🚨 New Wi-Fi #vulnerability discovered!

CVE-2023-52424, dubbed "SSID Confusion attack," affects all operating systems & Wi-Fi clients.

Learn how attackers can trick you into connecting to a less secure network & eavesdrop on your traffic.

https://thehackernews.com/2024/05/new-wi-fi-vulnerability-enabling.html

🚨 Attention D-Link users - CISA warns of actively exploited vulnerabilities, CVE-2014-100005 and CVE-2021-40655, that attackers could exploit to change your router settings or steal your credentials.

Learn more: https://thehackernews.com/2024/05/cisa-warns-of-actively-exploited-d-link.html

⚠️ North Korean APT group Kimsuky deploys Linux version of GoBear backdoor, targeting South Korean organizations.

Learn more about the Gomir backdoor and its capabilities: https://thehackernews.com/2024/05/kimsuky-apt-deploying-linux-backdoor.html

🚨 Alert: China-linked BlackTech group using advanced Deuterbear RAT in Asia-Pacific cyber espionage campaign.

Learn more about the improved capabilities and infection pathway of this evolving threat: https://thehackernews.com/2024/05/china-linked-hackers-adopt-two-stage.html#hacking #cybersecurity

🔒 Attention cybersecurity professionals!

A new report reveals that CVE-based vulnerabilities account for less than 1% of the average organization's on-prem exposure landscape.

It's time to shift our focus to the real threats.

Learn how: https://thehackernews.com/2024/05/new-xm-cyber-research-80-of-exposures.html

Kinsing cryptojacking hacker group continuously expanding its exploitation arsenal, which now includes various flaws in Apache ActiveMQ, Log4j, NiFi, Atlassian Confluence, Citrix, Linux, Openfire, WebLogic Server, and SaltStack.

Read: https://thehackernews.com/2024/05/kinsing-hacker-group-exploits-more.html

⚠️ Grandoreiro banking trojan is back, targeting 1,500+ banks in 60+ countries. It now uses infected Outlook to spread phishing emails, with updated domain-generating algorithm and anti-malware evasion capability.

Learn more: https://thehackernews.com/2024/05/grandoreiro-banking-trojan-resurfaces.html

🚨 Two Chinese nationals arrested for laundering $73 million in a massive pig butchering scam. The DoJ charges them with managing an international syndicate that tricked victims into crypto investment scams.

Learn more: https://thehackernews.com/2024/05/chinese-nationals-arrested-for.html

Researchers have observed a surge in email phishing campaigns delivering Latrodectus, a new malware loader believed to be the successor to IcedID.

Details here > https://thehackernews.com/2024/05/latrodectus-malware-loader-emerges-as.html

A multi-faceted campaign is targeting Android, macOS, and Windows users with various stealer malware and banking trojans.

Find out how they're using fake profiles and repositories to trick users into downloading malicious files.

Read: https://thehackernews.com/2024/05/cyber-criminals-exploit-github-and.html

🚨 New vulnerabilities emerge daily, forcing developers to refactor code & update dependencies.

With GitGuardian SCA, you can easily scan for CVEs locally & automatically before making a pull request.

Learn how you can create secure code effortlessly: https://thehackernews.com/2024/05/defending-your-commits-from-known-cves.html

Foxit PDF Reader users, beware! A design flaw is being weaponized to deliver malware including Agent Tesla, AsyncRAT, DCRat, NanoCore RAT, NjRAT, Pony, Remcos RAT, and XWorm.

Learn more: https://thehackernews.com/2024/05/foxit-pdf-reader-flaw-exploited-by.html

Void Manticore, an Iranian threat actor affiliated with the MOIS, has been identified as the culprit behind destructive wiping malware attacks targeting Albania and Israel.

Learn more about their tactics: https://thehackernews.com/2024/05/iranian-mois-linked-hackers-behind.html

🚨 Critical security vulnerability discovered in Fluent Bit, a widely used logging and metrics utility.

Nicknamed "Linguistic Lumberjack," it could lead to DoS, information disclosure, or even RCE attacks.

Learn more about CVE-2024-4323: https://thehackernews.com/2024/05/linguistic-lumberjack-vulnerability.html

🕵️‍♂️ Unpatched Vulnerability Exploited!

CISA has added a critical security flaw (CVE-2023-43208) affecting NextGen Healthcare Mirth Connect to its Known Exploited Vulnerabilities catalog.

Learn more: https://thehackernews.com/2024/05/nextgen-healthcare-mirth-connect-under.html

Update to version 4.4.1 or later ASAP!

Microsoft has announced new security measures to strengthen Windows11, including deprecating NTLM in favor of Kerberos for authentication and AI-powered Smart App Control to block malware.

Details here > https://thehackernews.com/2024/05/windows-11-to-deprecate-ntlm-add-ai.html

Researchers found security flaws in popular software packages: llama_cpp_python for AI models and PDF.js for the Firefox browser, allowing attackers to execute arbitrary code if exploited.

Details here > https://thehackernews.com/2024/05/researchers-uncover-flaws-in-python.html

🔒 SolarMarker malware evolves with a multi-tiered infrastructure, making it harder for law enforcement to take down and evade detection.

Learn about the latest tactics: https://thehackernews.com/2024/05/solarmarker-malware-evolves-to-resist.html

Non-compliance with IT security rules can cause data loss, financial harm, and reputational damage.

Discover how Wazuh's open-source solution monitors files in real-time and detects unauthorized changes.

https://thehackernews.com/2024/05/streamlining-it-security-compliance.html

🚨 Alert - New CLOUD#REVERSER attack campaign uses Google Drive and Dropbox to stage malware, disguising executables as Excel files with the right-to-left override Unicode trick.

Learn more: https://thehackernews.com/2024/05/malware-delivery-via-cloud-services.html