Tired of being overwhelmed by security exposures?
Discover the power of Continuous Threat Exposure Management (CTEM). Identify critical assets, prioritize risks, and get actionable recommendations for improved security posture.
Get started π https://thehackernews.com/2024/03/ctem-101-go-beyond-vulnerability.html
Discover the power of Continuous Threat Exposure Management (CTEM). Identify critical assets, prioritize risks, and get actionable recommendations for improved security posture.
Get started π https://thehackernews.com/2024/03/ctem-101-go-beyond-vulnerability.html
π₯13π9
π¨ Microsoft releases Patch Tuesday updates to patch 61 new vulnerabilities, including privilege escalation flaws in Azure, Windows, & Authenticator.
Update ASAP. Learn more: https://thehackernews.com/2024/03/microsofts-march-updates-fix-61.html
Update ASAP. Learn more: https://thehackernews.com/2024/03/microsofts-march-updates-fix-61.html
π14π7π3π₯1
π¨ Alert: A new phishing campaign uses a Java-based downloader to distribute VCURMS & STRRAT RATs, leveraging public services like AWS & GitHub for malware hosting.
Learn more: https://thehackernews.com/2024/03/alert-cybercriminals-deploying-vcurms.html
Learn more: https://thehackernews.com/2024/03/alert-cybercriminals-deploying-vcurms.html
π±11π4π1
Beware of adversary-in-the-middle attacks: Hackers create fake login pages to steal credentials and manipulate MFA prompts. Protect yourself by verifying websites and being cautious with links
Read: https://thehackernews.com/2024/02/4-ways-hackers-use-social-engineering.html
Read: https://thehackernews.com/2024/02/4-ways-hackers-use-social-engineering.html
π₯12π7π1
Researchers reveal Google's Gemini AI is vulnerable to LLM attacks that could leak sensitive data, generate harmful content, and be used for malicious purposes.
Read: https://thehackernews.com/2024/03/researchers-highlight-googles-gemini-ai.html
Read: https://thehackernews.com/2024/03/researchers-highlight-googles-gemini-ai.html
π27π5
Cybercriminals are now targeting the latest weak spotβidentities within SaaS applications.
Join our webinar to learn how to secure both human and non-human identities against data breaches and financial losses.
Register now: https://thehackernews.com/2024/03/join-our-webinar-on-protecting-human.html
Join our webinar to learn how to secure both human and non-human identities against data breaches and financial losses.
Register now: https://thehackernews.com/2024/03/join-our-webinar-on-protecting-human.html
π19π2
Latest version of PixPirate Android banking trojan evades detection by removing the ability to launch the app from the home screen. The complex infection chain involves both a downloader and the main malicious app working in tandem.
Read: https://thehackernews.com/2024/03/pixpirate-android-banking-trojan-using.html
Read: https://thehackernews.com/2024/03/pixpirate-android-banking-trojan-using.html
π11π₯5
Tools of the Trade: Anti-malware scanning, WAFs, and sandboxing alone aren't sufficient for protecting against malicious uploads.
Learn why and discover what offers better protection in our detailed analysis: https://thehackernews.com/2024/03/demystifying-common-cybersecurity-myth.html
Learn why and discover what offers better protection in our detailed analysis: https://thehackernews.com/2024/03/demystifying-common-cybersecurity-myth.html
π₯9π8π€―4π2
β οΈ Vulnerability Alert: Fortinet warns of a severe SQL Injection vulnerability (CVE-2023-48788) in FortiClientEMS allowing unauthenticated attackers to execute code remotely.
Details: https://thehackernews.com/2024/03/fortinet-warns-of-severe-sqli.html
Check if your versions are affected and upgrade ASAP!
Details: https://thehackernews.com/2024/03/fortinet-warns-of-severe-sqli.html
Check if your versions are affected and upgrade ASAP!
π21π€―9π6π₯4
π A new DarkGate malware campaign uses a recently patched #Microsoft Windows flaw (CVE-2024-21412) to deploy malicious software via bogus installers.
Learn more: https://thehackernews.com/2024/03/darkgate-malware-exploits-recently.html
Learn more: https://thehackernews.com/2024/03/darkgate-malware-exploits-recently.html
π₯16π€―6π2π1π±1
Researchers detail a high-severity flaw in Kubernetes, CVE-2023-5528, that allowed attackers remote code execution with SYSTEM privileges on Windows endpoints within a cluster.
Learn more: https://thehackernews.com/2024/03/researchers-detail-kubernetes.html
Learn more: https://thehackernews.com/2024/03/researchers-detail-kubernetes.html
π11π₯9π1
RedCurl cybercrime group found exploiting Windows Program Compatibility Assistant for malicious activities. This sophisticated method allows attackers to bypass security and run malicious commands.
