⚡ Announcing the Cyber Sentinel Skills Challenge – a new cyber skills competition from the Department of Defense with $15,000 in cash prizes.

All skill levels are welcome!

Apply to compete: https://thn.news/dod-cybersentinel-challenge

AI = awesome productivity, OR scary security threat? Maybe both!

Software companies rush to integrate generative AI (GenAI) into products, but security vulnerabilities can't be ignored.

Read about GenAI risks: https://thehackernews.com/2024/04/genai-new-headache-for-saas-security.html

🚨 A new stealthy backdoor malware called Kapeka, likely created by Russia's APT group Sandworm, has been targeting Eastern Europe, including Estonia and Ukraine.

Learn more about this cyber threat: https://thehackernews.com/2024/04/russian-apt-deploys-new-kapeka-backdoor.html

Want to make sure your Active Directory isn’t a welcome mat for attackers?

Then grab your copy of the new XM Cyber Active Directory Security Best Practices Checklist – and make sure you’re keeping your organization’s AD safe from threats.

Download ➟ https://thn.news/active-directory-security-checklist

🛑 Hackers are using fake domains of popular IP scanners like Advanced IP Scanner & ManageEngine in a Google Ads malvertising scheme to spread the MadMxShell backdoor – 45+ domains created since November 2023.

Learn more: https://thehackernews.com/2024/04/malicious-google-ads-pushing-fake-ip.html

⚠️ Heads up, Kubernetes users! Hackers have found a way into OpenMetadata and are using your resources to mine cryptocurrencies.

Find out more: https://thehackernews.com/2024/04/hackers-exploit-openmetadata-flaws-to.html

Patch your systems ASAP!

Global law enforcement cracked down on LabHost phishing service!

"Operation Nebulae" arrested 32 individuals, including UK masterminds. LabHost ran 40,000 domains, victimizing over 94,000 in Australia.

Details here: https://thehackernews.com/2024/04/global-police-operation-disrupts.html

🚨 New #Android malware "SoumniBot" targets users in South Korea by exploiting unique evasion tactics.

Find out how it slips through security cracks 👇
https://thehackernews.com/2024/04/new-android-trojan-soumnibot-evades.html

💀 Concerned about malware in PDFs or Office docs?

Sandbox analysis reveals threats (macros, suspicious images, & more) before you click.

🔥 Discover the power of static analysis: https://thehackernews.com/2024/04/how-to-conduct-advanced-static-analysis.html

🛑 Beware: Cybercrime group FIN7 targets U.S. automotive industry with phishing scams to deploy Carbanak #malware.

Read details: https://thehackernews.com/2024/04/fin7-cybercrime-group-targeting-us-auto.html

OfflRouter malware has flown under the radar since 2015, infecting .DOC files within Ukrainian gov networks and leading to potentially confidential documents being exposed.

Details: https://thehackernews.com/2024/04/offlrouter-malware-evades-detection-in.html

🛠️ Ransomware won't wait, and neither should you.

Discover how Zerto’s Continuous Data Protection can dial back to seconds before an attack, ensuring minimal data loss.

Interested in how it works? Click to learn more: https://thehackernews.com/2024/04/recover-from-ransomware-in-5-minuteswe.html

A new threat, 'DuneQuixote', targets Middle Eastern governments with sophisticated evasion tactics and uses a sneaky cross-platform backdoor called CR4T.

🔗 Details here: https://thehackernews.com/2024/04/hackers-target-middle-east-governments.html

Akira ransomware group has extorted approximately $42 MILLION from over 250 global victims. It is now expanding its reach to target Linux, and VMware ESXi systems.

Read: https://thehackernews.com/2024/04/akira-ransomware-gang-extorts-42.html

Thought your firewall was enough?

Guess again... AiTM phishing, OAuth exploits, SSO attacks...hackers are getting creative targeting cloud identities.

Understand the next wave of cyberattacks – read this article: https://thehackernews.com/2024/04/showcasing-networkless-identity-attacks.html

China-linked hacking group Earth Hundun is targeting Asia-Pacific tech, research, and government sectors with advanced malware, including "Waterbear" and its upgraded successor, "Deuterbear."

Details: https://thehackernews.com/2024/04/blacktech-targets-tech-research-and-gov.html

🚨 Urgent: If you use CrushFTP for file transfers, update to the latest version immediately!

A critical flaw is being actively exploited, letting attackers escape Virtual File System (VFS) to access system files.

Click to learn more: https://thehackernews.com/2024/04/critical-update-crushftp-zero-day-flaw.html

Palo Alto Networks reveals more on exploited flaw. Attackers DON'T need device telemetry enabled. This is serious! Update your firewalls ASAP.

Details 👉 https://thehackernews.com/2024/04/palo-alto-networks-discloses-more.html

A new variant of RedLine Stealer, an information-stealing malware, has emerged using Lua bytecode to enhance its ability to evade detection. It is being distributed via repositories on GitHub disguised as game cheats.

Details: https://thehackernews.com/2024/04/new-redline-stealer-variant-disguised.html

North Korea-linked hackers, like Emerald Sleet, are using AI, particularly large language models (LLMs), for cyber operations, including spear-phishing, vulnerability research, reconnaissance and creating malicious content.

Details: https://thehackernews.com/2024/04/microsoft-warns-north-korean-hackers.html

⚠️Windows users, watch out!

Researchers detail a vulnerability in the Windows DOS-to-NT path conversion process which can be exploited by threat actors to gain rootkit-like capabilities, hiding files and processes without admin permissions.

https://thehackernews.com/2024/04/researchers-uncover-windows-flaws.html