Beware! A new 🐧 Linux malware called "GTPDOOR" has been discovered that targets 📡 telecom networks and leverages the 🛜 GPRS Tunneling Protocol (GTP) for command-and-control (C2) communications.

Read details here: https://thehackernews.com/2024/02/gtpdoor-linux-malware-targets-telecoms.html

Data breaches are on the rise at an alarming rate. Is your organization's #cybersecurity strategy ready to adapt?

Don't be the next headline – take a proactive approach to cybersecurity.

Learn the key strategies to protect your business: https://thehackernews.com/2024/02/why-risk-based-approach-to.html

New attack technique "Silver SAML" bypasses protections against Golden SAML attacks in apps using Cloud Identity Providers like Microsoft Entra ID.

Read details here: https://thehackernews.com/2024/02/new-silver-saml-attack-evades-golden.html

Good news for devs – GitHub turned on auto secret scanning push protection by default for all pushes to public repositories.

Find out how it works: https://thehackernews.com/2024/03/github-rolls-out-default-secret.html

Five Eyes intelligence alliance warns of cyber threat actors targeting vulnerabilities in Ivanti Connect Secure and Policy Secure gateways. Four vulnerabilities under active attack.

Learn more here: https://thehackernews.com/2024/03/five-eyes-agencies-warn-of-active.html

A new Linux variant of the notorious BIFROSE RAT targets systems with sophisticated evasion techniques, employing deceptive domains to mimic VMware.

Read details – https://thehackernews.com/2024/03/new-bifrose-linux-malware-variant-using.html

🚨 Cryptocurrency users! Watch out for a sophisticated phishing attack mimicking Binance, Coinbase, Gemini & more. Don't fall for fake logins, emails, texts, or calls.

Learn more: https://thehackernews.com/2024/03/new-phishing-kit-leverages-sms-voice.html

"It'll never happen to us" = Famous last words in data disasters.

The silent heroes of cybersecurity are often the recovery plans that never get tested until D-Day. Check out these invaluable lessons from recent tech mishaps: https://thehackernews.com/2024/03/4-instructive-postmortems-on-data.html

U.S. DOJ indicted Iranian Alireza Shafie Nasab for cyberattacks on the government and private sectors, offering up to $10 million for info leading to his capture.

Learn more: https://thehackernews.com/2024/03/us-charges-iranian-hacker-offers-10.html

A U.S. court has ordered Israeli spyware company NSO Group to disclose the source code and functionality details of its Pegasus spyware to Meta (Facebook/WhatsApp).

Learn more: https://thehackernews.com/2024/03/us-court-orders-nso-group-to-hand-over.html

🚨 Multiple U.S. agencies are warning about Phobos ransomware, a RaaS deployed in widespread attacks against critical infrastructure.

Organizations need up-to-date threat intelligence – read more: https://thehackernews.com/2024/03/phobos-ransomware-aggressively.html

Roughly 100 malicious AI/ML models have been discovered on the popular Hugging Face development platform.

Read how attackers can gain full system control: https://thehackernews.com/2024/03/over-100-malicious-aiml-models-found-on.html

SaaS apps are everywhere, but are they secure? Mid-market companies face unique risks in managing app usage.

Learn how to manage SaaS security without the headaches 👇 https://thehackernews.com/2024/03/from-500-to-5000-employees-securing-3rd.html

Cybercriminals are abusing India's UPI system by using the XHelper app to launder money on a large scale. They recruit Indian money mules, offering commissions for laundering money through fake mobile payment gateways.

Learn more: https://thehackernews.com/2024/03/how-cybercriminals-are-exploiting.html

Critical TeamCity software flaws leave CI/CD servers open to complete takeover.

Read more about CVE-2024-27198, CVE-2024-27199 and update your systems now → https://thehackernews.com/2024/03/critical-jetbrains-teamcity-on-premises.html

Beware of ZIP attachments in emails! TA577's new phishing tactic aims to steal NTLM hashes, posing a serious threat to enterprise security.

Learn how they're advancing cybercrime tactics: https://thehackernews.com/2024/03/warning-thread-hijacking-attack-targets.html

225,000+ login credentials for OpenAI's ChatGPT accounts were stolen by LummaC2, Raccoon, and RedLine malware, then sold on the dark web.

Learn more: https://thehackernews.com/2024/03/over-225000-compromised-chatgpt.html

Watch Out - Cybercrime group "Savvy Seahorse" exploits a novel DNS hijacking technique for investment scams. They employ fake trading platforms, social media ads, and even AI chatbots to lure victims.

Learn more: https://thehackernews.com/2024/03/cybercriminals-using-novel-dns.html

North Korean hackers exploit ConnectWise ScreenConnect vulnerabilities (CVE-2024-1708 & CVE-2024-1709) to deploy TODDLERSHARK malware, adding to the notorious Kimsuky arsenal alongside BabyShark and ReconShark.

Learn more: https://thehackernews.com/2024/03/hackers-exploit-connectwise.html

🚨 Heads up, Apple users!

Apple rolls out crucial updates for iOS & iPadOS to patch actively exploited vulnerabilities CVE-2024-23225 & CVE-2024-23296, enhancing kernel memory protection.

Ensure your devices are updated: https://thehackernews.com/2024/03/urgent-apple-issues-critical-updates.html

Group-IB uncovers #LotusBane, an advanced threat actor using sophisticated methods like DLL side-loading for cyber espionage in Vietnam. Similarities with OceanLotus raise concerns.

Read: https://thehackernews.com/2024/03/new-apt-group-lotus-bane-behind-recent.html