WEBINAR β Think your identity protection is secure? Think again. Discover the hidden vulnerabilities in your organization's identity protection.
Join our webinar to learn about security gaps in the Identity Attack Surface.
Register now: https://thehacker.news/identity-attack-surface
Join our webinar to learn about security gaps in the Identity Attack Surface.
Register now: https://thehacker.news/identity-attack-surface
thehacker.news
Way Too Vulnerable: Uncovering the State of the Identity Attack Surface
Achieved MFA? PAM? Service account protection? Find out how well-equipped your organization truly is against identity threats
π24π±5
Beware of the latest Facebook Messenger phishing attack! Attackers are taking over accounts through malicious attachments.
Read: https://thehackernews.com/2023/09/vietnamese-hackers-deploy-python-based.html
Read: https://thehackernews.com/2023/09/vietnamese-hackers-deploy-python-based.html
π29π±8π€―7π4π₯2
Urgent: Google releases patch for a new Chrome zero-day vulnerability (CVE-2023-4863) that's being exploited in the wild.
Read: https://thehackernews.com/2023/09/google-rushes-to-patch-critical-chrome.html
Don't waitβupdate your browser now to protect against potential cyber threats.
Read: https://thehackernews.com/2023/09/google-rushes-to-patch-critical-chrome.html
Don't waitβupdate your browser now to protect against potential cyber threats.
π30π₯6β‘2
π¨ Beware, Mac users! MetaStealer, a new info-stealer malware, is targeting macOS. Learn how it's posing as prospective clients to trick victims into launching malicious payloads.
Learn more: https://thehackernews.com/2023/09/beware-metastealer-malware-targets.html
Learn more: https://thehackernews.com/2023/09/beware-metastealer-malware-targets.html
π32
π»π Beware of the latest phishing attack! Attackers are using Microsoft Word docs to spread malware like Agent Tesla, OriginBotnet, and RedLine Clipper.
Learn more about this threat: https://thehackernews.com/2023/09/sophisticated-phishing-campaign.html
Learn more about this threat: https://thehackernews.com/2023/09/sophisticated-phishing-campaign.html
π₯20π€―9π3π€3π2
π¨ New GitHub Security Alert!
A race condition vulnerability in GitHub could have over 4,000 code packages to repojacking attacks! Learn how this threat could have impacted the open-source community.
Read: https://thehackernews.com/2023/09/critical-github-vulnerability-exposes.html
A race condition vulnerability in GitHub could have over 4,000 code packages to repojacking attacks! Learn how this threat could have impacted the open-source community.
Read: https://thehackernews.com/2023/09/critical-github-vulnerability-exposes.html
π17π±13π₯8
Your SaaS apps could be a breeding ground for cyber threats.
Find out how CISOs and IT teams are prioritizing SaaS security in this comprehensive article.
Read: https://thehackernews.com/2023/09/7-steps-to-kickstart-your-saas-security.html
Find out how CISOs and IT teams are prioritizing SaaS security in this comprehensive article.
Read: https://thehackernews.com/2023/09/7-steps-to-kickstart-your-saas-security.html
π23π2π2π₯1
β οΈ Critical Security Update: Mozilla is urgently fixing a zero-day vulnerability (CVE-2023-4863), actively exploited in browsers. It can be triggered by tricking victims into opening a malicious WebP image.
Read: https://thehackernews.com/2023/09/mozilla-rushes-to-patch-webp-critical.html
Read: https://thehackernews.com/2023/09/mozilla-rushes-to-patch-webp-critical.html
π±24π13π9π€―6π5
β οΈ Urgent: Adobe's September 2023 update addresses a new zero-day vulnerability (CVE-2023-26369) in Acrobat and Reader that attackers are exploiting in the wild.
Read: https://thehackernews.com/2023/09/update-adobe-acrobat-and-reader-to.html
Read: https://thehackernews.com/2023/09/update-adobe-acrobat-and-reader-to.html
π₯14π€―7π4π4
β‘οΈSeptember 2023 Patch Tuesday β Microsoft addresses 59 bugs, including actively exploited zero-day flaws.
