U.S. government seizes 17 website domains and confiscates $1.5 million linked to North Korean IT workers in a massive global fraud scheme.

Read: https://thehackernews.com/2023/10/us-doj-cracks-down-on-north-korean-it.html

Beware of ExelaStealer: a new info stealer targeting Windows. It steals sensitive data like passwords, credit card numbers, and Discord tokens. Spread through phishing emails and watering holes.

Learn more: https://thehackernews.com/2023/10/exelastealer-new-low-cost-cybercrime.html

Cybersecurity concerns are holding back IoT adoption.

Learn why most IoT solutions fall short in security, resulting in vulnerabilities and unreliable updates. Find out how to make IoT more secure:

Read: https://thehackernews.com/2023/10/unleashing-power-of-internet-of-things.html

Vietnamese threat actors are using the Ducktail stealer and DarkGate malware in linked campaigns to target organizations in the UK, US, and India.

Learn more: https://thehackernews.com/2023/10/vietnamese-hackers-target-uk-us-and.html

Beware of fake software ads on Google Search!

Hackers use Google Ads to direct users searching for popular software, such as KeePass Password Manager and Notepad++, to malicious copycats that distribute malware.

Learn more: https://thehackernews.com/2023/10/malvertisers-using-google-ads-to-target.html

🚨 Cisco issued an alert about a new zero-day vulnerability in IOS XE (CVE-2023-20273). Attackers are actively exploiting it to install a malicious Lua-based implant on vulnerable devices.

Learn more: https://thehackernews.com/2023/10/cisco-zero-day-exploited-to-implant.html

🚨 Alert: Identity services provider Okta discloses breach, impacting customers including BeyondTrust and Cloudflare. Unidentified threat actors accessed the support system.

Learn more: https://thehackernews.com/2023/10/oktas-support-system-breach-exposes.html

Big Wins Against Cybercrime!

— Europol takes down Ragnar Locker ransomware's infrastructure, arrests key suspect in France.

— Trigona leak site infiltrated and shut down.

— India's CBI conducts nationwide raids on cyber-enabled financial crime infrastructure.

Read: https://thehackernews.com/2023/10/europol-dismantles-ragnar-locker.html

🕵️‍♂️ Beware of Quasar RAT: A sneaky malware exploiting DLL side-loading to hide its tracks on compromised Windows systems.

Learn more: https://thehackernews.com/2023/10/quasar-rat-leverages-dll-side-loading.html

DoNot Team Strikes Again. Learn about the new .NET-based backdoor, Firebird, targeting victims in Pakistan and Afghanistan.

Learn more: https://thehackernews.com/2023/10/donot-teams-new-firebird-backdoor-hits.html

Worried about AI tool proliferation in your organization? Get immediate visibility with Nudge Security.

Discover what AI tools your employees are using from Day 1. Stay in control of AI's impact on your business.

Read: https://thehackernews.com/2023/10/whos-experimenting-with-ai-tools-in.html

📣 Heads up! Popular password management solution "1Password" detected suspicious activity related to a recent "Okta" support system breach.

Fortunately, user data was unaffected, but here's what you need to know: https://thehackernews.com/2023/10/1password-detects-suspicious-activity.html

🚨 Discover how threat actors modified the backdoor implanted on compromised Cisco devices by exploiting zero-day flaws in IOS XE software, evading detection with new techniques.

Learn about the implant's updated behavior: https://thehackernews.com/2023/10/backdoor-implant-on-hacked-cisco.html

📢 Attention iOS users:

Experts have unearthed crucial insights about the TriangleDB implant, which targets Apple iOS devices. It can record audio, pilfer #iCloud Keychain data, and more.

Learn more: https://thehackernews.com/2023/10/operation-triangulation-experts-uncover.html

Spanish authorities bust cybercriminal group behind €3 million online scam. Weapons, cash, and more seized.

Full story: https://thehackernews.com/2023/10/34-cybercriminals-arrested-in-spain-for.html

Strong security is no longer a luxury—it's a necessity.

Find out how to secure your APIs with modern authentication and encryption methods in our latest article: https://thehackernews.com/2023/10/make-api-management-less-scary-for-your.html

⚡️ Ex-NSA employee—working as an Information Systems Security Designer—has pleaded guilty to attempting to transmit classified defense information to Russia, seeking $85,000 in exchange.

Read details here: https://thehackernews.com/2023/10/ex-nsa-employee-pleads-guilty-to.html

🚨 Urgent: Proof-of-concept (PoC) exploits have been publicly released for the recently discovered vulnerabilities in VMware Aria Operations, Citrix NetScaler ADC, and NetScaler Gateway.

Read: https://thehackernews.com/2023/10/alert-poc-exploits-released-for-citrix.html

Don't wait—apply fixes now and safeguard your systems.

Cybercriminals are targeting Brazil's popular PIX payment system using a new malware called GoPIX, delivered to users via malvertising campaigns when they search for "WhatsApp web."

Learn more 👉 https://thehackernews.com/2023/10/malvertising-campaign-targets-brazils.html

🚨 VMware releases crucial security updates to fix a new critical vulnerability (CVE-2023-34048) in vCenter Server.

Details in the article: https://thehackernews.com/2023/10/act-now-vmware-releases-patch-for.html

Protect your systems from remote code execution.

CloudTrail and Server Access Logs provide critical insights into Amazon S3 security. Find out how to use them effectively to prevent ransomware attacks.

Read: https://thehackernews.com/2023/10/the-rise-of-s3-ransomware-how-to.html