🕵️‍♂️ U.S. agencies warn about Scattered Spider cybercriminals using advanced phishing to steal data and extort victims.

Learn their tactics, protect your organization: https://thehackernews.com/2023/11/us-cybersecurity-agencies-warn-of.html

🐍⚠️ WARNING for Python Devs!

📦 27 FAKE packages found on PyPI.
🕵️‍♂️ Masquerading as legit, downloaded thousands of times.

Learn how they embed malware in images using steganography.

🔗 Read more: https://thehackernews.com/2023/11/27-malicious-pypi-packages-with.html

⚡ FCC enforces new regulation:

🔒 Wireless providers MUST now authenticate you before transferring phone numbers. Why? To SHIELD you from SIM-swapping attacks and port-out frauds.

Learn more: https://thehackernews.com/2023/11/fcc-enforces-stronger-rules-to-protect.html

⚠️ Operation SEO#LURKER: Cybercriminals are using fake Google ads to trick users searching for software like WinSCP into downloading #malware.

Read details: https://thehackernews.com/2023/11/beware-malicious-google-ads-trick.html

Russian cyber espionage group linked to the FSB are using a USB worm called LitterDrifter to target Ukrainian organizations.

It spreads malware via USB drives & communicates with C&C servers.

Learn more about this threat: https://thehackernews.com/2023/11/russian-cyber-espionage-group-deploys.html

Researchers report a surge in attacks by the 8Base ransomware group, using Phobos variants.

This group has been active since March 2022, and now relies more on SmokeLoader for distributing ransomware.

Learn more: https://thehackernews.com/2023/11/8base-group-deploying-new-phobos.html

Indian Hack-for-Hire group targeted U.S., China, Pakistan, and more for over a decade. They stole sensitive data from high-value individuals/organizations using spyware and exploits (reportedly) from vendors like Vervata and Vupen.

Read: https://thehackernews.com/2023/11/indian-hack-for-hire-group-targeted-us.html

🚨 Bitcoin wallets created from 2011 to 2015 vulnerable to "Randstorm" exploit, potentially allowing unauthorized access by recovering passwords.

Learn more: https://thehackernews.com/2023/11/randstorm-exploit-bitcoin-wallets.html

🐛⚠️💻 New LummaC2 malware version is using trigonometry-based tactic to differentiate between users and security systems, evading sandboxes and security analyses.

Learn more: https://thehackernews.com/2023/11/lummac2-malware-deploys-new.html

New high-volume phishing campaigns mimic tactics of defunct QakBot trojan, hijacking email threads and using unique URLs to deliver DarkGate and PikaBot malware.

Learn more: https://thehackernews.com/2023/11/darkgate-and-pikabot-malware-resurrect.html

🚨 Threat Alert: Hackers are using NetSupport RAT to target education, government, and business services. Delivery methods include fraudulent updates, drive-by downloads, malware loaders, and phishing campaigns.

Learn more https://thehackernews.com/2023/11/netsupport-rat-infections-on-rise.html

Mustang Panda, a Chinese cyber actor, linked to a cyber attack on a Philippines government entity amidst rising tensions over the disputed South China Sea.

Find out more in this report: https://thehackernews.com/2023/11/mustang-panda-hackers-targets.html

📱 Alert: Android users in India, beware! Hackers are distributing fake banking and government apps to steal sensitive data like bank info and personal details.

Learn more: https://thehackernews.com/2023/11/malicious-apps-disguised-as-banks-and.html

Phishing attacks are getting smarter! Cybercriminals are now using QR codes, CAPTCHAs, and steganography to trick victims.

Learn how to spot the signs and protect yourself from credential theft.

Read: https://thehackernews.com/2023/11/how-multi-stage-phishing-attacks.html

🛡️ A new variant of Agent Tesla malware has emerged, delivered via ZPAQ compression format, making detection challenging. It's harvesting data from email clients and 40 web browsers.

Learn more: https://thehackernews.com/2023/11/new-agent-tesla-malware-variant-using.html

🛡️💻 Identity-based attacks like lateral movement & ransomware are increasing.

Discover how Silverfort's Unified Identity Protection platform provides real-time security against such threats.

Don't just read about it, see it in action here: https://thehackernews.com/2023/11/product-walkthrough-silverforts-unified.html

Play ransomware has turned into Ransomware-as-a-Service (RaaS), allowing other cybercriminals to use it.

Operators offering a complete package—documentation, forums, technical support, and even help with negotiating ransoms.

Read: https://thehackernews.com/2023/11/play-ransomware-goes-commercial-now.html

🔒 Critical Security Alert: Threat actors, including LockBit ransomware affiliates, exploit the Citrix NetScaler flaw ("Citrix Bleed") to hijack user sessions and gain unauthorized access.

Learn more in this article: https://thehackernews.com/2023/11/lockbit-ransomware-exploiting-critical.html

🚨 macOS users beware! Atomic Stealer, a $1,000/month malware, is now spreading through deceptive web browser updates via ClearFake.

Find out how it infiltrates your device through compromised websites: https://thehackernews.com/2023/11/clearfake-campaign-expands-to-deliver.html

⚠️ North Korean hackers posing as recruiters infect software developers with cross-platform malware named "BeaverTail" and "InvisibleFerret," targeting Windows, Linux, and macOS systems during fake interviews.

Learn more: https://thehackernews.com/2023/11/north-korean-hackers-pose-as-job.html