🚨 Urgent: Critical Jenkins RCE vulnerability (CVE-2024-23897) discovered.

Hackers can remotely control your CI/CD pipelines. Patch immediately to prevent malicious code in builds.

Details here: https://thehackernews.com/2024/01/critical-jenkins-vulnerability-exposes.html

AI Goes Rogue: Fake Videos, Stolen Passwords, & New Frauds!

Hackers are using AI to create hyper-realistic scams. Axur Report exposes the latest tricks, including "apphishing" and e-commerce store takeovers.

Learn more: https://thehackernews.com/2024/01/cyber-threat-landscape-7-key-findings.html

Cybersecurity experts reveal the inner workings of SystemBC's command server, a dangerous #malware available on the darkweb, enabling cybercriminals to remotely control compromised systems and deliver ransomware.

Details here → https://thehackernews.com/2024/01/systembc-malwares-c2-server-analysis.html

🚨 Cisco's Unified & Contact Center solutions have a CRITICAL flaw (CVE-2024-20253) allowing remote attackers to take control.

Patch NOW! Don't let attackers eavesdrop on your business secrets.

Get the details: https://thehackernews.com/2024/01/critical-cisco-flaw-lets-hackers.html

Russian Malware Mastermind Jailed!

5 years for Vladimir Dunaev, creator of TrickBot, a Swiss Army knife of cybercrime. This malware wasn't just about stealing money. It targeted critical healthcare systems during a pandemic.

Details here → https://thehackernews.com/2024/01/russian-trickbot-mastermind-gets-5-year.html

🕵️ Cozy Bear returns! Microsoft confirms Russian hackers who breached them in November are now targeting more organizations.

Their playbook includes stolen credentials, supply chain attacks, OAuth abuse, and more.

Read more → https://thehackernews.com/2024/01/microsoft-warns-of-widening-apt29.html

⚠️ Chinese users beware! Malicious Google ads pushing fake Telegram & LINE apps. Cybercriminals are using fake messaging app ads to deploy RATs like PlugX & Gh0st RAT.

Learn more: https://thehackernews.com/2024/01/malicious-ads-on-google-target-chinese.html

41% attacks bypass network security.

Defense-in-Depth isn't enough. Use AI-powered Cyber Threat Intelligence (CTI) and Breach & Attack Simulation (BAS) to test defenses against real-world attacks, uncover vulnerabilities.

Read to find the key: https://thehackernews.com/2024/01/perfecting-defense-in-depth-strategy.html

AI in SaaS = Cool? Maybe. But it also brings NEW security risks.

Join our free WEBINAR with Wing Security's COO for expert insights & actionable tips based on a study of 493 companies on securing your SaaS in 2024.

Reserve your spot now: https://thehacker.news/saas-security-lessons

Mexican banks under attack! Spear-phishing campaign using modified AllaKore RAT targets large companies.

Keyloggers, screen capture, remote control... This modified RAT has it all.

Read the full story: https://thehackernews.com/2024/01/allakore-rat-malware-targeting-mexican.html

Developers, beware! Malicious packages "nigpal" and "figflix" on PyPI contain WhiteSnake info-stealer.

Targets Windows and Linux systems to steal passwords, browser data, wallets, and app logins.

Details: https://thehackernews.com/2024/01/malicious-pypi-packages-slip-whitesnake.html

Protect your code and verify package sources.

⚖️ National Security vs. Privacy.

The U.S. National Security Agency (NSA) admits buying your web browsing data from shady data brokers without warrants. What sites you visit, apps you use, all up for grabs.

Read more: https://thehackernews.com/2024/01/nsa-admits-secretly-buying-your.html

New ransomware variants rising: Faust joins Phobos, targeting systems via infected Excel docs.

Not alone! Albabat, Kasseika, Kuiper, Mimus, and NONAME pose diverse threats with different attack methods and platforms.

Read: https://thehackernews.com/2024/01/albabat-kasseika-kuiper-new-ransomware.html

Make sure your Outlook is patched!

Hackers can remotely steal your Windows login 🔑 NTLM passwords through a vulnerability in Outlook's calendar feature triggered via specially crafted invites.

Details here: https://thehackernews.com/2024/01/researchers-uncover-outlook.html

AI: Defender or Dark Side? The future of cyberwarfare is here, with AI on both sides.

Learn how attackers are using AI to craft invisible threats, and how defenders are harnessing its power to stay ahead.

Read the full story ➡️ https://thehackernews.com/2024/01/riding-ai-waves-rise-of-artificial.html

🚨 Patch now! High-severity Junos OS vulnerabilities exposed (CVE-2024-21619, CVE-2024-21620). These flaws could let attackers steal sensitive data or even take control of your devices.

Details here: https://thehackernews.com/2024/01/juniper-networks-releases-urgent-junos.html

Don't wait - update your Junos OS now!

ZLoader is back -- the infamous malware returns after two years, targeting Windows with advanced ransomware.

Brace yourself for updated #encryption, domain generation, and 64-bit compatibility.

Learn more: https://thehackernews.com/2024/01/new-zloader-malware-variant-surfaces.html

Italy's data watchdog accuses ChatGPT of violating EU privacy laws by collecting sensitive data and exposing children to inappropriate content.

Read the details here, including Apple's warning about the proposed U.K. law → https://thehackernews.com/2024/01/italian-data-protection-watchdog.html

🔒 Strengthening Your Cybersecurity Posture.

Did you know that less than half of cybersecurity pros have complete visibility into vulnerabilities? Regular assessments are key.

Learn more: https://thehackernews.com/2024/01/top-security-posture-vulnerabilities.html

🕵️‍♂️ Chinese hackers, Mustang Panda, targeted Myanmar's Ministry of Defence and Foreign Affairs using custom malware like PUBLOAD and TONESHELL. They delivered it through disguised Microsoft updates and booby-trapped files.

Read details: https://thehackernews.com/2024/01/china-linked-hackers-target-myanmars.html

🚀 ANYRUN now supports Linux!

🐧 Linux faces frequent cyber threats targeting passwords, browser data, wallets, and logins. But with ANYRUN update you can:

✔️ Collect #IOCs using Ubuntu VM
✔️ Analyze Linux-based malware

Try ANYRUN free today! https://thehackernews.co/malware-sandbox