Five Eyes intelligence alliance reveals a Russian state-sponsored actor, Sandworm, behind mobile malware 'Infamous Chisel' targeting Ukrainian military Android devices.

Learn more: https://thehackernews.com/2023/09/russian-state-backed-infamous-chisel.html

Ever wondered how hackers get your credentials? They buy them, steal them, or find them in memory dumps.

Get the scoop on this growing threat and discover how Silverfort Unified Identity Protection can fortify your defenses.

Read: https://thehackernews.com/2023/09/its-zero-day-its-malware-no-its.html

Hackers target poorly secured MS SQL servers to deploy Cobalt Strike and the new FreeWorld ransomware.

Learn how they operate in this latesr report: https://thehackernews.com/2023/09/threat-actors-targeting-microsoft-sql.html

Beware! Okta warns of social engineering attacks aimed at admin credentials. Threat actors are manipulating multi-factor authentication settings.

Read on to stay secure: https://thehackernews.com/2023/09/okta-warns-of-social-engineering.html

Exploit code now available for critical SSH authentication bypass flaw in VMware Aria Operations for Networks. Discover how CVE-2023-34039 could lead to unauthorized access.

Read detais: https://thehackernews.com/2023/09/poc-exploit-released-for-critical.html

Vietnamese cybercriminals are using Facebook ads to deliver malware and hijack accounts.

Learn about their tactics to breach accounts, steal data, and spread their reach.

Read: https://thehackernews.com/2023/09/vietnamese-cybercriminals-targeting.html

🚨 Beware! A large-scale smishing campaign is hitting the U.S. through compromised Apple iCloud accounts. Cybercriminals are after your identity and finances.

Learn tactics, shield against this online menace: https://thehackernews.com/2023/09/chinese-speaking-cybercriminals-launch.html

🤖 AI: Hype vs. Reality ...

Self-driving cars, robot overlords—separating fact from fiction. Explore how AI is reshaping industries, what it can and can't do, and how businesses can harness its potential.

Learn more: https://thehackernews.com/2023/09/everything-you-wanted-to-know-about-ai.html

Don't be fooled by the buzz!

X Corp (formerly Twitter) has updated its privacy policy to collect biometric data from premium users in order to prevent fraud and impersonation. Users can also submit a photocopy of their government ID for verification.

Details: https://thehackernews.com/2023/09/x-twitter-to-collect-biometric-data.html

An unknown attacker exploited vulnerabilities (CVE-2023-28432 and CVE-2023-28434) in MinIO storage system for unauthorized code execution. How did they backdoor it?

Details revealed by Security Joes: https://thehackernews.com/2023/09/hackers-exploit-minio-storage-system.html

Meta thwarts China and Russia's massive influence ops! Thousands of accounts and pages blocked across platforms.

Learn more about this: https://thehackernews.com/2023/09/meta-takes-down-thousands-of-accounts.html

Learn about North Korean Andariel group's advanced malware attacks on South Korean corporations using Go language-based strains.

Details here: https://thehackernews.com/2023/09/researchers-warn-of-cyber-weapons-used.html

Chaes malware leveled up by switching to Python, refining communication, and slipping through defenses.

Learn how Lucifer - the group behind it - targeting Banking and logistics industries.

Read details: https://thehackernews.com/2023/09/new-python-variant-of-chaes-malware.html

Is your organization's Identity Attack Surface well-guarded? Join us for an enlightening webinar led by Hed Kovetz , CEO of Silverfort.

Get answers to your burning questions and fortify your defenses.

https://thehackernews.com/2023/09/way-too-vulnerable-join-this-webinar-to.html

Don't miss out - reserve your spot now!

New BLISTER update spotted!

Part of SocGholish attacks, it spreads an open-source C2 framework called Mythic. Enhanced targeting & lower exposure in VMs/sandboxes make it a potent threat.

Learn more: https://thehackernews.com/2023/09/new-blister-malware-update-fuelling.html

Ukraine's CERT-UA fends off a cyberattack on critical energy infrastructure. Learn how a phishing email led to an infiltration attempt by APT28.

Read more: https://thehackernews.com/2023/09/ukraines-cert-thwarts-apt28s.html

A hidden "phishing empire" dubbed W3LL Store has compromised 8,000+ Microsoft 365 business email accounts.

Discover the evolution of this phishing-as-a-service: https://thehackernews.com/2023/09/w3ll-store-how-secret-phishing.html

🚨 9 new vulnerabilities exposed in Schweitzer Engineering Laboratories' power management products.

Learn how attackers could exploit these flaws to gain control: https://thehackernews.com/2023/09/9-alarming-vulnerabilities-uncovered-in.html

CISOs, are you automating for efficiency in your SOC?

Troy Wilkinson, Tammy Moskites and Rob Geurtsen share insights on streamlining threat detection and response.

Learn more: https://thehackernews.com/2023/09/three-cisos-share-how-to-run-effective.html

🚨 New Phishing Alert 🎣

Iranian hackers deploying SideTwist backdoor in fresh phishing attack. Separate campaign features new variant of Agent Tesla malware.

Learn about their tactics here: https://thehackernews.com/2023/09/alert-phishing-campaigns-deliver-new.html