New China-linked cyber espionage group, Liminal Panda, targets telecom giants in South Asia & Africa for intelligence gathering.
Their custom malware toolkit, including tools like SIGTRANslator and PingPong, is designed for deep access into telecom networks and mobile data interception.
Dive into the details of these high-stakes espionage tactics: https://thehackernews.com/2024/11/china-backed-hackers-leverage-sigtran.html
Their custom malware toolkit, including tools like SIGTRANslator and PingPong, is designed for deep access into telecom networks and mobile data interception.
Dive into the details of these high-stakes espionage tactics: https://thehackernews.com/2024/11/china-backed-hackers-leverage-sigtran.html
π8π5β‘4
π Decade-old vulnerabilities in Ubuntu Serverβs needrestart package allow local attackers to gain root privileges with no user interaction.
If youβre using Ubuntu Server, these vulnerabilities could give attackers complete control over your system.
Learn more about how these flaws work: https://thehackernews.com/2024/11/decades-old-security-vulnerabilities.html
If youβre using Ubuntu Server, these vulnerabilities could give attackers complete control over your system.
Learn more about how these flaws work: https://thehackernews.com/2024/11/decades-old-security-vulnerabilities.html
π₯13π7π5β‘3π1
The ANY.RUN sandbox now lets you automatically detonate the latest multi-stage malware and phishing attacks.
Stages may include email attachments, URLs in QRs, rewritten links, redirects, etc.
See how it works and try it yourself β¬οΈ https://thn.news/automated-interactivity-stage-tel
Stages may include email attachments, URLs in QRs, rewritten links, redirects, etc.
See how it works and try it yourself β¬οΈ https://thn.news/automated-interactivity-stage-tel
ANY.RUN's Cybersecurity Blog
Automated Interactivity: Stage 2 - ANY.RUN's Cybersecurity Blog
See how the ANYRUN sandbox automatically detonates common cyber attack chains without any user involvement, including via API.
π₯14π7β‘1
By 2025, Non-human identities (NHIs) will be the prime vector for cyberattacks.
As automation, AI, and IoT grow, so does the attack surface. Attackers exploit NHIs to breach systems before traditional defenses can react.
Discover how NHIDR can proactively detect and stop attacks in their tracks.
Read the full article: https://thehackernews.com/2024/11/nhis-are-future-of-cybersecurity-meet.html
As automation, AI, and IoT grow, so does the attack surface. Attackers exploit NHIs to breach systems before traditional defenses can react.
Discover how NHIDR can proactively detect and stop attacks in their tracks.
Read the full article: https://thehackernews.com/2024/11/nhis-are-future-of-cybersecurity-meet.html
π13β‘2
π¨ WATCH OUT! Cybercriminals have unlocked a terrifying new cash-out method, using NFC technology and exploiting Google Pay and Apple Pay to steal funds from your π³ digital wallet β no phone required.
A new technique called Ghost Tap relays NFC traffic between devices, allowing criminals to cash out in different countries, undetected.
Learn how this attack works: https://thehackernews.com/2024/11/ghost-tap-hackers-exploiting-nfcgate-to.html
A new technique called Ghost Tap relays NFC traffic between devices, allowing criminals to cash out in different countries, undetected.
Learn how this attack works: https://thehackernews.com/2024/11/ghost-tap-hackers-exploiting-nfcgate-to.html
π€―12π11π4β‘3π€3π₯1
Microsoft is launching a new Windows Resiliency Initiative to enhance security and system integrity:
β Quick Machine Recovery
β Security Tools in User Mode
β Hardware-Backed Security
β Administrator Protection
β Passkeys in Windows Hello
β Windows Protected Print
β Personal Data Encryption
β Hotpatch
β Zero Trust DNS
β Config Refresh
Find details here: https://thehackernews.com/2024/11/microsoft-launches-windows-resiliency.html
#Cybersecurity
β Quick Machine Recovery
β Security Tools in User Mode
β Hardware-Backed Security
β Administrator Protection
β Passkeys in Windows Hello
β Windows Protected Print
β Personal Data Encryption
β Hotpatch
β Zero Trust DNS
β Config Refresh
Find details here: https://thehackernews.com/2024/11/microsoft-launches-windows-resiliency.html
#Cybersecurity
π29π9π4π€1
π¨ Facebook Ads Manager under attack!
