Latest report uncovers connection between China's Ministry of State Security hackers and global cyber attacks.

RedHotel Group carried out extensive intrusions across 17 countries.

Learn more: https://thehackernews.com/2023/08/china-linked-hackers-strike-worldwide.html

Struggling to keep up with evolving cyber threats?

Explore the power of Penetration Testing as a Service (PTaaS) – a combination of AI, automation, and human expertise for continuous security validation.

Learn more: https://thehackernews.com/2023/08/continuous-security-validation-with.html

🚨 CPU Security Alert: Collide+Power, Downfall, and Inception!

New side-channel attacks exploit vulnerabilities in all modern Intel and AMD CPUs, risking data theft and unauthorized access.

Dive into the details: https://thehackernews.com/2023/08/collidepower-downfall-and-inception-new.html

A Blow to Cybercriminals!

Interpol takes down phishing-as-a-service platform 16Shop and makes arrests in Indonesia and Japan. Operation targets large-scale phishing attacks.

Learn how this operation: https://thehackernews.com/2023/08/interpol-busts-phishing-as-service.html

Cybercriminals are increasingly using 'EvilProxy' Phishing-as-a-Service (PhaaS) toolkit to carry out account takeovers.

Their primary targets are C-level executives, resulting in thousands of breached Microsoft 365 accounts.

Details: https://thehackernews.com/2023/08/cybercriminals-increasingly-using.html

Researchers uncover critical security flaws in the popular Chinese language input app, Tencent's Sogou Input Method, putting over 455 million monthly users at risk.

Details 👉 https://thehackernews.com/2023/08/encryption-flaws-in-popular-chinese.html

New Threat Alert: Malicious actors are leveraging the legitimate Rust-based injector Freeze[.]rs to deploy the XWorm malware in targeted environments.

https://thehackernews.com/2023/08/new-attack-alert-freezers-injector.html

🚨 New attack vector alert! Attackers leveraging Microsoft Cross-Tenant Synchronization for lateral movement & persistence.

Learn how Vectra AI reveals insights on this technique and helps defenders stay ahead.

Read the full article: https://thehackernews.com/2023/08/emerging-attacker-exploit-microsoft.html

Researchers uncover Statc Stealer, a dangerous malware targeting Windows devices. It steals login data, cookies, cryptocurency wallets, and sensitive information.

Find out more in this: https://thehackernews.com/2023/08/new-statc-stealer-malware-emerges-your.html

⚠️ CISA has added a high-severity security flaw (CVE-2023-38180) in Microsoft's .NET and Visual Studio to its Known Exploited Vulnerabilities catalog.

For more details, check out: https://thehackernews.com/2023/08/cisa-adds-microsoft-net-vulnerability.html

🚨A series of 15 high-severity vulnerabilities dubbed CoDe16 have been uncovered in CODESYS V3 SDK, posing RCE and DoS risks to Operational Technology (OT) environments.

Find out more about these: https://thehackernews.com/2023/08/15-new-codesys-sdk-flaws-expose-ot.html

Russian threat actors suspected in cyberattack on South African power company using a new variant of the SystemBC #malware called DroxiDat.

Read details here: https://thehackernews.com/2023/08/new-systembc-malware-variant-targets.html

APT31 has been linked to the use of sophisticated backdoors that are capable of stealing sensitive data, even from air-gapped systems.

To learn more about their cyber espionage tactics, visit: https://thehackernews.com/2023/08/researchers-shed-light-on-apt31s.html

🔑🔒 Google Chrome 116 add support for quantum-resistant encryption algorithms to encrypt TLS connections.

Learn more about X25519Kyber768: https://thehackernews.com/2023/08/enhancing-tls-security-google-adds.html

Decade-Long Cyber Espionage Operation!

MoustachedBouncer targets foreign embassies in Belarus. Discover how this skilled group employs AitM attacks and advanced tools.

Read: https://thehackernews.com/2023/08/researchers-uncover-decade-long-cyber.html

🚨 Critical Python URL parsing flaw (CVE-2023-24329) discovered! Allows domain filter bypass, enabling file reads & command execution.

Find details here: https://thehackernews.com/2023/08/new-python-url-parsing-flaw-enables.html

European and U.S. agencies bust cybercrime hub!

Lolek Hosted, a bulletproof hosting service aiding cyber-attacks and malware distribution, dismantled.

Admins arrested, servers seized.

Read: https://thehackernews.com/2023/08/lolek-bulletproof-hosting-servers.html

AudioCodes desk phones and Zoom's Zero Touch Provisioning (ZTP) vulnerabilities exposed!

Eavesdrop, infiltrate networks, or even forge botnets.

Read how vulnerabilities are exploited: https://thehackernews.com/2023/08/zoom-ztp-audiocodes-phones-flaws.html

⚡ Don't flip the switch!

Major security vulnerabilities have been uncovered in CyberPower and Dataprobe systems. Hackers could potentially exploit these flaws to carry out mass shutdowns and launch devastating attacks.

Read: https://thehackernews.com/2023/08/multiple-flaws-in-cyberpower-and.html

💪🔐 A new era of data protection begins in India!

President approves the Digital Personal Data Protection Bill, reinforcing the importance of lawful data processing while respecting personal privacy.

Read details: https://thehackernews.com/2023/08/india-passes-new-digital-personal-data.html