🚨 Cisco issued an alert about a new zero-day vulnerability in IOS XE (CVE-2023-20273). Attackers are actively exploiting it to install a malicious Lua-based implant on vulnerable devices.

Learn more: https://thehackernews.com/2023/10/cisco-zero-day-exploited-to-implant.html

🚨 Alert: Identity services provider Okta discloses breach, impacting customers including BeyondTrust and Cloudflare. Unidentified threat actors accessed the support system.

Learn more: https://thehackernews.com/2023/10/oktas-support-system-breach-exposes.html

Big Wins Against Cybercrime!

— Europol takes down Ragnar Locker ransomware's infrastructure, arrests key suspect in France.

— Trigona leak site infiltrated and shut down.

— India's CBI conducts nationwide raids on cyber-enabled financial crime infrastructure.

Read: https://thehackernews.com/2023/10/europol-dismantles-ragnar-locker.html

🕵️‍♂️ Beware of Quasar RAT: A sneaky malware exploiting DLL side-loading to hide its tracks on compromised Windows systems.

Learn more: https://thehackernews.com/2023/10/quasar-rat-leverages-dll-side-loading.html

DoNot Team Strikes Again. Learn about the new .NET-based backdoor, Firebird, targeting victims in Pakistan and Afghanistan.

Learn more: https://thehackernews.com/2023/10/donot-teams-new-firebird-backdoor-hits.html

Worried about AI tool proliferation in your organization? Get immediate visibility with Nudge Security.

Discover what AI tools your employees are using from Day 1. Stay in control of AI's impact on your business.

Read: https://thehackernews.com/2023/10/whos-experimenting-with-ai-tools-in.html

📣 Heads up! Popular password management solution "1Password" detected suspicious activity related to a recent "Okta" support system breach.

Fortunately, user data was unaffected, but here's what you need to know: https://thehackernews.com/2023/10/1password-detects-suspicious-activity.html

🚨 Discover how threat actors modified the backdoor implanted on compromised Cisco devices by exploiting zero-day flaws in IOS XE software, evading detection with new techniques.

Learn about the implant's updated behavior: https://thehackernews.com/2023/10/backdoor-implant-on-hacked-cisco.html

📢 Attention iOS users:

Experts have unearthed crucial insights about the TriangleDB implant, which targets Apple iOS devices. It can record audio, pilfer #iCloud Keychain data, and more.

Learn more: https://thehackernews.com/2023/10/operation-triangulation-experts-uncover.html

Spanish authorities bust cybercriminal group behind €3 million online scam. Weapons, cash, and more seized.

Full story: https://thehackernews.com/2023/10/34-cybercriminals-arrested-in-spain-for.html

Strong security is no longer a luxury—it's a necessity.

Find out how to secure your APIs with modern authentication and encryption methods in our latest article: https://thehackernews.com/2023/10/make-api-management-less-scary-for-your.html

⚡️ Ex-NSA employee—working as an Information Systems Security Designer—has pleaded guilty to attempting to transmit classified defense information to Russia, seeking $85,000 in exchange.

Read details here: https://thehackernews.com/2023/10/ex-nsa-employee-pleads-guilty-to.html

🚨 Urgent: Proof-of-concept (PoC) exploits have been publicly released for the recently discovered vulnerabilities in VMware Aria Operations, Citrix NetScaler ADC, and NetScaler Gateway.

Read: https://thehackernews.com/2023/10/alert-poc-exploits-released-for-citrix.html

Don't wait—apply fixes now and safeguard your systems.

Cybercriminals are targeting Brazil's popular PIX payment system using a new malware called GoPIX, delivered to users via malvertising campaigns when they search for "WhatsApp web."

Learn more 👉 https://thehackernews.com/2023/10/malvertising-campaign-targets-brazils.html

🚨 VMware releases crucial security updates to fix a new critical vulnerability (CVE-2023-34048) in vCenter Server.

Details in the article: https://thehackernews.com/2023/10/act-now-vmware-releases-patch-for.html

Protect your systems from remote code execution.

CloudTrail and Server Access Logs provide critical insights into Amazon S3 security. Find out how to use them effectively to prevent ransomware attacks.

Read: https://thehackernews.com/2023/10/the-rise-of-s3-ransomware-how-to.html

Popular online services like Grammarly, Vidio, and Bukalapak faced critical security vulnerabilities in their OAuth implementation that could have allowed hackers to hijack user accounts.

Find details here: https://thehackernews.com/2023/10/critical-oauth-flaws-uncovered-in.html

⚠️ WARNING — Winter Vivern, a notorious nation-state hacker group with links to Belarus and Russia, exploiting a zero-day flaw in Roundcube webmail software to steal email messages.

Learn more: https://thehackernews.com/2023/10/nation-state-hackers-exploiting-zero.html

🚨 Meet YoroTrooper: A mysterious threat actor with ties to Kazakhstan. Learn how they're using custom tools and stealthy tactics to infiltrate state-owned entities across CIS countries.

Read: https://thehackernews.com/2023/10/yorotrooper-researchers-warn-of.html

🚑 Healthcare IT professionals, take note.

A critical RCE vulnerability (CVE-2023-43208) has been uncovered in Mirth Connect, a healthcare data integration platform.

Read: https://thehackernews.com/2023/10/critical-flaw-in-nextgens-mirth-connect.html

Update to version 4.4.1 immediately to prevent unauthorized access.

🚨 ALERT: Iranian threat actor, Tortoiseshell, strikes again with new malware, IMAPLoader.

This .NET malware uses email as a command-and-control channel and targets maritime and logistics sectors.

Learn more: https://thehackernews.com/2023/10/iranian-group-tortoiseshell-launches.html