CISOs, are you automating for efficiency in your SOC?

Troy Wilkinson, Tammy Moskites and Rob Geurtsen share insights on streamlining threat detection and response.

Learn more: https://thehackernews.com/2023/09/three-cisos-share-how-to-run-effective.html

🚨 New Phishing Alert 🎣

Iranian hackers deploying SideTwist backdoor in fresh phishing attack. Separate campaign features new variant of Agent Tesla malware.

Learn about their tactics here: https://thehackernews.com/2023/09/alert-phishing-campaigns-deliver-new.html

🚨 Urgent update!

Google's latest patch addresses a high-severity vulnerability in the Android Framework (CVE-2023-35674) that is currently being actively exploited in the wild.

Learn more: https://thehackernews.com/2023/09/zero-day-alert-latest-android-patch.html

From a crash dump to a security jackpot!

Microsoft reveals how China-based hacker group Storm-0558 hacked an engineer's corporate account, discovering a crash dump in the debugging environment that led to the theft of an #Outlook signing key.

https://thehackernews.com/2023/09/outlook-breach-microsoft-reveals-how.html

🚨 Beware! A new Mirai botnet variant named Pandora is compromising Android-based TV sets, transforming them into DDoS attack bots.

Discover how the Pandora exploits these devices: https://thehackernews.com/2023/09/mirai-botnet-variant-pandora-hijacks.html

Apache SuperSet users, beware!

A critical update has been released to patch two new vulnerabilities (CVE-2023-39265 & CVE-2023-37941) that could expose your servers to remote code execution attacks.

Find out here: https://thehackernews.com/2023/09/alert-apache-superset-vulnerabilities.html

🚨 Beware of the latest macOS threat! A new malvertising campaign is actively spreading Atomic Stealer malware, targeting gamers and crypto users.

Read: https://thehackernews.com/2023/09/mac-users-beware-malvertising-campaign.html

Are your defenses up to date?

🚨 Urgent Spyware Alert!

Apple patched 2 new zero-day vulnerabilities in iOS, iPadOS & macOS devices, exploited in a zero-click iMessage exploit chain called BLASTPASS to deploy Pegasus spyware.

Read details & PATCH your devices ASAP: https://thehackernews.com/2023/09/apple-rushes-to-patch-zero-day-flaws.html

📢 Cybersecurity Alert:

CISA Warns of multiple nation-state threat actors exploiting vulnerabilities in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus to compromise critical systems.

Discover the tactics: https://thehackernews.com/2023/09/cisa-warning-nation-state-hackers.html

ALERT: North Korean hackers exploiting zero-day bugs and using fake social media accounts to compromise cybersecurity researchers.

Learn how they're doing it: https://thehackernews.com/2023/09/north-korean-hackers-exploit-zero-day.html

Cisco takes action against critical security flaw in BroadWorks platform, while Juniper Networks and Tenda Modem Router also face vulnerabilities.

Find out what you need to know to keep your systems safe: https://thehackernews.com/2023/09/cisco-issues-urgent-fix-for.html

Lazarus group hackers are targeting Microsoft IIS servers. Get expert insights and practical tips to defend your web infrastructure from cyber threats.

Read here: https://thehackernews.com/2023/09/protecting-your-microsoft-iis-servers.html

U.S. and U.K. governments have jointly imposed sanctions on 11 individuals connected to the Russia-based TrickBot cybercrime group, accused of targeting U.S. companies in cyberattacks.

Read details here: https://thehackernews.com/2023/09/uk-and-us-sanction-11-russia-based.html

Discover how cybercriminals are abusing Advanced Installer, a popular software installation packaging tool, to deploy cryptocurrency mining malware.

Read here: https://thehackernews.com/2023/09/cybercriminals-weaponizing-legitimate.html

Beware of impostor apps in the Google Play Store. Fake Telegram apps have been stealing data from millions of Android users.

Read: https://thehackernews.com/2023/09/millions-infected-by-spyware-hidden-in.html

Google rolls out Privacy Sandbox for Chrome. Take a closer look at how it replaces tracking cookies with privacy-friendly alternatives.

Read details: https://thehackernews.com/2023/09/google-chrome-rolls-out-support-for.html

HijackLoader, a new stealthy malware loader, is making waves in the cybercriminal world. Learn how it delivers dangerous payloads and evades security measures.

Read: https://thehackernews.com/2023/09/new-hijackloader-modular-malware-loader.html

"Steal-It" campaign targets Windows systems in Australia, Poland, and Belgium. Learn how attackers use PowerShell scripts to steal NTLMv2 hashes.

Read: https://thehackernews.com/2023/09/cybercriminals-using-powershell-to.html

Charming Kitten strikes again! Latest report reveals their campaign using 'Sponsor' backdoor, targeting Brazil, Israel, and U.A.E.

Read: https://thehackernews.com/2023/09/charming-kitens-new-backdoor-sponsor.html

API security is crucial. Discover how authentication, encryption, and design protect APIs. Follow key steps to secure your APIs and safeguard customer data.

Read: https://thehackernews.com/2023/09/how-to-prevent-api-breaches-guide-to.html