π’ Cybersecurity Alert:
CISA Warns of multiple nation-state threat actors exploiting vulnerabilities in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus to compromise critical systems.
Discover the tactics: https://thehackernews.com/2023/09/cisa-warning-nation-state-hackers.html
CISA Warns of multiple nation-state threat actors exploiting vulnerabilities in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus to compromise critical systems.
Discover the tactics: https://thehackernews.com/2023/09/cisa-warning-nation-state-hackers.html
β‘11π8π6
ALERT: North Korean hackers exploiting zero-day bugs and using fake social media accounts to compromise cybersecurity researchers.
Learn how they're doing it: https://thehackernews.com/2023/09/north-korean-hackers-exploit-zero-day.html
Learn how they're doing it: https://thehackernews.com/2023/09/north-korean-hackers-exploit-zero-day.html
π20π€7π6π3
Cisco takes action against critical security flaw in BroadWorks platform, while Juniper Networks and Tenda Modem Router also face vulnerabilities.
Find out what you need to know to keep your systems safe: https://thehackernews.com/2023/09/cisco-issues-urgent-fix-for.html
Find out what you need to know to keep your systems safe: https://thehackernews.com/2023/09/cisco-issues-urgent-fix-for.html
π€8π5π2
Lazarus group hackers are targeting Microsoft IIS servers. Get expert insights and practical tips to defend your web infrastructure from cyber threats.
Read here: https://thehackernews.com/2023/09/protecting-your-microsoft-iis-servers.html
Read here: https://thehackernews.com/2023/09/protecting-your-microsoft-iis-servers.html
π€13π12π₯7π€―5π2π1
U.S. and U.K. governments have jointly imposed sanctions on 11 individuals connected to the Russia-based TrickBot cybercrime group, accused of targeting U.S. companies in cyberattacks.
Read details here: https://thehackernews.com/2023/09/uk-and-us-sanction-11-russia-based.html
Read details here: https://thehackernews.com/2023/09/uk-and-us-sanction-11-russia-based.html
π36π₯4π4β‘3
Discover how cybercriminals are abusing Advanced Installer, a popular software installation packaging tool, to deploy cryptocurrency mining malware.
Read here: https://thehackernews.com/2023/09/cybercriminals-weaponizing-legitimate.html
Read here: https://thehackernews.com/2023/09/cybercriminals-weaponizing-legitimate.html
π15π13π₯11π6β‘5
Beware of impostor apps in the Google Play Store. Fake Telegram apps have been stealing data from millions of Android users.
Read: https://thehackernews.com/2023/09/millions-infected-by-spyware-hidden-in.html
Read: https://thehackernews.com/2023/09/millions-infected-by-spyware-hidden-in.html
π44π±19π8π₯7β‘6π€5π€―5
Google rolls out Privacy Sandbox for Chrome. Take a closer look at how it replaces tracking cookies with privacy-friendly alternatives.
Read details: https://thehackernews.com/2023/09/google-chrome-rolls-out-support-for.html
Read details: https://thehackernews.com/2023/09/google-chrome-rolls-out-support-for.html
π22π€13π8π€―6π±1
HijackLoader, a new stealthy malware loader, is making waves in the cybercriminal world. Learn how it delivers dangerous payloads and evades security measures.
Read: https://thehackernews.com/2023/09/new-hijackloader-modular-malware-loader.html
Read: https://thehackernews.com/2023/09/new-hijackloader-modular-malware-loader.html
π18β‘4π±3π2
"Steal-It" campaign targets Windows systems in Australia, Poland, and Belgium. Learn how attackers use PowerShell scripts to steal NTLMv2 hashes.
Read: https://thehackernews.com/2023/09/cybercriminals-using-powershell-to.html
Read: https://thehackernews.com/2023/09/cybercriminals-using-powershell-to.html
π12π8π7β‘2
Charming Kitten strikes again! Latest report reveals their campaign using 'Sponsor' backdoor, targeting Brazil, Israel, and U.A.E.
