Did you know, SOC teams spend 1/3 of their day on non-threatening events? Discover how automation covers 80% of threats, freeing up valuable time! 💼

Read more: https://thehackernews.com/2023/11/the-new-8020-rule-for-secops-customize.html

Lazarus Group's sub-cluster, Sapphire Sleet, is now impersonating skills assessment portals in social engineering campaigns targeting IT job seekers.

Learn more: https://thehackernews.com/2023/11/microsoft-warns-of-fake-skills.html

Cybersecurity researchers warn of a dangerous Windows version of a wiper malware previously targeting Linux systems in cyber attacks on Israel.

Read details: https://thehackernews.com/2023/11/new-bibi-windows-wiper-targets-windows.html

Malaysian authorities, with help from the AFP and FBI, shut down the notorious phishing-as-a-service (PhaaS) operation, BulletProofLink, arresting 8 individuals and seizing over $213,000 in assets.

Read more ➡️ https://thehackernews.com/2023/11/major-phishing-as-service-syndicate.html

Chinese nation-state hackers are targeting 24 Cambodian government organizations in a long-term espionage campaign.

Learn more: https://thehackernews.com/2023/11/chinese-hackers-launch-covert-espionage.html

Is your marketing team's data safe? Discover why securing SaaS apps is crucial! Learn how external users can pose a risk.

Read 👉 https://thehackernews.com/2023/11/top-5-marketing-tech-saas-security.html

A new #ransomware group, Hunters International, has taken over the reins from Hive, acquiring its source code and infrastructure.

Read the full article here: https://thehackernews.com/2023/11/new-ransomware-group-emerges-with-hives.html

🚨 Federal agencies and organizations, listen up!

CISA has set a critical ⏰ deadline of November 17, 2023. Secure your systems against 🛡️ security flaws in Juniper Junos OS discovered in August.

Read: https://thehackernews.com/2023/11/cisa-sets-deadline-patch-juniper-junos.html

Vietnamese hackers behind Ducktail malware launch a new campaign targeting Indian marketing pros.

Learn how they're using Delphi to infiltrate and hijack Facebook business accounts.

🔗 Read details here: https://thehackernews.com/2023/11/vietnamese-hackers-using-new-delphi.html

New phishing campaign targets Middle Eastern government entities using IronWind downloader. TA402, a Middle Eastern APT group, is behind the attack, focusing on intelligence collection for the Palestinian Territories.

Learn more ➡️ https://thehackernews.com/2023/11/new-campaign-targets-middle-east.html

Developers, beware! Malicious actors are exploiting Dependabot's trust. Learn how to restrict access, implement MFA, and secure your runtime secrets to protect your CI/CD pipelines from cyber threats.

Read: https://thehackernews.com/2023/11/cicd-risks-protecting-your-software.html

🚨 Alert: Docker API Under Attack! Threat actors are exploiting Docker Engine API vulnerabilities to build a powerful DDoS botnet called OracleIV.

Learn more: https://thehackernews.com/2023/11/alert-oracleiv-ddos-botnet-targets.html

Traditional cybersecurity measures might not cut it anymore!

Upgrade your defense with continuous monitoring techniques like RBVM, EASM, and Cyber Threat Intelligence.

Learn how: 👉 https://thehackernews.com/2023/11/the-importance-of-continuous-security.html

#cybersecuritytips #informationsecurity

🔒💻 Researchers found a vulnerability in AMD's SEV technology, called CacheWarp (CVE-2023-20592), that allows privilege escalation and remote code execution in virtual machines.

📰 Full story: https://thehackernews.com/2023/11/cachewarp-attack-new-vulnerability-in.html

🆘 VMware raises the alarm about an UNPATCHED security flaw (CVE-2023-34060) in Cloud Director, which could allow attackers to bypass authentication on SSH and appliance management console ports.

Learn more ➡️ https://thehackernews.com/2023/11/urgent-vmware-warns-of-unpatched.html

🛡️ Microsoft's November 2023 Security Update:

🔐 63 vulnerabilities addressed
🚨 5 zero-days
💥 3 actively exploited in-the-wild
📊 Severity ratings: 3 Critical, 56 Important, 4 Moderate

Get the scoop on the latest vulnerabilities: https://thehackernews.com/2023/11/alert-microsoft-releases-patch-updates.html

🛡️ Did you know? Effective cloud vulnerability management combines Application Security and Cloud Security insights.

Learn more in the 2023 Cloud Vulnerability Report: https://thn.news/opcmhnAH

⚠️ New PoC exploit for CVE-2023-46604 flaw in Apache ActiveMQ could let attackers stealthily execute malicious code.

CVSS score: 10.0! Are your servers secure?

Learn more about this critical vulnerability: https://thehackernews.com/2023/11/new-poc-exploit-for-apache-activemq.html

🚨 Insider Threats are a growing concern for organizations. Varonis reveals a unique approach using a data security triad.

Learn how sensitivity, access, and activity can protect your organization's most valuable assets.

Read: https://thehackernews.com/2023/11/three-ways-varonis-helps-you-fight.html

U.S. Government Dismantles Global IPStorm Botnet Network!

From Windows to Linux, Mac, and Android, the botnet turned infected devices into proxies for illegal activities.

Click to learn more: https://thehackernews.com/2023/11/us-takes-down-ipstorm-botnet-russian.html

Denmark's energy sector hit by massive cyberattack.

In May 2023, 22 Danish energy sector companies were simultaneously targeted in a sophisticated, coordinated cyber attack.

Learn more about their tactics and history: https://thehackernews.com/2023/11/russian-hackers-launch-largest-ever.html