A revamped python-based NodeStealer #malware now targets Facebook business accounts, harvesting credit card data from browsers. It utilizes techniques like Windows Restart Manager to unlock database files, junk code injection, and dynamic execution of Python scripts.
π Find out how: https://thehackernews.com/2024/11/nodestealer-malware-targets-facebook-ad.html
A revamped python-based NodeStealer #malware now targets Facebook business accounts, harvesting credit card data from browsers. It utilizes techniques like Windows Restart Manager to unlock database files, junk code injection, and dynamic execution of Python scripts.
π Find out how: https://thehackernews.com/2024/11/nodestealer-malware-targets-facebook-ad.html
π€10β‘7π7π4π2
Google's AI-driven tool OSS-Fuzz uncovered 26 flaws across various open-source repositories, including a serious flaw (CVE-2024-9143) in OpenSSL, marking a milestone in automated #vulnerability detection.
Read the full article here β https://thehackernews.com/2024/11/googles-ai-powered-oss-fuzz-tool-finds.html
Read the full article here β https://thehackernews.com/2024/11/googles-ai-powered-oss-fuzz-tool-finds.html
π15π₯15π5π3
π΅οΈββοΈ 5 members of the Scattered Spider cybercrime crew have been indicted in the U.S. for sophisticated phishing attacks targeting companies & individuals, stealing π° millions in cryptocurrency.
Read the full article β https://thehackernews.com/2024/11/5-scattered-spider-gang-members.html
Read the full article β https://thehackernews.com/2024/11/5-scattered-spider-gang-members.html
π8β‘5π₯3π€―3π1
False positives are a headache, but a false negative? Thatβs where the real danger lies.
Imagine thinking you've fixed a #vulnerability, only for attackers to sneak in undetected. Aesopβs Boy Who Cried Wolf is still relevant today.
A false negative could cost your company everythingβfrom compromised credentials to ransomware. Are your defenses really working?
Find out why ASV tools are the cybersecurity game-changer you need. Read the full story here: https://thehackernews.com/2024/11/cyber-story-time-boy-who-cried-secure.html
Imagine thinking you've fixed a #vulnerability, only for attackers to sneak in undetected. Aesopβs Boy Who Cried Wolf is still relevant today.
A false negative could cost your company everythingβfrom compromised credentials to ransomware. Are your defenses really working?
Find out why ASV tools are the cybersecurity game-changer you need. Read the full story here: https://thehackernews.com/2024/11/cyber-story-time-boy-who-cried-secure.html
π5π₯3π€―3π2β‘1
π North Korean actors are using fake identities and front companies to secure IT jobs globally. Their income is funneled back to fund DPRKβs WMD and ballistic missile programs.
Learn more: https://thehackernews.com/2024/11/north-korean-front-companies.html
Learn more: https://thehackernews.com/2024/11/north-korean-front-companies.html
π15π8π€―6π±6β‘5π4
Do your employees keep getting phished with adversary-in-the-middle AitM kits like Evilginx, Nakedpages, and Tycoon? You arenβt the only oneβ¦
Find out why attackers are getting through your anti-phishing controls in the latest webinar from Push Security.
Register for your space here: https://thn.news/phish-kit-webinar-tg
Find out why attackers are getting through your anti-phishing controls in the latest webinar from Push Security.
Register for your space here: https://thn.news/phish-kit-webinar-tg
π8β‘4π₯2
PAM automates password management and rotation, a simple yet powerful way to prevent breaches.
It minimizes human error, helping you stay ahead of credential-based attacks.
Learn how PAM secures your systems with automated password management: https://thehackernews.com/2024/11/10-most-impactful-pam-use-cases-for.html
It minimizes human error, helping you stay ahead of credential-based attacks.
Learn how PAM secures your systems with automated password management: https://thehackernews.com/2024/11/10-most-impactful-pam-use-cases-for.html
π9β‘3π3
π¨ New China-linked APT Gelsemium targets #LinuxβThe notorious group has launched a new Linux backdoor, WolfsBane, alongside another malware tool called FireWood, raising cybersecurity alarms.
WolfsBane and FireWood are targeting East & Southeast Asia, exploiting unknown vulnerabilities to steal sensitive data.
Read: https://thehackernews.com/2024/11/chinese-apt-gelsemium-targets-linux.html
WolfsBane and FireWood are targeting East & Southeast Asia, exploiting unknown vulnerabilities to steal sensitive data.
