Researchers found a Rust version of SysJoker, a cross-platform backdoor used by Hamas-affiliated threat actor targeting Israel during ongoing conflict.

Read details here: https://thehackernews.com/2023/11/hamas-linked-cyberattacks-using-rust.html

⚡️ Has Your Secret Leaked? Here's the easiest way to find out.

GitGuardian launches the "HasMySecretLeaked" service to help developers check if their sensitive information has been exposed on GitHub, such as passwords, API keys, cryptographic certificates.

Read: https://thehackernews.com/2023/11/tell-me-your-secrets-without-telling-me.html

🚨 Watch Out! Cybercriminals are using a malicious Telegram bot called "Telekopye" for large-scale phishing scams, creating fake websites, emails, and more.

Learn more: https://thehackernews.com/2023/11/cybercriminals-using-telekopye-telegram.html

🚨 Critical Security Alert — ownCloud, an open-source file-sharing software, has disclosed 3 critical vulnerabilities. These can lead to sensitive information disclosure and unauthorized file modification.

Learn more: https://thehackernews.com/2023/11/warning-3-critical-vulnerabilities.html

🕵️‍♂️ New Threat Alert: A new web shell called HrServ is part of a suspected APT attack in Afghanistan. HrServ can erase tracks and execute code in memory, increasing the threat's complexity.

Learn more: https://thehackernews.com/2023/11/new-hrservdll-web-shell-detected-in-apt.html

U.K., U.S., and 16 other international partners have released new GUIDELINES for the development of secure Artificial Intelligence (AI) systems.

Read details here: https://thehackernews.com/2023/11/us-uk-and-global-partners-release.html

Did you know retailers face a vast cyber attack surface on #CyberMonday?

Today's retail isn't just about sales; it's about securing the SaaS apps that power those sales.

Learn how to fortify your SaaS apps against cyber threats: https://thehackernews.com/2023/11/how-to-handle-retail-saas-security-on.html

Researchers discovered a vulnerability where remote attackers can steal Windows user's NTLM tokens by tricking victims into opening a crafted Access file. Learn more about it.

Learn more: https://thehackernews.com/2023/11/hackers-can-exploit-forced.html

Underground markets are booming with over 24 billion credentials for sale. 49% of breaches in 2023 involved stolen credentials.

Are you aware of how these are obtained?

Stay ahead of cybercriminals, check our article on credential theft and PhaaS: https://thehackernews.com/2023/11/how-hackers-phish-for-your-users.html

Lazarus Group's evolving cyber tactics target macOS systems by combining elements from multiple #malware campaigns (like RustBucket and KANDYKORN) for better effectiveness and to avoid detection.

Learn more: https://thehackernews.com/2023/11/n-korean-hackers-mixing-and-matching.html

🚨 Researchers reveal a critical design flaw in Google Workspace, dubbed "DeleFriend," that could allow attackers to steal emails, exfiltrate data, and more without super admin privileges.

Find details here: https://thehackernews.com/2023/11/design-flaw-in-google-workspace-could.html

🔒 Worried about securing sensitive data in the cloud?

Explore the success story of SoFi, a cloud-native financial services provider and their journey with Sentra's DSPM for accurate data classification.

Don't miss this informative 🎙️ webinar: https://thehackernews.com/2023/11/transform-your-data-security-posture.html

🚨 Chrome users, it's time to upgrade!

Google released security updates for Chrome to fix seven issues, including an actively exploited zero-day vulnerability (CVE-2023-6345).

Find details here: https://thehackernews.com/2023/11/zero-day-alert-google-chrome-under.html

🚨 Apache ActiveMQ's CVE-2023-46604 flaw is under active exploitation by hackers to distribute two dangerous programs: GoTitan, a Go-based botnet, and PrCtrl Rat, a .NET threat.

Read details: https://thehackernews.com/2023/11/gotitan-botnet-spotted-exploiting.html

🚨 Beware of Xaro! This new DJVU ransomware variant spreads through cracked software, endangering users who download from untrusted sources.

It goes further by deploying information stealers like RedLine Stealer and Vidar.

Learn more: https://thehackernews.com/2023/11/djvu-ransomwares-latest-variant-xaro.html

🔐 🚨 Okta detected additional malicious activity tied to the October 2023 Data Breach.

Names and emails of support system users were compromised, affecting Workforce Identity Cloud and Customer Identity Solution customers.

Learn more: https://thehackernews.com/2023/11/okta-discloses-additional-data-breach.html

🔒 U.S. Treasury imposes sanctions on Sinbad, a virtual currency 💰 mixer used by Lazarus Group to launder millions from heists.

Learn more: https://thehackernews.com/2023/11/us-treasury-sanctions-sinbad.html

⚠️ CACTUS ransomware campaign has been observed exploiting vulnerabilities in the Qlik Sense cloud analytics and business intelligence platform for initial access to targeted environments.

Learn more ➥ https://thehackernews.com/2023/11/cactus-ransomware-exploits-qlik-sense.html

🕵️‍♂️💻 WEBINAR ALERT:

Insider threats are a silent danger. Join our expert-led webinar to learn innovative approaches to master application detection and response, safeguarding your IT environment.

Save your seat now ➥ https://thehacker.news/app-detection-response

North Korean hackers have stolen an estimated 💰 $3 BILLION in crypto assets, with $1.7 billion taken in 2022 📈 alone, as a means to bypass sanctions against the country.

Find details here ➥ https://thehackernews.com/2023/11/north-koreas-lazarus-group-rakes-in-3.html