👨 💼 Leverage your human capital to bridge the cybersecurity skills gap and bolster your organization's security. Join industry veterans Michael Beaupre, Neil Khatod, and Mike Heredia in a fireside chat on December 13th.

Gain expert insights on unlocking the potential of your team and effectively utilizing human resources for enhanced security.

Register now and empower your organization with valuable strategies: https://thn.news/R3K1PX5C

Bitzlato cryptocurrency exchange founder, Anatoly Legkodymov, pleads guilty to aiding money launderers with unlicensed money-transmitting business.

Find details here ➥ https://thehackernews.com/2023/12/founder-of-bitzlato-cryptocurrency.html

Faces up to 5 years in prison.

ALERT: WordPress 6.4.2 released with CRITICAL security patch.

Update your sites now to protect against remote attacks and arbitrary PHP code execution.

Learn more: https://thehackernews.com/2023/12/wordpress-releases-update-642-to.html

⚠️ Macs at risk! Cybercriminals are targeting macOS systems with Trojan-Proxy malware, spreading using pirated software to turn them into "proxy servers" for illegal activities.

Find details here: https://thehackernews.com/2023/12/mac-users-beware-new-trojan-proxy.html

Protect yourself – avoid illegal downloads.

🚨 North Korean threat actor Kimsuky targets South Korean research institutes in a spear-phishing campaign.

Learn how they use backdoors to steal information and execute commands.

Learn more: https://thehackernews.com/2023/12/n-korean-kimsuky-targeting-south-korean.html

🚨 Ransomware-as-a-Service (RaaS) is reshaping cybercrime. Anyone with limited tech skills can now carry out devastating attacks.

Learn how in this article: https://thehackernews.com/2023/12/ransomware-as-service-growing-threat.html

⚠️ IMPORTANT

A set ("5Ghoul") of new major security flaws in 📡 5G mobile network modems impact 714 smartphones models from all major brands—including Apple, Samsung, Google, Xiaomi, OnePlus and more.

Details on 5Ghoul here: https://thehackernews.com/2023/12/new-5g-modems-flaws-affect-ios-devices.html

🔒💻 Experts unveil new evasion tactics of GuLoader malware, a sophisticated shellcode-based downloader for dangerous payloads.

Learn more ➡️ https://thehackernews.com/2023/12/researchers-unveal-guloader-malwares.html

🛡️ 🔒 New Spectre-based side-channel attack SLAM threatens Intel, AMD, and Arm CPUs, potentially leaking sensitive data from kernel memory.

Learn more about SLAM attack : https://thehackernews.com/2023/12/slam-attack-new-spectre-based.html

New process injection technique called "PoolParty" discovered, enabling undetected code execution on Windows systems by bypassing top EDR systems.

Learn more: https://thehackernews.com/2023/12/new-poolparty-process-injection.html

🚨 Beware of Malicious Loan Apps!

18 deceptive Android loan apps on Google Play Store, downloaded 12M+ times. They offer high-interest loans and collect your personal info for blackmail.

Read details here: https://thehackernews.com/2023/12/spyloan-scandal-18-malicious-loan-apps.html

Ever wondered why Social Engineering works so well?

Discover the "Psychology of Social Engineering" in our upcoming WEBINAR. Dive deep into a hacker's mind with expert Tim Chase.!

Don't miss out. Register now: https://thehackernews.com/2023/12/webinar-psychology-of-social.html

Your first 100 days as a vCISO are crucial. Learn how to succeed with our 5-step action plan. Explore vCISO goals, pitfalls to avoid, and key activities for each phase.

Read: https://thehackernews.com/2023/12/playbook-your-first-100-days-as-vciso-5.html

Lazarus Group's new campaign, Operation Blacksmith, utilizes Log4j exploits to deploy Remote Access Trojans (RATs), including NineRAT and DLRAT.

🔗 Read the full article: https://thehackernews.com/2023/12/lazarus-group-using-log4j-exploits-to.html

🚨 Tactical overlaps discovered between APT Sandman and China-based threat cluster using KEYPLUG backdoor.

Find details in this article: https://thehackernews.com/2023/12/researchers-unmask-sandman-apts-hidden.html

⚠️ Urgent Update: Apache warns of a critical RCE flaw in Struts 2 web app framework (CVE-2023-50164) that could lead to remote code execution.

Find details here: https://thehackernews.com/2023/12/new-critical-rce-vulnerability.html

Upgrade to patched versions now to prevent potential breaches.

🔒 Apple released patches for multiple vulnerabilities in iOS, iPadOS, macOS, tvOS, watchOS, and Safari—and also backported fixes for two recently disclosed zero-day vulnerabilities to older devices.

Get details here: https://thehackernews.com/2023/12/apple-releases-security-updates-to.html

Alert: New malware campaign spreading MrAnon Stealer, a Python-based malware, via fake hotel booking PDFs.

Learn more: https://thehackernews.com/2023/12/new-mranon-stealer-targeting-german-it.html

It steals credentials, system info, browser sessions, and cryptocurrency extensions.

🕵️‍♂️ 2023 has witnessed 11 high-profile attacks in just 13 months, all exploiting non-human access.

Find out why non-human identities are the new perimeter: https://thehackernews.com/2023/12/non-human-access-is-path-of-least.html

APT28, a Russian threat actor, is using Israel-Hamas war-related lures to distribute the HeadLace backdoor. This targeted campaign affects 13 nations globally.

Read: https://thehackernews.com/2023/12/russian-apt28-hackers-targeting-13.html