ANYRUN, a malware sandbox for interactive analysis, announced its 8th Birthday Special Offer 🎁

New and current users can get 6 months of service or extra Enterprise-tier licenses for free.

Learn more ➡️ https://thn.news/anyrun-malware-sandbox

🔒 Attention cybersecurity professionals.

The Common Vulnerability Scoring System (CVSS) v4.0 is here, replacing the 8-year-old CVSS v3.0.

Discover how this update enhances vulnerability assessment & helps you strengthen your cyber resilience.

Read: https://thehackernews.com/2024/05/get-cyber-resilient-with-cvss.html

🔒 Google Play Protect just got smarter with live threat detection.

Android 15 introduces new features to prevent malicious apps from capturing your sensitive data.

Find out more about these crucial updates: https://thehackernews.com/2024/05/android-15-introduces-new-features-to.html

🔐 Google announced new privacy & security features for Android devices:

✅ Offline Device Lock
✅ Factory Reset Upgrade
✅ Private Space Enhanced
✅ AI-Powered Theft Detection

Details here: https://thehackernews.com/2024/05/google-adds-ai-powered-theft-protection.html

BREAKING - BreachForums, a notorious online bazaar for stolen data, has been seized by law enforcement agencies for the second time in a year.

The FBI has taken control of its #Telegram channel as well.

Read on > https://thehackernews.com/2024/05/fbi-seizes-breachforums-again-urges.html

🚨 Google has addressed nine security issues in its Chrome browser, including a new zero-day exploit (CVE-2024-4947) that has been actively exploited in the wild.

Learn more: https://thehackernews.com/2024/05/google-patches-yet-another-actively.html

Don't wait – update your browser now.

⚠️ Cybercriminals are exploiting Microsoft's Quick Assist tool to target users in social engineering attacks and deploy Black Basta ransomware.

Learn more: https://thehackernews.com/2024/05/cybercriminals-exploiting-microsofts.html

🕵️‍♀️ Security and IT teams, listen up!

Reviewing new and existing OAuth grants programmatically is crucial for catching risky activity or overly-permissive scopes.

Learn best practices for investigating grants in this article: https://thehackernews.com/expert-insights/2024/05/how-to-investigate-oauth-grant-for.html

Nearly a dozen security flaws have been discovered in the GE HealthCare Vivid Ultrasound product family. These vulnerabilities could allow ransomware attacks or data tampering.

Learn more: https://thehackernews.com/2024/05/researchers-uncover-11-security-flaws.html

Every SaaS account created by your employees represents a new “identity” with unique permissions, security settings & risks and many app owners sit outside of IT, meaning security controls could be overlooked.

Learn how Nudge Security can help: https://thn.news/saas-identity-governance

⚠️ North Korea-linked Kimsuky hacking group has launched a new social engineering attack using fake Facebook accounts to target individuals via Messenger.

Learn more: https://thehackernews.com/2024/05/north-korean-hackers-exploit-facebook.html

At Georgetown, gain the tactical skills to plan for and respond to information security threats. Attend this June 7 webinar.

Save your seat: https://thn.news/georgetown-cybersec-webinar-li

🚨 New Wi-Fi #vulnerability discovered!

CVE-2023-52424, dubbed "SSID Confusion attack," affects all operating systems & Wi-Fi clients.

Learn how attackers can trick you into connecting to a less secure network & eavesdrop on your traffic.

https://thehackernews.com/2024/05/new-wi-fi-vulnerability-enabling.html

🚨 Attention D-Link users - CISA warns of actively exploited vulnerabilities, CVE-2014-100005 and CVE-2021-40655, that attackers could exploit to change your router settings or steal your credentials.

Learn more: https://thehackernews.com/2024/05/cisa-warns-of-actively-exploited-d-link.html

⚠️ North Korean APT group Kimsuky deploys Linux version of GoBear backdoor, targeting South Korean organizations.

Learn more about the Gomir backdoor and its capabilities: https://thehackernews.com/2024/05/kimsuky-apt-deploying-linux-backdoor.html

🚨 Alert: China-linked BlackTech group using advanced Deuterbear RAT in Asia-Pacific cyber espionage campaign.

Learn more about the improved capabilities and infection pathway of this evolving threat: https://thehackernews.com/2024/05/china-linked-hackers-adopt-two-stage.html#hacking #cybersecurity

🔒 Attention cybersecurity professionals!

A new report reveals that CVE-based vulnerabilities account for less than 1% of the average organization's on-prem exposure landscape.

It's time to shift our focus to the real threats.

Learn how: https://thehackernews.com/2024/05/new-xm-cyber-research-80-of-exposures.html

Kinsing cryptojacking hacker group continuously expanding its exploitation arsenal, which now includes various flaws in Apache ActiveMQ, Log4j, NiFi, Atlassian Confluence, Citrix, Linux, Openfire, WebLogic Server, and SaltStack.

Read: https://thehackernews.com/2024/05/kinsing-hacker-group-exploits-more.html

⚠️ Grandoreiro banking trojan is back, targeting 1,500+ banks in 60+ countries. It now uses infected Outlook to spread phishing emails, with updated domain-generating algorithm and anti-malware evasion capability.

Learn more: https://thehackernews.com/2024/05/grandoreiro-banking-trojan-resurfaces.html

🚨 Two Chinese nationals arrested for laundering $73 million in a massive pig butchering scam. The DoJ charges them with managing an international syndicate that tricked victims into crypto investment scams.

Learn more: https://thehackernews.com/2024/05/chinese-nationals-arrested-for.html

Researchers have observed a surge in email phishing campaigns delivering Latrodectus, a new malware loader believed to be the successor to IcedID.

Details here > https://thehackernews.com/2024/05/latrodectus-malware-loader-emerges-as.html