🚨 Chinese-speaking threat actor targeting Uzbekistan Ministry of Foreign Affairs and South Korean users with dangerous SugarGh0st RAT.

Read more about this latest cyber incident ➥ https://thehackernews.com/2023/12/chinese-hackers-using-sugargh0st-rat-to.html

New Android #malware called FjordPhantom is defrauding banking customers in Indonesia, Thailand, and Vietnam.

It steals sensitive information by loading legitimate banking apps in a virtual container.

Learn more about FjordPhantom ➥ https://thehackernews.com/2023/12/new-fjordphantom-android-malware.html

💻 DOJ and FBI dismantle Qakbot #malware and botnet, but is the threat really gone? Find out the aftermath and mitigation strategies.

Learn more ➥ https://thehackernews.com/2023/12/qakbot-takedown-aftermath-mitigations.html

Russian national Vladimir Dunaev found guilty for developing TrickBot #malware, facing up to 35 years in prison.

Details here ➥ https://thehackernews.com/2023/12/russian-hacker-vladimir-dunaev.html

🕵️ 🚨 Agent Racoon malware infiltrates organizations in the U.S., Middle East, and Africa. Learn how this malware leverages DNS to create a secret channel for backdoor access.

Details here ➥ https://thehackernews.com/2023/12/agent-racoon-backdoor-targets.html

Microsoft warns of new CACTUS ransomware attacks using malvertising lures to deploy DanaBot as an initial access vector.

Learn more ➥ https://thehackernews.com/2023/12/microsoft-warns-of-malvertising-scheme.html

🚨 LogoFAIL: Critical vulnerabilities in UEFI Code from multiple firmware/BIOS vendors can be exploited by threat actors to bypass security technologies and deliver a malicious payload.

Learn more ➥ https://thehackernews.com/2023/12/logofail-uefi-vulnerabilities-expose.html

🤖 A new variant of the P2PInfect botnet has emerged, now compiled for MIPS architecture, and it's targeting routers and IoT devices.

Learn more: ➥ https://thehackernews.com/2023/12/new-p2pinfect-botnet-mips-variant.html

Researchers found novel attacks called BLUFFS on Bluetooth Classic, undermining its forward secrecy and future secrecy guarantees.

These attacks enable adversary-in-the-middle scenarios between connected peers.

Learn more: ➥ https://thehackernews.com/2023/12/new-bluffs-bluetooth-attack-expose.html

🔐 Secure Your SaaS Apps: Year-end is the perfect time to review user access, remove unnecessary permissions, and reduce SaaS risk.

Learn how to start the new year with a clean user list: https://thehackernews.com/2023/12/make-fresh-start-for-2024-clean-out.html

🚨 New cyber threat actor "AeroBlade" discovered involved in cyberattack on U.S. aerospace organization using spear-phishing.

Learn more: https://thehackernews.com/2023/12/new-threat-actor-aeroblade-emerges-in.html

🚨 Microsoft found Kremlin-backed nation-state activity exploiting a security flaw in Outlook, risking victims' accounts.

Learn how folder permissions were used to extract valuable info: https://thehackernews.com/2023/12/microsoft-warns-of-kremlin-backed-apt28.html

🚨 ALERT — Over 15,000 Go module repositories on GitHub are vulnerable to repojacking attacks.

Find out why and what actions need to be taken to address this issue.

Details here ➥ https://thehackernews.com/2023/12/15000-go-module-repositories-on-github.html

🚨 Webinar alert!

SoFi+ Sentra = Successful Data Security Posture Management (DSPM) for Fintech and Regulated Data.

🗓 Date: December 13
🕝 Time: 12:00 PM EST

Get ready for a fascinating discussion with SoFi, an innovative cloud-native financial services provider, about navigating data challenges while staying compliant with regulations and seamlessly managing third-party integrations.

Find out how they achieved all this through successfully implementing Sentra's DSPM solution.

🎙️ Featured Speakers:

➥ Pritam H Mungse , Director of Product Security at SoFi
➥ Zachary Schulze, Sr. Staff Application Security Engineer at SoFi
➥ Aviv Zisso, Director of Customer Success at Sentra

Register here — https://thn.news/sofi-webinar

Microsoft Copilot transforms how we work with AI across Microsoft 365 apps.

Surprise: It can access everything 🤯 you've worked on in M365.

Is your data safe?

Learn more about this productivity powerhouse and its security implications: https://thehackernews.com/2023/12/generative-ai-security-preventing.html

🆘 iPhone Users Alert: Beware of FAKE Lockdown Mode!

Attackers can now deceive you, enabling malware to persist even after a reboot.

Learn how this post-exploitation tampering technique works ➥ https://thehackernews.com/2023/12/warning-for-iphone-users-experts-warn.html

📰 Russian-linked Doppelganger influence operation exposed targeting Ukraine, U.S., and Germany with AI-powered FAKE NEWS and social media.

Read this report here ➥ https://thehackernews.com/2023/12/russias-ai-powered-disinformation.html

Attention Android users! Qualcomm has disclosed 3 high-severity security vulnerabilities that were exploited in October 2023.

Learn more about them ➥ https://thehackernews.com/2023/12/qualcomm-releases-details-on-chip.html

🛡️ Atlassian has released software fixes to address four critical flaws in its software that could lead to remote code execution if exploited.

Find details here: https://thehackernews.com/2023/12/atlassian-releases-critical-software.html

🕵️‍♂️ CISA warns of an ongoing cyber threat targeting government servers via an Adobe ColdFusion vulnerability (CVE-2023-26360).

Learn more: https://thehackernews.com/2023/12/hackers-exploited-coldfusion.html

Update your software now.