⚡️September 2023 Patch Tuesday — Microsoft addresses 59 bugs, including actively exploited zero-day flaws.

Read: https://thehackernews.com/2023/09/microsoft-releases-patch-for-two-new.html

Microsoft sounds the alarm on Storm-0324's tactics, luring its prey through Teams messages to breach corporate networks.

Read: https://thehackernews.com/2023/09/microsoft-warns-of-new-phishing.html

The New Battlefield: Cyberattacks have transformed warfare, with nations like Russia, China, and North Korea wielding digital weapons. Explore the tactics, threats, and global implications of this evolving digital force.

Read: https://thehackernews.com/2023/09/how-cyberattacks-are-transforming.html

A new ransomware, 3AM, has emerged! It's written in Rust and aims to encrypt files while deleting Volume Shadow copies.

Read: https://thehackernews.com/2023/09/rust-written-3am-ransomware-sneak-peek.html

Microsoft Azure HDInsight service had 8 XSS vulnerabilities. Learn how they could lead to data breaches, session hijacking attacks, and impact your organization.

Read: https://thehackernews.com/2023/09/researchers-detail-8-vulnerabilities-in.html

Identity is the New Endpoint: Mastering SaaS Security in the Modern Age

Dive deep into the future of SaaS security with Maor Bin, CEO of Adaptive Shield. Discover why identity is the new endpoint.

Secure your spot now: https://thehackernews.com/2023/09/webinar-identity-threat-detection.html

Russian journalist Galina Timchenko's iPhone was hacked with NSO Group's Pegasus spyware, using a zero-click exploit known as PWNYOURHOME.

Read: https://thehackernews.com/2023/09/russian-journalists-iphone-compromised.html

A high-severity Time-of-Check to Time-of-Use (TOCTOU) (CVE-2023-27470) in N-Able's Take Control Agent could give hackers SYSTEM privileges.

Find out how it works: https://thehackernews.com/2023/09/n-ables-take-control-agent.html

🚨 Attention Linux and macOS users!

Critical vulnerabilities in the ncurses library have been discovered. Find out how threat actors could elevate privileges and run malicious code.

Details: https://thehackernews.com/2023/09/microsoft-uncovers-flaws-in-ncurses.html

Linux Users Beware: A stealthy supply chain attack went undetected for 3+ years, stealing passwords and more.

Learn how a trusted "Free Download Manager" site turned malicious and distributed malware.

Read: https://thehackernews.com/2023/09/free-download-manager-site-compromised.html

🔒 Secure offboarding is essential in today's IT landscape. Learn about common pitfalls and how to avoid them in this must-read article.

Read: https://thehackernews.com/2023/09/avoid-these-5-it-offboarding-pitfalls.html

🚨 Critical security flaws discovered in Kubernetes could lead to remote code execution with elevated privileges on Windows endpoints within a cluster.

Learn more about CVE-2023-3676, CVE-2023-3893, and CVE-2023-3955: https://thehackernews.com/2023/09/alert-new-kubernetes-vulnerabilities.html

Microsoft reveals Iranian nation-state actors' password spray attacks targeting the satellite, defense, and pharmaceutical sectors globally.

Learn more about this: https://thehackernews.com/2023/09/iranian-nation-state-actors-employ.html

Cybercriminals behind RedLine and Vidar info-stealers have shifted their focus towards ransomware, employing phishing campaigns and leveraging Extended Validation (EV) code signing certificates.

Read details: https://thehackernews.com/2023/09/cybercriminals-combine-phishing-and-ev.html

⚠️ Attention Facebook Business Users: Python-based NodeStealer #malware has returned. It now targets multiple web browsers to maliciously take over accounts.

Read: https://thehackernews.com/2023/09/nodestealer-malware-now-targets.html

IoT devices are reshaping our world, but also becoming targets for cyberattacks. Learn about IoT-driven DDoS attacks and how to defend against them in our latest article.

Read: https://thehackernews.com/2023/09/ddos-20-iot-sparks-new-ddos-alert.html

Google to Pay $93 Million in Location-Privacy Lawsuit Settlement! California Attorney General exposes Google's misleading practices.

Read details: https://thehackernews.com/2023/09/google-agrees-to-93-million-settlement.html

The rise in cybersecurity vulnerabilities is alarming! Discover the importance of automated threat intelligence in today's digital landscape.

Read: https://thehackernews.com/2023/09/the-interdependence-between-automated.html

TikTok faces a whopping €345 million fine for mishandling children's data in the E.U.

Default public settings, lack of transparency, and more led to this hefty penalty.

Learn more: https://thehackernews.com/2023/09/tiktok-faces-massive-345-million-fine.html

Major crypto hacks by Lazarus Group: Reports confirm $240M stolen since June 2023, with $31M swiped from CoinEx. Find out how they're shifting their focus.

Read: https://thehackernews.com/2023/09/north-koreas-lazarus-group-suspected-in.html