Read: https://thehackernews.com/2024/11/chinese-apt-gelsemium-targets-linux.html
π±10π6β‘4π3
Over 145,000 industrial control systems (ICS) are exposed to the internet across 175 countries, with the U.S. leading the pack.
New malware strains like FrostyGoop are leveraging vulnerabilities in Modbus TCP to target exposed ICS devices.
Read β https://thehackernews.com/2024/11/over-145000-industrial-control-systems.html
New malware strains like FrostyGoop are leveraging vulnerabilities in Modbus TCP to target exposed ICS devices.
Read β https://thehackernews.com/2024/11/over-145000-industrial-control-systems.html
π13π₯5β‘1
π¨ THREAT ALERT! Over 2,000 Palo Alto Networks devices have been compromised in an ongoing, widespread attack.
The vulnerabilities, CVE-2024-0012 and CVE-2024-9474, could allow attackers to execute arbitrary code and deploy malware on affected devices.
π Donβt wait for a breachβlearn more about this campaign and how to protect your devices: https://thehackernews.com/2024/11/warning-over-2000-palo-alto-networks.html
The vulnerabilities, CVE-2024-0012 and CVE-2024-9474, could allow attackers to execute arbitrary code and deploy malware on affected devices.
π Donβt wait for a breachβlearn more about this campaign and how to protect your devices: https://thehackernews.com/2024/11/warning-over-2000-palo-alto-networks.html
β‘14π4π4π€―4π±3
π‘οΈβ‘ Is Your Business Prepared for Certificate Revocations?
Donβt wait for a crisis! Check out our latest webinar to learn how automation can quickly minimize disruptions when certificates are revoked.
Watch NOW and learn how to stay agile: https://thehacker.news/rapid-ssl-certificate
Donβt wait for a crisis! Check out our latest webinar to learn how automation can quickly minimize disruptions when certificates are revoked.
Watch NOW and learn how to stay agile: https://thehacker.news/rapid-ssl-certificate
π10β‘6
π Malicious Python packages impersonating AI models like ChatGPT and Claude have been found on PyPI.
Theyβve been used to deploy a dangerous information stealer, JarkaStealer, which silently harvested sensitive data from victims before erasing all traces.
Discover the full extent of this attack β https://thehackernews.com/2024/11/pypi-attack-chatgpt-claude.html
Theyβve been used to deploy a dangerous information stealer, JarkaStealer, which silently harvested sensitive data from victims before erasing all traces.
Discover the full extent of this attack β https://thehackernews.com/2024/11/pypi-attack-chatgpt-claude.html
π15π8π₯4β‘2π1
β
Microsoft seized 240 fraudulent websites linked to an Egypt-based cybercriminal behind the ONNX phishing kit.
β The DoJ dismantled PopeyeTools, a marketplace for stolen financial data and fraud tools.
β Meta took down over 2M accounts tied to Southeast Asian pig butchering scam centers.
Find all details here: https://thehackernews.com/2024/11/microsoft-meta-and-doj-disrupt-global.html
β The DoJ dismantled PopeyeTools, a marketplace for stolen financial data and fraud tools.
β Meta took down over 2M accounts tied to Southeast Asian pig butchering scam centers.
Find all details here: https://thehackernews.com/2024/11/microsoft-meta-and-doj-disrupt-global.html
π17β‘6π₯2π2π€2
Russian-linked cyber espionage group TAG-110 is targeting organizations in Central Asia, East Asia, and Europe using sophisticated custom malware tools, HATVIBE and CHERRYSPY.
Learn how to defend against these targeted cyberattacksβ https://thehackernews.com/2024/11/russian-hackers-deploy-hatvibe-and.html
Learn how to defend against these targeted cyberattacksβ https://thehackernews.com/2024/11/russian-hackers-deploy-hatvibe-and.html
π₯18π11π€―5π4β‘1π1
A China-linked nation-state group named TAG-112 targeted Tibetan media and university websites, using a cyber espionage campaign to deliver the Cobalt Strike post-exploitation toolkit.
Learn more β https://thehackernews.com/2024/11/china-linked-tag-112-targets-tibetan.html
Learn more β https://thehackernews.com/2024/11/china-linked-tag-112-targets-tibetan.html
β‘10π9π₯4π€―1