Hacking incidents in healthcare have tripled from 2018 to 2022. To defend against cyberthreats, organizations should adopt an attacker's mindset, focusing on asset inventory and monitoring.

Learn how attackers operate in the digital age: https://thehackernews.com/2023/12/unveiling-cyber-threats-to-healthcare.html

🛡️ Microsoft's final Patch Tuesday of 2023 is here, addressing 33 software flaws.

This release includes 4 Critical and 29 Important fixes, making it one of the lightest in recent years.

Read: https://thehackernews.com/2023/12/microsofts-final-2023-patch-tuesday-33.html

🚨 Ukraine's largest telecom operator, 📡 Kyivstar, hit by a cyberattack, disrupting mobile and internet services.

Read more about this here: https://thehackernews.com/2023/12/major-cyber-attack-paralyzes-kyivstar.html

Microsoft warns that adversaries are using OAuth apps for cryptocurrency mining and phishing attacks, enabling them to maintain access even after losing your account.

Details here: https://thehackernews.com/2023/12/microsoft-warns-of-hackers-exploiting.html

Protect yourself with multi-factor authentication and regular audits.

🕵️‍♂️ Identifying malware families and decrypting HTTPS traffic are key to cyber investigations.

Learn how a MITM proxy can help analysts intercept and decode malicious communication.

Click to read more: https://thehackernews.com/2023/12/how-to-analyze-malwares-network-traffic.html

⚡️ Google boosts Android security with Clang sanitizers.

Meet "IntSan" and "BoundSan," designed to catch vulnerabilities in the cellular baseband.

Learn how these tools work: https://thehackernews.com/2023/12/google-using-clang-sanitizers-to.html

🚨 Alert: Don't fall for fake subscription notices.

BazaCall phishing attacks are evolving; scammers are now using #Google Forms to appear more credible.

Learn more: https://thehackernews.com/2023/12/bazacall-phishing-scammers-now.html

Microsoft takes down cybercriminal group Storm-1152, responsible for distributing 750 million fraudulent Microsoft accounts and tools.

Find details here: https://thehackernews.com/2023/12/microsoft-takes-legal-action-to-crack.html

🚨 A new hacker group, GambleForce, is behind a string of SQL injection attacks across Asia-Pacific. Learn how they use basic techniques to steal sensitive data.

Read more: https://thehackernews.com/2023/12/new-hacker-group-gambleforce-tageting.html

Iranian state-sponsored group OilRig deployed three new malware downloader (ODAgent, OilCheck, and OilBooster) in 2022 to maintain access to Israeli organizations.

Learn more: https://thehackernews.com/2023/12/iranian-state-sponsored-oilrig-group.html

⚠️ Warning: Russian SVR-linked APT29 targets unpatched JetBrains TeamCity servers using CVE-2023-42793, a vulnerability enabling remote code execution by unauthenticated attackers.

Details 👉 https://thehackernews.com/2023/12/russian-svr-linked-apt29-targets.html

🤖 Manual vs. automated network penetration testing: Which is better?

Find out the pros and cons of each method: https://thehackernews.com/2023/12/reimagining-network-pentesting-with.html

🚨Cybersecurity alert! 116 malicious packages discovered on PyPI repository, posing a threat to Windows and Linux systems.

Learn more: https://thehackernews.com/2023/12/116-malware-packages-found-on-pypi.html

These packages aim to compromise hosts with backdoors for remote control and data theft.

💻 Gaza Cyber Gang, a pro-Hamas threat actor, is using an updated backdoor malware called Pierogi++ to target Palestinian entities. Be cautious of suspicious documents in your inbox.

Read: https://thehackernews.com/2023/12/new-pierogi-malware-by-gaza-cyber-gang.html

🌐 A novel malware named NKAbuse has surfaced, utilizing blockchain technology for DDoS attacks. This decentralized protocol enables attackers to communicate and evade detection.

Learn more: https://thehackernews.com/2023/12/new-nkabuse-malware-exploits-nkn.html

🍪 Say goodbye to third-party cookies!

Starting Jan 4, 2024, 1% of Google Chrome users will get a new test feature called "Tracking Protection" to block third-party cookies by default.

Read: https://thehackernews.com/2023/12/googles-new-tracking-protection-in.html

Multiple security vulnerabilities have been found in the open-source pfSense firewall solution, potentially allowing attackers to execute arbitrary commands.

Read: https://thehackernews.com/2023/12/new-security-vulnerabilities-uncovered.html

Web applications are everywhere in our digital lives, but they're also prime targets for attackers.

Learn about the most common vulnerabilities and how to secure your apps.

Read: https://thehackernews.com/2023/12/bug-or-feature-hidden-web-application.html

Crypto hardware wallet maker Ledger faces a major software breach, resulting in the theft of $600,000+ worth of virtual assets.

Read details here: https://thehackernews.com/2023/12/crypto-hardware-wallet-ledgers-supply.html

A new powerful botnet, KV-botnet, is using compromised firewalls and routers (such as Cisco, DrayTek, Fortinet, and NETGEAR) to conduct covert data transfers.

Learn more about this: https://thehackernews.com/2023/12/new-kv-botnet-targeting-cisco-draytek.html

⚠️ Microsoft warns of "Storm-0539," a growing threat orchestrating gift card fraud via email and SMS phishing attacks during the holidays.

Learn more: https://thehackernews.com/2023/12/microsoft-warns-of-storm-0539-rising.html

Stay vigilant, don't become a victim.