Russian Malware Mastermind Jailed!

5 years for Vladimir Dunaev, creator of TrickBot, a Swiss Army knife of cybercrime. This malware wasn't just about stealing money. It targeted critical healthcare systems during a pandemic.

Details here → https://thehackernews.com/2024/01/russian-trickbot-mastermind-gets-5-year.html

🕵️ Cozy Bear returns! Microsoft confirms Russian hackers who breached them in November are now targeting more organizations.

Their playbook includes stolen credentials, supply chain attacks, OAuth abuse, and more.

Read more → https://thehackernews.com/2024/01/microsoft-warns-of-widening-apt29.html

⚠️ Chinese users beware! Malicious Google ads pushing fake Telegram & LINE apps. Cybercriminals are using fake messaging app ads to deploy RATs like PlugX & Gh0st RAT.

Learn more: https://thehackernews.com/2024/01/malicious-ads-on-google-target-chinese.html

41% attacks bypass network security.

Defense-in-Depth isn't enough. Use AI-powered Cyber Threat Intelligence (CTI) and Breach & Attack Simulation (BAS) to test defenses against real-world attacks, uncover vulnerabilities.

Read to find the key: https://thehackernews.com/2024/01/perfecting-defense-in-depth-strategy.html

AI in SaaS = Cool? Maybe. But it also brings NEW security risks.

Join our free WEBINAR with Wing Security's COO for expert insights & actionable tips based on a study of 493 companies on securing your SaaS in 2024.

Reserve your spot now: https://thehacker.news/saas-security-lessons

Mexican banks under attack! Spear-phishing campaign using modified AllaKore RAT targets large companies.

Keyloggers, screen capture, remote control... This modified RAT has it all.

Read the full story: https://thehackernews.com/2024/01/allakore-rat-malware-targeting-mexican.html

Developers, beware! Malicious packages "nigpal" and "figflix" on PyPI contain WhiteSnake info-stealer.

Targets Windows and Linux systems to steal passwords, browser data, wallets, and app logins.

Details: https://thehackernews.com/2024/01/malicious-pypi-packages-slip-whitesnake.html

Protect your code and verify package sources.

⚖️ National Security vs. Privacy.

The U.S. National Security Agency (NSA) admits buying your web browsing data from shady data brokers without warrants. What sites you visit, apps you use, all up for grabs.

Read more: https://thehackernews.com/2024/01/nsa-admits-secretly-buying-your.html

New ransomware variants rising: Faust joins Phobos, targeting systems via infected Excel docs.

Not alone! Albabat, Kasseika, Kuiper, Mimus, and NONAME pose diverse threats with different attack methods and platforms.

Read: https://thehackernews.com/2024/01/albabat-kasseika-kuiper-new-ransomware.html

Make sure your Outlook is patched!

Hackers can remotely steal your Windows login 🔑 NTLM passwords through a vulnerability in Outlook's calendar feature triggered via specially crafted invites.

Details here: https://thehackernews.com/2024/01/researchers-uncover-outlook.html

AI: Defender or Dark Side? The future of cyberwarfare is here, with AI on both sides.

Learn how attackers are using AI to craft invisible threats, and how defenders are harnessing its power to stay ahead.

Read the full story ➡️ https://thehackernews.com/2024/01/riding-ai-waves-rise-of-artificial.html

🚨 Patch now! High-severity Junos OS vulnerabilities exposed (CVE-2024-21619, CVE-2024-21620). These flaws could let attackers steal sensitive data or even take control of your devices.

Details here: https://thehackernews.com/2024/01/juniper-networks-releases-urgent-junos.html

Don't wait - update your Junos OS now!

ZLoader is back -- the infamous malware returns after two years, targeting Windows with advanced ransomware.

Brace yourself for updated #encryption, domain generation, and 64-bit compatibility.

Learn more: https://thehackernews.com/2024/01/new-zloader-malware-variant-surfaces.html

Italy's data watchdog accuses ChatGPT of violating EU privacy laws by collecting sensitive data and exposing children to inappropriate content.

Read the details here, including Apple's warning about the proposed U.K. law → https://thehackernews.com/2024/01/italian-data-protection-watchdog.html

🔒 Strengthening Your Cybersecurity Posture.

Did you know that less than half of cybersecurity pros have complete visibility into vulnerabilities? Regular assessments are key.

Learn more: https://thehackernews.com/2024/01/top-security-posture-vulnerabilities.html

🕵️‍♂️ Chinese hackers, Mustang Panda, targeted Myanmar's Ministry of Defence and Foreign Affairs using custom malware like PUBLOAD and TONESHELL. They delivered it through disguised Microsoft updates and booby-trapped files.

Read details: https://thehackernews.com/2024/01/china-linked-hackers-target-myanmars.html

🚀 ANYRUN now supports Linux!

🐧 Linux faces frequent cyber threats targeting passwords, browser data, wallets, and logins. But with ANYRUN update you can:

✔️ Collect #IOCs using Ubuntu VM
✔️ Analyze Linux-based malware

Try ANYRUN free today! https://thehackernews.co/malware-sandbox

Hackers could write ANY file on your GitLab server while creating a workspace. This critical flaw (CVE-2024-0402) affects all versions before 16.5.8!

Patch NOW. Details here → https://thehackernews.com/2024/01/urgent-upgrade-gitlab-critical.html

Big Bust in Brazil: Key Grandoreiro #malware operators Arrested!

Brazilian law enforcement has taken down a major cybercrime ring behind the notorious Grandoreiro banking trojan.

Find details here → https://thehackernews.com/2024/01/brazilian-feds-dismantle-grandoreiro.html

🚨 A new glibc flaw (CVE-2023-6246) gives attackers root access on Linux.

This high-severity vulnerability impacts major distros like Debian, Ubuntu, and Fedora. Don't wait, update your systems!

Find details here → https://thehackernews.com/2024/01/new-glibc-flaw-grants-attackers-root.html

⚠️ Chinese nation-state hacker group UTA0178 weaponized Ivanti VPN vulnerabilities to deploy the Rust-based KrustyLoader, cryptocurrency miners, and the Golang-based Silver post-exploitation framework.

Read details here → https://thehackernews.com/2024/01/chinese-hackers-exploiting-critical-vpn.html