Pakistani threat actor SideCopy exploiting recent WinRAR vulnerability in attacks on Indian government entities.

Find out how they deploy remote access trojans like AllaKore RAT, Ares RAT, and DRat.

Read: https://thehackernews.com/2023/11/sidecopy-exploiting-winrar-flaw-in.html

🔒ChatGPT: Versatile tool or security risk?

Hackers exploiting ChatGPT to uncover vulnerabilities, create phishing emails, and more.

Powerful weapon in the wrong hands: https://thehackernews.com/2023/11/offensive-and-defensive-ai-lets-chatgpt.html

File upload security is the missing piece of the puzzle.

OPSWAT's 2023 report exposes vulnerabilities that can lead to data breaches and malware attacks.

Learn how to protect your business: https://thehackernews.com/2023/11/confidence-in-file-upload-security-is.html

🤖 A new variant of GootLoader, known as GootBot, is enabling hackers to sneak past defenses, spreading rapidly through networks.

Get the details on this stealthy threat: https://thehackernews.com/2023/11/new-gootloader-malware-variant-evades.html

🚨 ALERT: BlueNoroff, linked to North Korea's Lazarus Group, launches macOS malware called ObjCShellz. Learn about its use in RustBucket and how to protect your systems.

Read: https://thehackernews.com/2023/11/n-korean-bluenoroff-blamed-for-hacking.html

Cybersecurity experts unmask 'farnetwork', a Russian-speaking cybercriminal linked to 5 different ransomware-as-a-service (RaaS) programs, offering a rare peek into the workings of ransomware syndicates.

Read: https://thehackernews.com/2023/11/experts-expose-farnetworks-ransomware.html

🚨 70% of software used by companies is SaaS-based. Are you sure yours is secure? 🤔 Learn essential steps to protect your data in our must-attend webinar.

💻 Reserve your webinar seat now: https://thehackernews.com/2023/11/webinar-kickstarting-your-saas-security.html

Master the art of Exposure Management with XMCyber_'s self-paced FREE course! Join renowned cybersecurity expert 👉🏼 Gerald Auger, Ph.D. and gain the skills to efficiently manage risk exposures in your organization. 🎓🧑‍🎓📜 Secure your spot today: https://thn.news/Km8FFLzK

Free Guide Alert! "It's a Generative AI World" - Your essential manual to safeguarding against Gen AI risks.

Learn to protect data and maintain privacy with expert tips.

Get your copy ➡️ https://thehackernews.com/2023/11/guide-how-vcisos-msps-and-mssps-can.html

🐍 Python developers, watch out! Malicious Python packages sneak onto PyPI to steal sensitive data.

Learn how to protect your code: https://thehackernews.com/2023/11/beware-developers-blazestealer-malware.html

⚡NEW - WhatsApp is rolling out "Protect IP Address in Calls," a new privacy feature that hides your IP address during calls.

Learn how it works: https://thehackernews.com/2023/11/whatsapp-introduces-new-privacy-feature.html

Attention Azure users! Researchers have developed a fully undetectable cloud-based cryptocurrency miner that can operate without paying any charges.

Get the details here: https://thehackernews.com/2023/11/researchers-uncover-undetectable-crypto.html

CISA adds high-severity flaw (CVE-2023-29552) in SLP to Known Exploited Vulnerabilities list. This flaw is being actively exploited to launch massive DoS amplification attacks.

Read: https://thehackernews.com/2023/11/cisa-alerts-high-severity-slp.html

🛑 Heads up! Iran-linked MuddyWater expands its cyber arsenal with MuddyC2Go, a new C2 framework used in sophisticated attacks targeting Israel.

Read details: https://thehackernews.com/2023/11/muddyc2go-new-c2-framework-iranian.html

⚠️ Worried about data leaks through email auto-forwarding? Find out how Wing Security's free tool can prevent data leaks and boost your organization's security.

Read now: https://thehackernews.com/2023/11/when-email-security-meets-saas-security.html

⚡️ Malvertising Alert - Malicious sites posing as legit Windows news portals spotted distributing malware disguised as CPU-Z.

Read about the latest online threat: https://thehackernews.com/2023/11/new-malvertising-campaign-uses-fake.html

🆘⚠️ Microsoft exposes Lace Tempest's latest move: exploiting a zero-day flaw in SysAid IT support software.

Find out about the vulnerability and how to secure your IT systems ➡️ https://thehackernews.com/2023/11/zero-day-alert-lace-tempest-exploits.html

🚨 ALERT: Urdu-speaking readers in Gilgit-Baltistan, beware!

Regional news site hit by WATERING HOLE ATTACK, spreading Kamran Android spyware to steal sensitive data, like contacts, call logs, location, photos, and more.

Read: https://thehackernews.com/2023/11/stealthy-kamran-spyware-targeting-urdu.html

Iranian hacker group Imperial Kitten targets transportation, logistics, and tech sectors, including Israel.

Discover their techniques: social engineering, watering hole attacks, one-day exploits, and phishing.

👩‍💻 Read more: https://thehackernews.com/2023/11/iran-linked-imperial-kitten-cyber-group.html

🔒 Researchers found a persistent backdoor called Effluence in compromised Atlassian Confluence servers. This allows attackers to access resources and data, even after patches.

Learn more: https://thehackernews.com/2023/11/alert-effluence-backdoor-persists.html

Russian hackers Sandworm caused a power outage in Ukraine by targeting an electrical substation during missile strikes on critical infrastructure.

Experts uncover a "multi-event cyberattack" on industrial control systems (ICS).

Read more ➡️ https://thehackernews.com/2023/11/russian-hackers-sandworm-cause-power.html