🔒 Linux server admins, beware:

Ebury malware botnet has hijacked 400,000 servers since 2009 for cybercriminal activities.

Details: https://thehackernews.com/2024/05/ebury-botnet-malware-compromises-400000.html

🕵️‍♂️ New Russian cyberespionage backdoors discovered.

LunarWeb and LunarMail targeted a European ministry of foreign affairs and its diplomatic missions.

Learn more about these stealthy threats and how they operate: https://thehackernews.com/2024/05/turla-group-deploys-lunarweb-and.html

Moving to Microsoft Azure from VMware vSphere?

Plan, Migrate, Validate... This guide covers all you need to know - from assessing your environment to post-migration validation.

Find out more: https://thehackernews.com/2024/05/its-time-to-master-lift-shift-migrating.html

ANYRUN, a malware sandbox for interactive analysis, announced its 8th Birthday Special Offer 🎁

New and current users can get 6 months of service or extra Enterprise-tier licenses for free.

Learn more ➡️ https://thn.news/anyrun-malware-sandbox

🔒 Attention cybersecurity professionals.

The Common Vulnerability Scoring System (CVSS) v4.0 is here, replacing the 8-year-old CVSS v3.0.

Discover how this update enhances vulnerability assessment & helps you strengthen your cyber resilience.

Read: https://thehackernews.com/2024/05/get-cyber-resilient-with-cvss.html

🔒 Google Play Protect just got smarter with live threat detection.

Android 15 introduces new features to prevent malicious apps from capturing your sensitive data.

Find out more about these crucial updates: https://thehackernews.com/2024/05/android-15-introduces-new-features-to.html

🔐 Google announced new privacy & security features for Android devices:

✅ Offline Device Lock
✅ Factory Reset Upgrade
✅ Private Space Enhanced
✅ AI-Powered Theft Detection

Details here: https://thehackernews.com/2024/05/google-adds-ai-powered-theft-protection.html

BREAKING - BreachForums, a notorious online bazaar for stolen data, has been seized by law enforcement agencies for the second time in a year.

The FBI has taken control of its #Telegram channel as well.

Read on > https://thehackernews.com/2024/05/fbi-seizes-breachforums-again-urges.html

🚨 Google has addressed nine security issues in its Chrome browser, including a new zero-day exploit (CVE-2024-4947) that has been actively exploited in the wild.

Learn more: https://thehackernews.com/2024/05/google-patches-yet-another-actively.html

Don't wait – update your browser now.

⚠️ Cybercriminals are exploiting Microsoft's Quick Assist tool to target users in social engineering attacks and deploy Black Basta ransomware.

Learn more: https://thehackernews.com/2024/05/cybercriminals-exploiting-microsofts.html

🕵️‍♀️ Security and IT teams, listen up!

Reviewing new and existing OAuth grants programmatically is crucial for catching risky activity or overly-permissive scopes.

Learn best practices for investigating grants in this article: https://thehackernews.com/expert-insights/2024/05/how-to-investigate-oauth-grant-for.html

Nearly a dozen security flaws have been discovered in the GE HealthCare Vivid Ultrasound product family. These vulnerabilities could allow ransomware attacks or data tampering.

Learn more: https://thehackernews.com/2024/05/researchers-uncover-11-security-flaws.html

Every SaaS account created by your employees represents a new “identity” with unique permissions, security settings & risks and many app owners sit outside of IT, meaning security controls could be overlooked.

Learn how Nudge Security can help: https://thn.news/saas-identity-governance

⚠️ North Korea-linked Kimsuky hacking group has launched a new social engineering attack using fake Facebook accounts to target individuals via Messenger.

Learn more: https://thehackernews.com/2024/05/north-korean-hackers-exploit-facebook.html

At Georgetown, gain the tactical skills to plan for and respond to information security threats. Attend this June 7 webinar.

Save your seat: https://thn.news/georgetown-cybersec-webinar-li

🚨 New Wi-Fi #vulnerability discovered!

CVE-2023-52424, dubbed "SSID Confusion attack," affects all operating systems & Wi-Fi clients.

Learn how attackers can trick you into connecting to a less secure network & eavesdrop on your traffic.

https://thehackernews.com/2024/05/new-wi-fi-vulnerability-enabling.html

🚨 Attention D-Link users - CISA warns of actively exploited vulnerabilities, CVE-2014-100005 and CVE-2021-40655, that attackers could exploit to change your router settings or steal your credentials.

Learn more: https://thehackernews.com/2024/05/cisa-warns-of-actively-exploited-d-link.html

⚠️ North Korean APT group Kimsuky deploys Linux version of GoBear backdoor, targeting South Korean organizations.

Learn more about the Gomir backdoor and its capabilities: https://thehackernews.com/2024/05/kimsuky-apt-deploying-linux-backdoor.html

🚨 Alert: China-linked BlackTech group using advanced Deuterbear RAT in Asia-Pacific cyber espionage campaign.

Learn more about the improved capabilities and infection pathway of this evolving threat: https://thehackernews.com/2024/05/china-linked-hackers-adopt-two-stage.html#hacking #cybersecurity

🔒 Attention cybersecurity professionals!

A new report reveals that CVE-based vulnerabilities account for less than 1% of the average organization's on-prem exposure landscape.

It's time to shift our focus to the real threats.

Learn how: https://thehackernews.com/2024/05/new-xm-cyber-research-80-of-exposures.html