🔥 Alert: FIN7 hackers are impersonating trusted names like AnyDesk, WinSCP, BlackRock, and more to lure victims into their malware trap through malicious Google ads.

Read: https://thehackernews.com/2024/05/fin7-hacker-group-leverages-malicious.html

🚨 Attention Python developers!

A malicious PyPI package, "requests-darwin-lite," posing as a fork of the popular "requests" library, has been spotted that's hiding Golang-based Sliver C2 framework in a PNG image.

Details here: https://thehackernews.com/2024/05/malicious-python-package-hides-sliver.html

🚨 Attention - Black Basta ransomware operation has targeted over 500 entities across various sectors since April 2022.

Learn more about their tactics and how to protect your organization: https://thehackernews.com/2024/05/black-basta-ransomware-strikes-500.html

Researchers have uncovered multiple severe security flaws in Cinterion cellular modems that could put your communication networks and IoT devices at risk.

Learn more about the risks and how to mitigate them: https://thehackernews.com/2024/05/severe-vulnerabilities-in-cinterion.html

MITREcorp has launched EMB3D, a new threat-modeling framework for embedded devices used in critical infrastructure.


Read: https://thehackernews.com/2024/05/mitre-unveils-emb3d-threat-modeling.html

🔒 Browser Security Alert: Did you know that 62% of the workforce uses unmanaged devices to access corporate data?

Learn more about the risks and how to protect your organization in the Annual Browser Security Report 2024.

Read: https://thehackernews.com/2024/05/the-2024-browser-security-report.html

🕵️‍♀️ Worried about Bluetooth stalkers?

🛡️ Apple & Google just launched cross-platform feature "Detecting Unwanted Location Trackers" on iOS & Android to protect users from unauthorized tracking.

Read: https://thehackernews.com/2024/05/apple-and-google-launch-cross-platform.html

🚨 Attention - A new social engineering campaign is targeting enterprises with spam emails to gain initial access. The threat actor overwhelms users' email and calls them, offering assistance to resolve the issue.

Learn more: https://thehackernews.com/2024/05/ongoing-campaign-bombarded-enterprises.html

🔐 Researchers uncover critical vulnerabilities in Cacti, a popular open-source network monitoring tool. Don't wait, update your instances to version 1.2.27 today.

More info in the article.: https://thehackernews.com/2024/05/critical-flaws-in-cacti-framework-could.html

🔒 Is your organization's cybersecurity at risk due to human users? Discover the importance of advanced authentication measures and how to avoid common implementation mistakes.

Learn more: https://thehackernews.com/2024/05/6-mistakes-organizations-make-when.html

🛑 Attention VMware users.

Multiple security flaws discovered in Workstation (17.x) and Fusion (13.x). Don't wait, update now to stay protected.

Read details: https://thehackernews.com/2024/05/vmware-patches-severe-security-flaws-in.html

🚨 Attention - Microsoft has patched 61 new security flaws, including two zero-days actively exploited in the wild.

Find out how threat actors could gain domain admin privileges and create stealthy persistence mechanisms.

Read details: https://thehackernews.com/2024/05/microsoft-patches-61-flaws-including.html

Alexey Pertsev, co-founder of Tornado Cash, sentenced to 5+ years in prison by Dutch court. The crypto mixer service was sanctioned by the U.S. for facilitating money laundering.

Read details here: https://thehackernews.com/2024/05/dutch-court-sentences-tornado-cash-co.html

🔒 Linux server admins, beware:

Ebury malware botnet has hijacked 400,000 servers since 2009 for cybercriminal activities.

Details: https://thehackernews.com/2024/05/ebury-botnet-malware-compromises-400000.html

🕵️‍♂️ New Russian cyberespionage backdoors discovered.

LunarWeb and LunarMail targeted a European ministry of foreign affairs and its diplomatic missions.

Learn more about these stealthy threats and how they operate: https://thehackernews.com/2024/05/turla-group-deploys-lunarweb-and.html

Moving to Microsoft Azure from VMware vSphere?

Plan, Migrate, Validate... This guide covers all you need to know - from assessing your environment to post-migration validation.

Find out more: https://thehackernews.com/2024/05/its-time-to-master-lift-shift-migrating.html

ANYRUN, a malware sandbox for interactive analysis, announced its 8th Birthday Special Offer 🎁

New and current users can get 6 months of service or extra Enterprise-tier licenses for free.

Learn more ➡️ https://thn.news/anyrun-malware-sandbox

🔒 Attention cybersecurity professionals.

The Common Vulnerability Scoring System (CVSS) v4.0 is here, replacing the 8-year-old CVSS v3.0.

Discover how this update enhances vulnerability assessment & helps you strengthen your cyber resilience.

Read: https://thehackernews.com/2024/05/get-cyber-resilient-with-cvss.html

🔒 Google Play Protect just got smarter with live threat detection.

Android 15 introduces new features to prevent malicious apps from capturing your sensitive data.

Find out more about these crucial updates: https://thehackernews.com/2024/05/android-15-introduces-new-features-to.html

🔐 Google announced new privacy & security features for Android devices:

✅ Offline Device Lock
✅ Factory Reset Upgrade
✅ Private Space Enhanced
✅ AI-Powered Theft Detection

Details here: https://thehackernews.com/2024/05/google-adds-ai-powered-theft-protection.html