Read: https://thehackernews.com/2023/09/microsoft-releases-patch-for-two-new.html
Read: https://thehackernews.com/2023/09/microsoft-releases-patch-for-two-new.html
π12β‘11π€―9π₯5π±2
Microsoft sounds the alarm on Storm-0324's tactics, luring its prey through Teams messages to breach corporate networks.
Read: https://thehackernews.com/2023/09/microsoft-warns-of-new-phishing.html
Read: https://thehackernews.com/2023/09/microsoft-warns-of-new-phishing.html
π13π4
The New Battlefield: Cyberattacks have transformed warfare, with nations like Russia, China, and North Korea wielding digital weapons. Explore the tactics, threats, and global implications of this evolving digital force.
Read: https://thehackernews.com/2023/09/how-cyberattacks-are-transforming.html
Read: https://thehackernews.com/2023/09/how-cyberattacks-are-transforming.html
π14π8β‘2π₯2π€1π€―1
A new ransomware, 3AM, has emerged! It's written in Rust and aims to encrypt files while deleting Volume Shadow copies.
Read: https://thehackernews.com/2023/09/rust-written-3am-ransomware-sneak-peek.html
Read: https://thehackernews.com/2023/09/rust-written-3am-ransomware-sneak-peek.html
π₯26π8π3β‘2
Microsoft Azure HDInsight service had 8 XSS vulnerabilities. Learn how they could lead to data breaches, session hijacking attacks, and impact your organization.
Read: https://thehackernews.com/2023/09/researchers-detail-8-vulnerabilities-in.html
Read: https://thehackernews.com/2023/09/researchers-detail-8-vulnerabilities-in.html
π9π4π€3π₯2π1
Identity is the New Endpoint: Mastering SaaS Security in the Modern Age
Dive deep into the future of SaaS security with Maor Bin, CEO of Adaptive Shield. Discover why identity is the new endpoint.
Secure your spot now: https://thehackernews.com/2023/09/webinar-identity-threat-detection.html
Dive deep into the future of SaaS security with Maor Bin, CEO of Adaptive Shield. Discover why identity is the new endpoint.
Secure your spot now: https://thehackernews.com/2023/09/webinar-identity-threat-detection.html
π17π€9π₯4π2π€―1
Russian journalist Galina Timchenko's iPhone was hacked with NSO Group's Pegasus spyware, using a zero-click exploit known as PWNYOURHOME.
Read: https://thehackernews.com/2023/09/russian-journalists-iphone-compromised.html
Read: https://thehackernews.com/2023/09/russian-journalists-iphone-compromised.html
π±38π14π€―13π6π6β‘4π₯4π€2
A high-severity Time-of-Check to Time-of-Use (TOCTOU) (CVE-2023-27470) in N-Able's Take Control Agent could give hackers SYSTEM privileges.
Find out how it works: https://thehackernews.com/2023/09/n-ables-take-control-agent.html
Find out how it works: https://thehackernews.com/2023/09/n-ables-take-control-agent.html
π₯15π9π€―4π±2π1
π¨ Attention Linux and macOS users!
Critical vulnerabilities in the ncurses library have been discovered. Find out how threat actors could elevate privileges and run malicious code.
Details: https://thehackernews.com/2023/09/microsoft-uncovers-flaws-in-ncurses.html
Critical vulnerabilities in the ncurses library have been discovered. Find out how threat actors could elevate privileges and run malicious code.
Details: https://thehackernews.com/2023/09/microsoft-uncovers-flaws-in-ncurses.html
π₯16π7π4π4π±4
Linux Users Beware: A stealthy supply chain attack went undetected for 3+ years, stealing passwords and more.
Learn how a trusted "Free Download Manager" site turned malicious and distributed malware.
Read: https://thehackernews.com/2023/09/free-download-manager-site-compromised.html
Learn how a trusted "Free Download Manager" site turned malicious and distributed malware.
Read: https://thehackernews.com/2023/09/free-download-manager-site-compromised.html
π€―20π10π₯10π1π1π±1
π Secure offboarding is essential in today's IT landscape. Learn about common pitfalls and how to avoid them in this must-read article.
Read: https://thehackernews.com/2023/09/avoid-these-5-it-offboarding-pitfalls.html
Read: https://thehackernews.com/2023/09/avoid-these-5-it-offboarding-pitfalls.html
π10π8π₯2