🚨 Cyber Alert: #Microsoft highlights Morocco-based Storm-0539, stealing up to $100,000/day in gift card fraud.

🔗 Discover the full story: https://thehackernews.com/2024/05/moroccan-cybercrime-group-steals-up-to.html

🚨 83% of organizations have fallen victim to phishing. It’s time to rethink our security strategies. Discover innovative solutions that inspect web sessions and neutralize threats in real-time.

Read the full report: https://thehackernews.com/2024/05/report-dark-side-of-phishing-protection.html

🚨 Critical Alert: TP-Link Archer C5400X 🎮 Gaming Router Vulnerability.

🚦 Severity: Maximum (CVSS 10.0)

🛡️ Impact: Remote code execution Patch available: Firmware version 1_1.1.7 Protect your network, update now!

Read more: https://thehackernews.com/2024/05/tp-link-gaming-router-vulnerability.html

Unknown threat actors are targeting WordPress sites with a new attack vector, using the Dessky Snippets plugin to insert malicious PHP code and harvest credit card data.

Read More 👉 https://thehackernews.com/2024/05/wordpress-plugin-exploited-to-steal.html

Dual Threat: CatDDoS & DNSBomb!

🐱 CatDDoS botnet exploits 80+ vulnerabilities, targeting 300+ devices daily for DDoS attacks.

💣 DNSBomb, a new attack technique, achieves a 20,000x amplification in PDoS attacks.

Read the full story: https://thehackernews.com/2024/05/researchers-warn-of-catddos-botnet-and.html

Special deals from the ANYRUN interactive malware sandbox 🎁

New and existing clients can receive:
✅ 6 months of free service
✅ Additional licenses for team members

Get it until May 31 ➡️ https://thn.news/anyrun-sandbox

🔒 With endless cyber threats, the 'spray 'n pray' approach is costing you big time. Discover the secret to prioritizing your resources and efforts on what truly matters.

Don’t miss out – read the full article now: https://thehackernews.com/2024/05/4-step-approach-to-mapping-and-securing.html

💸 Indian national pleads guilty to stealing over $37M through fake Coinbase website.

In separate cases, a Ukrainian arrested for aiding North Korean IT workers; Vietnamese charged for helping Chinese remote IT workers commit wire fraud.

Read: https://thehackernews.com/2024/05/indian-national-pleads-guilty-to-37.html

🚨 BreachForums domain is back online just 2 weeks after a law enforcement takedown!

Trap or blunder?

Learn more: https://thehackernews.com/2024/05/breachforums-returns-just-weeks-after.html

It's now selling: 1.3 TB database with 560M Ticketmaster customers' data for $500K!

Microsoft uncovers Moonstone Sleet, a new North Korean hacker group targeting various sectors with ransomware and custom malware, using fake companies and tools to infiltrate targets.

Details here: https://thehackernews.com/2024/05/microsoft-uncovers-moonstone-sleet-new.html

💻 Malachi Mullings, a 31-year-old from Georgia, has been sentenced to 10 years for laundering $4.5 million through BEC and 💔 romance scams.

Learn how they pulled off the scam: https://thehackernews.com/2024/05/us-sentences-31-year-old-to-10-years.html

🎉 Introducing GRC Mastery — Cyber Security GRC Training for beginners.

📽️ Video modules, assessments, quizzes.
🏆 Master risk management, audit, compliance, asset management.
🔭 Capstone Project: NIST assessment.
🎓 Earn a certificate.

Check it out: https://grcmastery.com

🇧🇷💰 New campaign targets Brazilian banks with AllaSenha, a custom AllaKore RAT variant. The malware steals banking credentials and uses Azure cloud for C2.

Learn more: https://thehackernews.com/2024/05/brazilian-banks-targeted-by-new.html

🚨 Attention: Check Point discovers zero-day vulnerability CVE-2024-24919 in Network Security VPN gateway products, exploited in the wild.

Read more here: https://thehackernews.com/2024/05/check-point-warns-of-zero-day-attacks.html

🔧 Ensure your systems are patched with the latest hotfixes.

Employee offboarding is crucial for security. 63% of businesses may have ex-employees with data access. Automate SaaS security to reduce risks.

Learn more at: https://thehackernews.com/2024/05/new-research-warns-about-weak.html

A malicious Python package, pytoileur, has been found in PyPI, aiming at cryptocurrency theft. Downloaded 316 times and re-uploaded after removal, this highlights significant risks in open-source ecosystems.

Learn more: https://thehackernews.com/2024/05/cybercriminals-abuse-stackoverflow-to.html

🚨 Warning: Okta warns of a vulnerability in the cross-origin authentication feature of their Customer Identity Cloud (CIC) that attackers are increasingly exploiting for credential stuffing attacks.

Learn more: https://thehackernews.com/2024/05/okta-warns-of-credential-stuffing.html

Ready to win the Cybersecurity war?

Join our webinar to master the basics and learn how to simplify your cybersecurity efforts with CIS Controls & Benchmarks.

Save yor seat now: https://thehacker.news/cyberthreat-war

🔥 U.S. takes down "911 S5," the world's largest BOTNET, spanning 190 countries and 19 MILLION infected devices.

Chinese ADMIN arrested, leading to disruption of 23 domains, 70+ servers, and seizure of $30 million in assets.

Details: https://thehackernews.com/2024/05/us-dismantles-worlds-largest-911-s5.html

🛡️ Europol's Operation Endgame has successfully dismantled major MALWARE loader networks like IcedID, SystemBC, PikaBot, SmokeLoader, Bumblebee, and TrickBot.

Read > https://thehackernews.com/2024/05/europol-dismantles-100-servers-linked.html

Over 100 servers down and 2,000 domains confiscated.

New vulnerabilities are disclosed hourly, new exploits for old vulnerabilities are publicly released and threat actors are updating their techniques continuously.

Knowing where and how to prioritize your security resources to achieve the greatest impact with the least time invested is critical.

📅 Join Intruder’s webinar on June 12, 2024 to discover the secrets of efficient exposure management: https://thn.news/exposure-management

Can’t make it? Register for the webinar and a copy will be sent.