A New APT Emerges: Grayling, an unknown player, targets IT, manufacturing, and biomedical sectors in Taiwan. Researchers reveal their distinctive techniques in the latest report.

Read: https://thehackernews.com/2023/10/researchers-uncover-grayling-apts.html

🔑 Default password-free sign-ins for everyone. Google introduces passkeys for all users, simplifying your online security.

Learn all about it: https://thehackernews.com/2023/10/google-adopts-passkeys-as-default-sign.html

🚨 Online risks to children are increasing.

Thorn's report reveals minors are sharing explicit images, sometimes coerced. Learn how tech is using "hashing and matching" to combat this online threat.

Read: https://thehackernews.com/2023/10/new-report-child-sexual-abuse-content.html

⚡ Beware of the HTTP/2 Rapid Reset attack!

A novel zero-day flaw is being exploited to launch record-breaking distributed DDoS attacks.

Find out more here: https://thehackernews.com/2023/10/http2-rapid-reset-zero-day.html

Learn how AWS, Cloudflare, and Google are addressing CVE-2023-44487.

🛑 A critical flaw (CVE-2023-22515) in Atlassian Confluence is being exploited by a nation-state actor, Storm-0062.

Read: https://thehackernews.com/2023/10/microsoft-warns-of-nation-state-hackers.html

Upgrade to the latest versions ASAP to safeguard your data and systems.

⚠️ Adobe Acrobat Reader users, beware! CISA adds high-severity flaw in Adobe Acrobat Reader to its Known Exploited Vulnerabilities list.

Read: https://thehackernews.com/2023/10/us-cybersecurity-agency-warns-of.html

Don't wait – update your software now.

🛡️ Microsoft's October 2023 Patch Tuesday: 103 new vulnerabilities addressed, including 2 zero-days and 13 critical ones.

Find details for CVE-2023-36563 and CVE-2023-41763 and other flaws here — https://thehackernews.com/2023/10/microsoft-releases-october-2023-patches.html

Update now to protect your systems.

🔐 Protect your organization's data! Password security is crucial. Discover the risks of password reuse and how to mitigate them with Specops Password Policy.

Read: https://thehackernews.com/2023/10/take-offensive-approach-to-password.html

🕵️‍♂️ Over 17,000 WordPress sites hit by Balada Injector malware in Sept 2023, double the August numbers.

Find out how attackers exploiting vulnerabilties to inject malicious scripts and gain persistent access.

Read details: https://thehackernews.com/2023/10/over-17000-wordpress-sites-compromised.html

📢 Security Advisory : Two major security flaws in the Curl data transfer library exposed. CVE-2023-38545, the worst of them, could lead to code execution.

Learn more about them here: https://thehackernews.com/2023/10/two-high-risk-security-flaws-discovered.html

Patch your systems and software immediately.

Cybersecurity experts uncover an ongoing threat to government and telecom entities in Asia. Learn how a campaign named "Stayin' Alive" is deploying malware.

Check out the details: https://thehackernews.com/2023/10/researchers-uncover-ongoing.html

Microsoft's Defender for Endpoint just thwarted a large-scale encryption attack by Akira ransomware.

How? Find out more: https://thehackernews.com/2023/10/microsoft-defender-thwarts-akira.html

📈 Employee usage of GenAI apps has risen by 44%. Unintentional exposure? Targeted attacks? LayerX delves into understanding the risks and offering business solutions.

Read: https://thehackernews.com/2023/10/how-to-guard-your-data-from-exposure-in.html

⚠️ Ever heard of an IP address in hexadecimal notation? It's the latest disguise hackers use to deploy DDoS malware on Linux systems.

Find out more: https://thehackernews.com/2023/10/shellbot-uses-hex-ips-to-evade.html

🚨 Malicious NuGet package distributing SeroXen RAT targets .NET developers. The malicious user behind this package has released 6 other suspicious packages, with 2.1 million downloads.

Read: https://thehackernews.com/2023/10/malicious-nuget-package-targeting-net.html

🚨 The FBI and CISA issue advisory on AvosLocker ransomware gang. They use open-source tools, leave minimal traces, and targeting U.S. critical infrastructure sectors.

Learn more: https://thehackernews.com/2023/10/fbi-cisa-warn-of-rising-avoslocker.html

🚨 Beware! DarkGate malware is now spreading through instant messaging apps like Skype & Microsoft Teams. Stay cautious and don't open suspicious documents!

Learn more: https://thehackernews.com/2023/10/darkgate-malware-spreading-via.html

Researchers shed light on hacking group ToddyCat's latest arsenal of tools. Designed for data theft, their tactics are more advanced than ever.

Find details here: https://thehackernews.com/2023/10/researchers-unveil-toddycats-new-set-of.html

A new cyber campaign targets EU military & political leaders focusing on gender equality. The cyber collective behind it blurs lines between financial and espionage motives.

Learn more: https://thehackernews.com/2023/10/new-peapod-cyberattack-campaign.html

🔐 Big news! Microsoft plans to phase out the '90s NT LAN Manager (NTLM) in favor of a stronger focus on Kerberos for authentication in Windows 11.

Learn more: https://thehackernews.com/2023/10/microsoft-to-phase-out-ntlm-in-favor-of.html