🛡️ Is your Ubiquiti EdgeRouter safe? A joint advisory from cybersecurity and intelligence agencies reveals APT28's use of MooBot to exploit your devices.

Read the full advisory: https://thehackernews.com/2024/02/cybersecurity-agencies-warn-ubiquiti.html

Mexican users are under siege by a sophisticated cyberattack campaign using tax-themed phishing emails to plant "TimbreStealer," a data-snatching #malware.

Learn more: https://thehackernews.com/2024/02/timbrestealer-malware-spreading-via-tax.html

BlackCat ransomware is back - healthcare on high alert!

FBI, CISA, and HHS warn healthcare to guard against BlackCat. Ransomware groups escalate attacks using remote access vulnerabilities and custom tools.

Learn more: https://thehackernews.com/2024/02/fbi-warns-us-healthcare-sector-of.html

Is your cybersecurity strategy evolving? Traditional perimeter defenses are no longer enough. Discover how focusing on privileged users can transform your security posture.

Dive deeper into the shift ➜ https://thehackernews.com/2024/02/superusers-need-super-protection-how-to.html

Iranian hackers are using fake job offers to target Middle East industries, particularly in aerospace, aviation, and defense. The cyberattacks have been linked to threat group UNC1549, backed by Iran.

Learn more: https://thehackernews.com/2024/02/iran-linked-unc1549-hackers-target.html

🛑 Attention APT hunters! Chinese hacker groups UNC5325 & UNC3886 are exploiting Ivanti flaws (CVE-2024-21893 & CVE-2024-21887) to deploy persistent malware (LITTLELAMB.WOOLTEA, PITSTOP, PITDOG, PITJET, PITHOOK).

Learn more: https://thehackernews.com/2024/02/chinese-hackers-exploiting-ivanti-vpn.html

🍷 Fancy a glass of malware? New 'SPIKEDWINE' campaign lures European diplomats with fake wine-tasting invites, deploying the sophisticated WINELOADER backdoor.

Learn more: https://thehackernews.com/2024/02/new-backdoor-targeting-european.html

⚠️ Alert, developers! North Korean hackers uploaded malware to PyPI. Packages like pycryptoenv and pycryptoconf targeted typos in popular #encryption library.

Learn more: https://thehackernews.com/2024/02/lazarus-exploits-typos-to-sneak-pypi.html

U.S. President Biden signs Executive Order to prevent mass data transfers—from biometric to financial data—to 'countries of concern' due to #privacy and national security risks.

Read details here: https://thehackernews.com/2024/02/president-biden-blocks-mass-transfer-of.html

🔐 Data privacy is no longer a maybe, it's a must!

Discover how a CDP can help you ethically personalize customer experiences while complying with regulations.

Join our webinar to discover the secrets of first-party data: https://thehackernews.com/2024/02/building-your-privacy-compliant.html

⚠️ Lazarus Group hackers found exploiting a Windows kernel zero-day vulnerability (CVE-2024-21338) weeks after a patch was released, allowing them to gain system-level control and disable security software on targeted systems.

Details here: https://thehackernews.com/2024/02/lazarus-hackers-exploited-windows.html

Beware! A new 🐧 Linux malware called "GTPDOOR" has been discovered that targets 📡 telecom networks and leverages the 🛜 GPRS Tunneling Protocol (GTP) for command-and-control (C2) communications.

Read details here: https://thehackernews.com/2024/02/gtpdoor-linux-malware-targets-telecoms.html

Data breaches are on the rise at an alarming rate. Is your organization's #cybersecurity strategy ready to adapt?

Don't be the next headline – take a proactive approach to cybersecurity.

Learn the key strategies to protect your business: https://thehackernews.com/2024/02/why-risk-based-approach-to.html

New attack technique "Silver SAML" bypasses protections against Golden SAML attacks in apps using Cloud Identity Providers like Microsoft Entra ID.

Read details here: https://thehackernews.com/2024/02/new-silver-saml-attack-evades-golden.html

Good news for devs – GitHub turned on auto secret scanning push protection by default for all pushes to public repositories.

Find out how it works: https://thehackernews.com/2024/03/github-rolls-out-default-secret.html

Five Eyes intelligence alliance warns of cyber threat actors targeting vulnerabilities in Ivanti Connect Secure and Policy Secure gateways. Four vulnerabilities under active attack.

Learn more here: https://thehackernews.com/2024/03/five-eyes-agencies-warn-of-active.html

A new Linux variant of the notorious BIFROSE RAT targets systems with sophisticated evasion techniques, employing deceptive domains to mimic VMware.

Read details – https://thehackernews.com/2024/03/new-bifrose-linux-malware-variant-using.html

🚨 Cryptocurrency users! Watch out for a sophisticated phishing attack mimicking Binance, Coinbase, Gemini & more. Don't fall for fake logins, emails, texts, or calls.

Learn more: https://thehackernews.com/2024/03/new-phishing-kit-leverages-sms-voice.html

"It'll never happen to us" = Famous last words in data disasters.

The silent heroes of cybersecurity are often the recovery plans that never get tested until D-Day. Check out these invaluable lessons from recent tech mishaps: https://thehackernews.com/2024/03/4-instructive-postmortems-on-data.html

U.S. DOJ indicted Iranian Alireza Shafie Nasab for cyberattacks on the government and private sectors, offering up to $10 million for info leading to his capture.

Learn more: https://thehackernews.com/2024/03/us-charges-iranian-hacker-offers-10.html

A U.S. court has ordered Israeli spyware company NSO Group to disclose the source code and functionality details of its Pegasus spyware to Meta (Facebook/WhatsApp).

Learn more: https://thehackernews.com/2024/03/us-court-orders-nso-group-to-hand-over.html