Connecting to that ☕️ coffee shop's Wi-Fi? Beware! Attackers might be eavesdropping.

MiTM attacks, Rogue hotspots, Spoofing… Sounds complex?

Discover what these threats mean for you when using public Wi-Fi: https://thehackernews.com/2023/08/the-hidden-dangers-of-public-wi-fi.html

New Telekopye toolkit lets scammers easily create phishing pages. It's like a DIY scam-in-a-box powered by Telegram!

Learn more: https://thehackernews.com/2023/08/new-telegram-bot-telekopye-powering.html

North Korea's Lazarus Group hackers are exploiting a security flaw in Zoho ManageEngine to deploy the QuiteRAT trojan.

The key targets are Europe and U.S. internet infrastructure and healthcare entities.

Read: https://thehackernews.com/2023/08/lazarus-group-exploits-critical-zoho.html

⚠️ Alert! FBI warns that the recent patches for Barracuda Networks Email Security Gateway are ineffective against a critical flaw, CVE-2023-2868, with suspected Chinese hackers already exploiting it.

Read: https://thehackernews.com/2023/08/urgent-fbi-warning-barracuda-email.html

Remember the hacks on Uber, Revolut, & Rockstar Games?

Two U.K. teens from the LAPSUS$ gang convicted for high-profile hacks using SIM swapping, account takeovers & social engineering.

Read more: https://thehackernews.com/2023/08/two-lapsus-hackers-convicted-in-london.html

🛠️ Old tech can be a cyber risk! Understand why your legacy infrastructure might be leaving your business vulnerable.

Learn how to evaluate and communicate the real risks to your leadership.

Dive deeper into the strategies: https://thehackernews.com/2023/08/navigating-legacy-infrastructure-cisos.html

Chinese nation-state "Flax Typhoon" hacker group suspected in cyber espionage across Taiwanese organizations. They rely on living-off-the-land techniques for persistence, lateral movement, and gaining credentials.

Known more: https://thehackernews.com/2023/08/china-linked-flax-typhoon-cyber.html

⚡ Your Business Data =Your Superpower!

Did you know that businesses are harnessing their own unique data to enhance their AI/ML threat detection capabilities?

Learn how Comcast achieved this. Join this webinar : https://thehackernews.com/2023/08/learn-how-your-business-data-can.html

🚨 Kroll reveals that one of its employees was targeted in a sophisticated attack, resulting in the unauthorized exposure of sensitive files containing personal information of bankruptcy claimants for BlockFi, FTX, and Genesis.

Read: https://thehackernews.com/2023/08/kroll-suffers-data-breach-employee.html

The leak of LockBit 3.0 ransomware builder has led to the emergence of various new cyber threats: Bl00dy, Buhti, and NATIONAL HAZARD AGENCY.

Read: https://thehackernews.com/2023/08/lockbit-30-ransomware-builder-leak.html

Kaspersky discovered 396 different LockBit samples.

🚨 Beware: KmsdBot botnet malware has evolved, now targeting a wider range of IoT devices.

Learn more about this threat: https://thehackernews.com/2023/08/kmsdbot-malware-gets-upgrade-now.html

Cyberattacks are common and no company is immune. Regular scans & vulnerability assessments are crucial.

Understand the 8 key areas and 6 phases of vulnerability testing.

Read: https://thehackernews.com/2023/08/cyberattacks-targeting-e-commerce.html

🧑‍💻 Attention developers! Malicious packages found on Rust's crate registry. They target your machines, capture OS info, and use Telegram for data transfer.

Read: https://thehackernews.com/2023/08/developers-beware-malicious-rust.html

Be cautious!

🔓 Researchers find loophole in Microsoft Entra ID app, granting hackers unauthorized access through an abandoned URL.

Learn how they did it and how to stay safe: https://thehackernews.com/2023/08/experts-uncover-how-cybercriminals.html

⚠️ Heads up: Microsoft warns about a surge in AiTM phishing attacks. Hackers are using smart phishing-as-a-service (PhaaS) platforms to scale up their campaigns and bypass MFA protections.

Read details: https://thehackernews.com/2023/08/phishing-as-service-gets-smarter.html

🚨 Unpatched Citrix systems under attack! Unknown threat actors are exploiting a critical vulnerability (CVE-2023-3519) for #ransomware attacks.

Read details: https://thehackernews.com/2023/08/citrix-netscaler-alert-ransomware.html

New malspam campaign uses DarkGate malware to steal data, mine cryptocurrency, and evade detection.

Watch out for phishing emails with links to malicious MSI or VBScript files.

Read: https://thehackernews.com/2023/08/darkgate-malware-activity-spikes-as.html

DarkGate campaign rents out malware to limited affiliates.

Suspected Chinese hacking group UNC4841 exploited zero-day flaw in Barracuda ESG appliances to target government, military, and tech companies.

Read details: https://thehackernews.com/2023/08/chinese-hacking-group-exploits.html

💪 Operation Duck Hunt: QakBot, a powerful Windows malware, taken down. $8.6 million in crypto seized. It compromised 700k+ computers worldwide.

Read details here: https://thehackernews.com/2023/08/fbi-dismantles-qakbot-malware-frees.html

🚨 Critical Security Alert!

New authentication bypass and file write vulnerabilities found in VMware's Aria Operations Networks that could lead to remote code execution attacks.

Know more about CVE-2023-34039 and CVE-2023-20890: https://thehackernews.com/2023/08/critical-vulnerability-alert-vmware.html