Read: https://thehackernews.com/2023/09/charming-kitens-new-backdoor-sponsor.html
Read: https://thehackernews.com/2023/09/charming-kitens-new-backdoor-sponsor.html
π7π6π€3
API security is crucial. Discover how authentication, encryption, and design protect APIs. Follow key steps to secure your APIs and safeguard customer data.
Read: https://thehackernews.com/2023/09/how-to-prevent-api-breaches-guide-to.html
Read: https://thehackernews.com/2023/09/how-to-prevent-api-breaches-guide-to.html
π19β‘9π₯1
WEBINAR β Think your identity protection is secure? Think again. Discover the hidden vulnerabilities in your organization's identity protection.
Join our webinar to learn about security gaps in the Identity Attack Surface.
Register now: https://thehacker.news/identity-attack-surface
Join our webinar to learn about security gaps in the Identity Attack Surface.
Register now: https://thehacker.news/identity-attack-surface
thehacker.news
Way Too Vulnerable: Uncovering the State of the Identity Attack Surface
Achieved MFA? PAM? Service account protection? Find out how well-equipped your organization truly is against identity threats
π24π±5
Beware of the latest Facebook Messenger phishing attack! Attackers are taking over accounts through malicious attachments.
Read: https://thehackernews.com/2023/09/vietnamese-hackers-deploy-python-based.html
Read: https://thehackernews.com/2023/09/vietnamese-hackers-deploy-python-based.html
π29π±8π€―7π4π₯2
Urgent: Google releases patch for a new Chrome zero-day vulnerability (CVE-2023-4863) that's being exploited in the wild.
Read: https://thehackernews.com/2023/09/google-rushes-to-patch-critical-chrome.html
Don't waitβupdate your browser now to protect against potential cyber threats.
Read: https://thehackernews.com/2023/09/google-rushes-to-patch-critical-chrome.html
Don't waitβupdate your browser now to protect against potential cyber threats.
π30π₯6β‘2
π¨ Beware, Mac users! MetaStealer, a new info-stealer malware, is targeting macOS. Learn how it's posing as prospective clients to trick victims into launching malicious payloads.
Learn more: https://thehackernews.com/2023/09/beware-metastealer-malware-targets.html
Learn more: https://thehackernews.com/2023/09/beware-metastealer-malware-targets.html
π32
π»π Beware of the latest phishing attack! Attackers are using Microsoft Word docs to spread malware like Agent Tesla, OriginBotnet, and RedLine Clipper.
Learn more about this threat: https://thehackernews.com/2023/09/sophisticated-phishing-campaign.html
Learn more about this threat: https://thehackernews.com/2023/09/sophisticated-phishing-campaign.html
π₯20π€―9π3π€3π2
π¨ New GitHub Security Alert!
A race condition vulnerability in GitHub could have over 4,000 code packages to repojacking attacks! Learn how this threat could have impacted the open-source community.
Read: https://thehackernews.com/2023/09/critical-github-vulnerability-exposes.html
A race condition vulnerability in GitHub could have over 4,000 code packages to repojacking attacks! Learn how this threat could have impacted the open-source community.
Read: https://thehackernews.com/2023/09/critical-github-vulnerability-exposes.html
π17π±13π₯8
Your SaaS apps could be a breeding ground for cyber threats.
Find out how CISOs and IT teams are prioritizing SaaS security in this comprehensive article.
Read: https://thehackernews.com/2023/09/7-steps-to-kickstart-your-saas-security.html
Find out how CISOs and IT teams are prioritizing SaaS security in this comprehensive article.
Read: https://thehackernews.com/2023/09/7-steps-to-kickstart-your-saas-security.html
π23π2π2π₯1
β οΈ Critical Security Update: Mozilla is urgently fixing a zero-day vulnerability (CVE-2023-4863), actively exploited in browsers. It can be triggered by tricking victims into opening a malicious WebP image.
Read: https://thehackernews.com/2023/09/mozilla-rushes-to-patch-webp-critical.html
Read: https://thehackernews.com/2023/09/mozilla-rushes-to-patch-webp-critical.html
π±24π13π9π€―6π5