Cybersecurity experts unmask 'farnetwork', a Russian-speaking cybercriminal linked to 5 different ransomware-as-a-service (RaaS) programs, offering a rare peek into the workings of ransomware syndicates.

Read: https://thehackernews.com/2023/11/experts-expose-farnetworks-ransomware.html

🚨 70% of software used by companies is SaaS-based. Are you sure yours is secure? 🤔 Learn essential steps to protect your data in our must-attend webinar.

💻 Reserve your webinar seat now: https://thehackernews.com/2023/11/webinar-kickstarting-your-saas-security.html

Master the art of Exposure Management with XMCyber_'s self-paced FREE course! Join renowned cybersecurity expert 👉🏼 Gerald Auger, Ph.D. and gain the skills to efficiently manage risk exposures in your organization. 🎓🧑‍🎓📜 Secure your spot today: https://thn.news/Km8FFLzK

Free Guide Alert! "It's a Generative AI World" - Your essential manual to safeguarding against Gen AI risks.

Learn to protect data and maintain privacy with expert tips.

Get your copy ➡️ https://thehackernews.com/2023/11/guide-how-vcisos-msps-and-mssps-can.html

🐍 Python developers, watch out! Malicious Python packages sneak onto PyPI to steal sensitive data.

Learn how to protect your code: https://thehackernews.com/2023/11/beware-developers-blazestealer-malware.html

⚡NEW - WhatsApp is rolling out "Protect IP Address in Calls," a new privacy feature that hides your IP address during calls.

Learn how it works: https://thehackernews.com/2023/11/whatsapp-introduces-new-privacy-feature.html

Attention Azure users! Researchers have developed a fully undetectable cloud-based cryptocurrency miner that can operate without paying any charges.

Get the details here: https://thehackernews.com/2023/11/researchers-uncover-undetectable-crypto.html

CISA adds high-severity flaw (CVE-2023-29552) in SLP to Known Exploited Vulnerabilities list. This flaw is being actively exploited to launch massive DoS amplification attacks.

Read: https://thehackernews.com/2023/11/cisa-alerts-high-severity-slp.html

🛑 Heads up! Iran-linked MuddyWater expands its cyber arsenal with MuddyC2Go, a new C2 framework used in sophisticated attacks targeting Israel.

Read details: https://thehackernews.com/2023/11/muddyc2go-new-c2-framework-iranian.html

⚠️ Worried about data leaks through email auto-forwarding? Find out how Wing Security's free tool can prevent data leaks and boost your organization's security.

Read now: https://thehackernews.com/2023/11/when-email-security-meets-saas-security.html

⚡️ Malvertising Alert - Malicious sites posing as legit Windows news portals spotted distributing malware disguised as CPU-Z.

Read about the latest online threat: https://thehackernews.com/2023/11/new-malvertising-campaign-uses-fake.html

🆘⚠️ Microsoft exposes Lace Tempest's latest move: exploiting a zero-day flaw in SysAid IT support software.

Find out about the vulnerability and how to secure your IT systems ➡️ https://thehackernews.com/2023/11/zero-day-alert-lace-tempest-exploits.html

🚨 ALERT: Urdu-speaking readers in Gilgit-Baltistan, beware!

Regional news site hit by WATERING HOLE ATTACK, spreading Kamran Android spyware to steal sensitive data, like contacts, call logs, location, photos, and more.

Read: https://thehackernews.com/2023/11/stealthy-kamran-spyware-targeting-urdu.html

Iranian hacker group Imperial Kitten targets transportation, logistics, and tech sectors, including Israel.

Discover their techniques: social engineering, watering hole attacks, one-day exploits, and phishing.

👩‍💻 Read more: https://thehackernews.com/2023/11/iran-linked-imperial-kitten-cyber-group.html

🔒 Researchers found a persistent backdoor called Effluence in compromised Atlassian Confluence servers. This allows attackers to access resources and data, even after patches.

Learn more: https://thehackernews.com/2023/11/alert-effluence-backdoor-persists.html

Russian hackers Sandworm caused a power outage in Ukraine by targeting an electrical substation during missile strikes on critical infrastructure.

Experts uncover a "multi-event cyberattack" on industrial control systems (ICS).

Read more ➡️ https://thehackernews.com/2023/11/russian-hackers-sandworm-cause-power.html

Did you know, SOC teams spend 1/3 of their day on non-threatening events? Discover how automation covers 80% of threats, freeing up valuable time! 💼

Read more: https://thehackernews.com/2023/11/the-new-8020-rule-for-secops-customize.html

Lazarus Group's sub-cluster, Sapphire Sleet, is now impersonating skills assessment portals in social engineering campaigns targeting IT job seekers.

Learn more: https://thehackernews.com/2023/11/microsoft-warns-of-fake-skills.html

Cybersecurity researchers warn of a dangerous Windows version of a wiper malware previously targeting Linux systems in cyber attacks on Israel.

Read details: https://thehackernews.com/2023/11/new-bibi-windows-wiper-targets-windows.html

Malaysian authorities, with help from the AFP and FBI, shut down the notorious phishing-as-a-service (PhaaS) operation, BulletProofLink, arresting 8 individuals and seizing over $213,000 in assets.

Read more ➡️ https://thehackernews.com/2023/11/major-phishing-as-service-syndicate.html

Chinese nation-state hackers are targeting 24 Cambodian government organizations in a long-term espionage campaign.

Learn more: https://thehackernews.com/2023/11/chinese-hackers-launch-covert-espionage.html