Read: https://thehackernews.com/2024/03/redcurl-cybercrime-group-abuses-windows.html
Read: https://thehackernews.com/2024/03/redcurl-cybercrime-group-abuses-windows.html
π12π₯8π1
Blind Eagle expands its cyber threats, now using Ande Loader malware to deliver RATs via phishing.
Targets? Spanish-speaking manufacturing industry in North America
Read: https://thehackernews.com/2024/03/ande-loader-malware-targets.html
Targets? Spanish-speaking manufacturing industry in North America
Read: https://thehackernews.com/2024/03/ande-loader-malware-targets.html
π13π₯7π1
Russian-Canadian national Mikhail Vasiliev has been sentenced to nearly 4 years in prison for his role in the infamous LockBit ransomware operation and has been ordered to pay over $860,000 in restitution.
Read details here: https://thehackernews.com/2024/03/lockbit-ransomware-hacker-ordered-to.html
Read details here: https://thehackernews.com/2024/03/lockbit-ransomware-hacker-ordered-to.html
π15π13π€―12
π Balancing act for CISOs: Ensuring security without hindering productivity.
Discover how Cato SSE 360, part of the Cato SASE Cloud platform, nails this balance by optimizing cost, complexity, and user experience.
Read: https://thehackernews.com/2024/03/3-things-cisos-achieve-with-cato.html
Discover how Cato SSE 360, part of the Cato SASE Cloud platform, nails this balance by optimizing cost, complexity, and user experience.
Read: https://thehackernews.com/2024/03/3-things-cisos-achieve-with-cato.html
π8π4π2
π¨ Alert for Chinese software seekers! Bogus ads on search engines like Baidu lead to fake Notepad++ & VNote downloads, deploying the Geacon trojan. Double-check URLs!
Read: https://thehackernews.com/2024/03/malicious-ads-targeting-chinese-users.html
Read: https://thehackernews.com/2024/03/malicious-ads-targeting-chinese-users.html
π10π₯6π1
Get the inside scoop on 2024's top threats.
We're thrilled to invite you to a series of webinars that will redefine your understanding of #cybersecurity in the era of SaaS, Generative AI, and comprehensive application protection.
REGISTER NOW π https://www.linkedin.com/pulse/saas-app-gen-ai-security-3-new-must-attend-live-webinars-fd9pc/
We're thrilled to invite you to a series of webinars that will redefine your understanding of #cybersecurity in the era of SaaS, Generative AI, and comprehensive application protection.
REGISTER NOW π https://www.linkedin.com/pulse/saas-app-gen-ai-security-3-new-must-attend-live-webinars-fd9pc/
Linkedin
SaaS, App and Gen AI Security - 3 New Must-Attend Live Webinars
In a digital era where cyber threats evolve faster than a blink, staying ahead isn't just an advantage; it's a necessity. We're thrilled to invite you to a groundbreaking series of webinars that will redefine your understanding of cybersecurity in the eraβ¦
π6π5π€4
π‘οΈ Google rolls out an enhanced Safe Browsing feature for Chrome on desktop & iOS.
Now with real-time URL checks against known malicious sites, aiming to block 25% more phishing attempts.
Learn more: https://thehackernews.com/2024/03/google-introduces-enhanced-real-time.html
Now with real-time URL checks against known malicious sites, aiming to block 25% more phishing attempts.
Learn more: https://thehackernews.com/2024/03/google-introduces-enhanced-real-time.html
π17π€9π6π₯5β‘2π2
Researchers have uncovered new threat in third-party plugins for OpenAI's ChatGPT that could allow attackers to install malicious plugins without users' consent and hijack accounts on third-party websites such as GitHub.
Read: https://thehackernews.com/2024/03/third-party-chatgpt-plugins-could-lead.html
Read: https://thehackernews.com/2024/03/third-party-chatgpt-plugins-could-lead.html
π₯20π8π±5π2
Researchers have uncovered "GhostRace" (CVE-2024-2193), a new variation of the Spectre v1 vulnerability affecting CPUs with speculative execution. This attack exploits race conditions to allow attackers to leak sensitive data.
Read: https://thehackernews.com/2024/03/ghostrace-new-data-leak-vulnerability.html
Read: https://thehackernews.com/2024/03/ghostrace-new-data-leak-vulnerability.html
π₯22π8π3
Watch Out! Hackers are using fake cracked software on GitHub to spread the RisePro information-stealing malware.
Read: https://thehackernews.com/2024/03/hackers-using-cracked-software-on.html
Read: https://thehackernews.com/2024/03/hackers-using-cracked-software-on.html
π18π€―9π8π₯3π2