture.

U.S. Department of Justice arrested two founders of cryptocurrency mixer Samourai, seizing the service, for allegedly enabling over $2 billion in illegal transactions and laundering more than $100 million in criminal proceeds.

Learn more: https://thehackernews.com/2024/04/doj-arrests-founders-of-crypto-mixer.html

The new #YARA search tool from AnyRun helps you quickly find relevant threats.

🔍 Scan the service's public malware database using your own YARA rules to identify matching files. Explore the findings further in the sandbox.

Learn more ➡️ https://thehackernews.uk/yara-malware-search

North Korean hackers used fake job offers to deliver a new Trojan called Kaolin RAT. It can change file timestamps and load malware - a gateway to the dangerous FudModule rootkit.

Details here: https://thehackernews.com/2024/04/north-koreas-lazarus-group-deploys-new.html

🚨 Attention WordPress users!

A critical SQL injection vulnerability (CVE-2024-27956) in the WP-Automatic plugin is being actively exploited. With a max severity of 9.9/10, this bug enables site takeovers and malicious activities.

Details: https://thehackernews.com/2024/04/hackers-exploiting-wp-automatic-plugin.html

⚠️ Attention Android users!

A new malware called Brokewell is disguising itself as updates for popular apps like Google Chrome and Klarna. Don't fall for these fake updates.

Click to find out more: https://thehackernews.com/2024/04/new-brokewell-android-malware-spread.html

🆘 Attention, Palo Alto Networks users!

A critical vulnerability (CVE-2024-3400) in PAN-OS could expose your systems to remote code execution attacks.

Good news: Hotfixes and remediation steps available.

Read full advisory: https://thehackernews.com/2024/04/palo-alto-networks-outlines-remediation.html

🛡️ Did you know 70% of successful breaches begin at the endpoint? Unprotected devices are gateways for devastating cyberattacks.

This guide shares 10 must-know tips, from identifying vulnerabilities to implementing robust security solutions: https://thehackernews.com/2024/04/10-critical-endpoint-security-tips-you.html

Multiple severe vulnerabilities discovered in Brocade SANnav SAN management application.

From insecure root access to lack of authentication and encryption, one flaw even allows unauthenticated remote attackers to log in as root!

Read: https://thehackernews.com/2024/04/severe-flaws-disclosed-in-brocade.html

🚨 Developers Beware! A new social engineering scam is on the rise, luring software engineers with fake job interviews only to infect their systems with BeaverTail and InvisibleFerret backdoors malware.

https://thehackernews.com/2024/04/bogus-npm-packages-used-to-trick.html

Cybersecurity researchers have uncovered a targeted cyber attack against Ukraine that leveraged a 7-year-old Microsoft Office flaw to deploy Cobalt Strike beacons on victims' systems.

Read: https://thehackernews.com/2024/04/ukraine-targeted-in-cyberattack.html

Heads up! Okta is sounding the alarm on an unprecedented spike in credential stuffing attacks targeting online services.

These attacks are powered by readily available tools and stolen credentials.

Details: https://thehackernews.com/2024/04/okta-warns-of-unprecedented-surge-in.html

🚨 Multiple vulnerabilities have been discovered in the popular Judge0 online code execution system, putting users at risk of complete system compromise.

Get the details: https://thehackernews.com/2024/04/sandbox-escape-vulnerabilities-in.html