⚡️ Ditch the old castle-and-moat approach!

Discover the future of cybersecurity with Zero Trust Security. Join our webinar with Zscaler and learn to shield your data like never before.

👨‍💻 Reserve Your Webinar Spot ➜ https://thehackernews.com/2024/01/webinar-leverage-zero-trust-security-to.html

🚨 Beware of YouTube videos offering cracked software! They might lead you to download Lumma malware, stealing your sensitive information.

Learn more: https://thehackernews.com/2024/01/beware-youtube-videos-promoting-cracked.html

Collaboration is key in SaaS applications! But did you know 58% of recent security incidents involve data leakage?

Stay informed on safe sharing practices: https://thehackernews.com/2024/01/why-public-links-expose-your-saas.html

⚠️ Attention Kyocera & QNAP users:

Kyocera addresses dangerous CVE-2023-50916 flaw, preventing unauthorized access. QNAP tackles CVE-2023-39296, safeguarding against crashes.

Read details here: https://thehackernews.com/2024/01/alert-new-vulnerabilities-discovered-in.html

⚠️ Warning: Turkish hackers targeting poorly secured MS SQL servers across the U.S., European Union, and Latin America.

Brace yourself for ransomware deployment!

Learn more: https://thehackernews.com/2024/01/turkish-hackers-exploiting-poorly.html

Beware of Water Curupira! This threat actor is spreading PikaBot, more than a malware loader – it's a gateway to ransomware attacks. It grants attackers remote access to your systems.

Learn more: https://thehackernews.com/2024/01/alert-water-curupira-hackers-actively.html

🚨 CISA warns of 6 actively exploited security flaws

╰┈➤ CVE-2023-27524 in Apache Superset.
╰┈➤ CVE-2023-38203 & CVE-2023-29300 in Adobe ColdFusion.
╰┈➤ CVE-2023-41990 in Apple products.
╰┈➤ CVE-2016-20017 in D-Link devices.
╰┈➤ CVE-2023-23752 in Joomla!

Read: https://thehackernews.com/2024/01/cisa-flags-6-vulnerabilities-apple.html

👨‍💻 Microsoft's latest January 2024 Patch Tuesday updates address 48 security flaws. Two of these flaws are rated Critical, while the rest are marked as Important.

Learn more: https://thehackernews.com/2024/01/microsofts-january-2024-windows-update.html

⚠️ FTC bans Outlogic (formerly X-Mode) from selling sensitive 📍 location data, marking a historic first-ever ban on such information sales.

Learn more: https://thehackernews.com/2024/01/ftc-bans-outlogic-x-mode-from-selling.html

🔐 Good news for ransomware victims!

Researchers have released FREE DECRYPTORs for both the Tortilla variant of Babuk ransomware and Black Basta ransomware.

Regain control of your files now ➡️ https://thehackernews.com/2024/01/free-decryptor-released-for-black-basta.html

The enterprise attack surface is expanding rapidly.

With each new device and app, the risk of cyber attacks increases. Discover how IT pros manage this evolving challenge.

Dive in for insights: https://thehackernews.com/2024/01/getting-off-attack-surface-hamster.html

A new Mirai-based botnet, NoaBot, is active in a crypto mining campaign. It's a wormable self-spreader with an SSH key backdoor.

Learn more about NoaBot's impact ➡ https://thehackernews.com/2024/01/noabot-latest-mirai-based-botnet.html

🚨 Cisco patches a serious flaw in Unity Connection (CVE-2024-20272, CVSS 7.3).

Don't let attackers compromise your system. Check if your version is affected and update now.

Full details here 👉 https://thehackernews.com/2024/01/cisco-fixes-high-risk-vulnerability.html

⚠️ Urgent Alert: Chinese hackers exploiting two NEW ZERO-DAY vulnerabilities (CVE-2023-46805 & CVE-2024-21887) in Ivanti Connect Secure and Policy Secure.

Read more: https://thehackernews.com/2024/01/chinese-hackers-exploit-zero-day-flaws.html

Patches incoming, but immediate action (temporary workarounds) is needed.

Mandiant's X account fell to a brute-force password attack due to a gap in 2FA policy during team transitions.

More: https://thehackernews.com/2024/01/mandiants-x-account-was-hacked-using.html

Hackers used it for phishing, stealing almost $900K in Solana tokens.

A reminder that small oversights can cause significant breaches.

🍏 Attention Mac users! Atomic Stealer malware gets updated to evade detection with payload encryption, stealing your passwords and sensitive info.

Learn more: https://thehackernews.com/2024/01/atomic-stealer-gets-upgrade-targeting.html

🔐 Ransomware incidents hit a new high in 2023, targeting major players like MGM & Johnson Controls. Discover how #GenAI is revolutionizing cyber threats and why your organization should be concerned.

Read insights here: https://thehackernews.com/2024/01/there-is-ransomware-armageddon-coming.html

🚨 FBot, a new Python-based hacking tool, is targeting major platforms like AWS, Microsoft 365, and PayPal. It's designed for credential harvesting and account hijacking.

Discover more about it: https://thehackernews.com/2024/01/new-python-based-fbot-hacking-toolkit.html

🔥 Researchers develop a Proof-of-Concept code targeting a critical flaw in Apache OfBiz ERP system, enabling execution of a stealthy, memory-resident payload.

Learn more: https://thehackernews.com/2024/01/new-poc-exploit-for-apache-ofbiz.html

Unravel the complexities of cloud security and reveal the attack paths and risks lurking in cloud environments and connected assets.

Learn how to proactively strengthen your defenses with Uptycs experts Sudarsan Kannan and Andre Rall in their upcoming #webinar “Mastering Cloud Security''.

Join Now: https://thehackernews.co/3SeXdo8