🚨 A new research report has revealed that the notorious Clop ransomware group has likely been silently exploiting the recently disclosed critical MOVEit Transfer application vulnerability (CVE-2023-34362) since 2021.

Details: https://thehackernews.com/2023/06/clop-ransomware-gang-likely-exploiting.html

Beware of Stealth Soldier! The latest mysterious surveillance tool infiltrating North Africa, equipped with file exfiltration, keystroke logging, and screen recording capabilities.

Read details: https://thehackernews.com/2023/06/stealth-soldier-new-custom-backdoor.html

Stay vigilant against this emerging threat.

Asylum Ambuscade: Elusive threat actor bridging cybercrime and cyber espionage, targeting banks, cryptocurrency traders, and government entities.

Learn more about their tactics and wide-reaching impact: https://thehackernews.com/2023/06/asylum-ambuscade-cybercrime-group-with.html

Microsoft uncovers complex AitM phishing and BEC attacks targeting banks and financial services.

Discover the anatomy of these attacks, from spoofed sign-in pages to session cookie theft, & learn how cybercriminals carry out financial fraud.

https://thehackernews.com/2023/06/microsoft-uncovers-banking-aitm.html

Educating people about cybersecurity isn't enough. It's time to integrate security solutions like access management to minimize human-related risk.

Find out why in this latest blog post: https://thehackernews.com/2023/06/5-reasons-why-access-management-is-key.html

🚨 Attention! Multiple new SQL injection vulnerabilities discovered in MOVEit Transfer, posing a risk of unauthorized access to the database.

Details: https://thehackernews.com/2023/06/new-critical-moveit-transfer-sql.html

Upgrade to the latest versions to protect sensitive information.

Vietnamese public companies under attack! APT32 hackers are utilizing the new SPECTRALVIPER—a hidden backdoor packed with powerful capabilities.

Learn more about this cyber threat here: https://thehackernews.com/2023/06/new-spectralviper-backdoor-targeting.html

Apple unveils powerful new privacy and security features!

Link Tracking Protection in Mail, Messages, and Safari's private mode now automatically removes tracking parameters in URLs.

Learn more: https://thehackernews.com/2023/06/apples-safari-private-browsing-now.html

⚠️ Urgent: A new critical RCE security vulnerability (CVE-2023-27997) in FortiGate firewalls has been discovered. Update to the latest versions to secure your network against potential remote code execution.

Read details: https://thehackernews.com/2023/06/critical-rce-flaw-discovered-in.html

Heads up! A massive campaign involving over 1,000 fraudulent cryptocurrency websites has scammed thousands of people worldwide with false promises of huge rewards.

Don't fall for their trickery — spread the word: https://thehackernews.com/2023/06/beware-1000-fake-cryptocurrency-sites.html

Security researcher uncovers major vulnerabilities in Honda's e-commerce platform, exposing sensitive dealer information. This flaw could have allowed unrestricted access to data.

Learn more: https://thehackernews.com/2023/06/password-reset-hack-exposed-in-hondas-e.html

Researchers have uncovered a new flaw (CVE-2023-28299) in the Microsoft Visual Studio installer that could allow attackers to impersonate trusted publishers and distribute malicious extensions.

Read details: https://thehackernews.com/2023/06/researchers-uncover-publisher-spoofing.html

Cybersecurity is evolving! Attack Surface Management is leading the 💪 frontlines. Want to know why it's critical for your organization?

👉 Learn more: https://thehackernews.com/2023/06/why-now-rise-of-attack-surface.html

Two Russian masterminds charged for orchestrating the 2014 Mt. Gox cryptocurrency exchange hack. These hackers stole a whopping 647,000 bitcoins and contributed to the exchange's collapse.

Read details: https://thehackernews.com/2023/06/two-russian-nationals-charged-for.html

⚠️ Attention, organizations! A global wave of email attacks is underway! Hackers are using "adversary-in-the-middle" techniques to bypass Office365 authentication and gain persistent access to compromised accounts.

Learn more: https://thehackernews.com/2023/06/adversary-in-middle-attack-campaign.html

Hackers are actively exploiting the latest Fortinet's FortiOS and FortiProxy flaw, targeting government, manufacturing, and critical infrastructure sectors.

Learn more: https://thehackernews.com/2023/06/critical-fortios-and-fortiproxy.html

Take immediate action and update to the latest firmware now!

Heads up, everyone! DoubleFinger, a multi-stage loader, delivers the notorious GreetingGhoul stealer, targeting cryptocurrency users worldwide in Europe, the U.S., and Latin America.

Learn more: https://thehackernews.com/2023/06/beware-new-doublefinger-loader-targets.html

Attention! Microsoft just released software updates to fix over 70 security vulnerabilities.

It's a relatively light patch load this month, and the best part? No active exploitation of zero-day vulnerabilities reported.

Read: https://thehackernews.com/2023/06/microsoft-releases-updates-to-patch.html

Researchers uncover Skuld, a potent Golang-based information stealer that targets Discord, web browsers, and sensitive files on Windows systems.

Read: https://thehackernews.com/2023/06/new-golang-based-skuld-malware-stealing.html

Heads up, online store owners! A critical flaw has been discovered in the WooCommerce Stripe Gateway WordPress plugin, potentially exposing sensitive information.

Learn more: https://thehackernews.com/2023/06/critical-security-vulnerability.html