🚨 FBot, a new Python-based hacking tool, is targeting major platforms like AWS, Microsoft 365, and PayPal. It's designed for credential harvesting and account hijacking.

Discover more about it: https://thehackernews.com/2024/01/new-python-based-fbot-hacking-toolkit.html

🔥 Researchers develop a Proof-of-Concept code targeting a critical flaw in Apache OfBiz ERP system, enabling execution of a stealthy, memory-resident payload.

Learn more: https://thehackernews.com/2024/01/new-poc-exploit-for-apache-ofbiz.html

Unravel the complexities of cloud security and reveal the attack paths and risks lurking in cloud environments and connected assets.

Learn how to proactively strengthen your defenses with Uptycs experts Sudarsan Kannan and Andre Rall in their upcoming #webinar “Mastering Cloud Security''.

Join Now: https://thehackernews.co/3SeXdo8

Cybercriminals are increasingly using GitHub for malicious activities such as payload delivery and command-and-control operations.

Learn more about this evolving 'living-off-trusted-sites' threat. ➡️ https://thehackernews.com/2024/01/threat-actors-increasingly-abusing.html

💻 SharePoint users, beware!

U.S. cybersecurity agency warns of active exploitation of a critical Microsoft SharePoint flaw that can let attackers gain admin rights without any user action.

🛠️ Patch now: https://thehackernews.com/2024/01/act-now-cisa-flags-active-exploitation.html

🚨 New cyberattack targeting Apache Hadoop & Flink using misconfigurations to deploy crypto miners.

A crafty blend of packers & rootkits keeps this malware under the radar.

Dive into the details here: https://thehackernews.com/2024/01/cryptominers-targeting-misconfigured.html

Mike Tyson and Cybersecurity: More in Common Than You Think!

Learn how Tyson's famous words apply to cybersecurity preparedness; and how BAS keeps your security in fighting shape against evolving threats.

Read the full story at https://thehackernews.com/2024/01/applying-tyson-principle-to.html

GitLab users, beware! Security updates released to address critical vulnerabilities (CVE-2023-7028 and CVE-2023-5356).

One of these could allow account takeover without user interaction.

Find details here: https://thehackernews.com/2024/01/urgent-gitlab-releases-patch-for.html

☠️ Medusa ransomware escalates tactics beyond data leaks, now threatening physical violence.

Targeting tech companies, healthcare, and education sectors, it exploits flaws and employs "living off the land" techniques to remain undetected.

Read: https://thehackernews.com/2024/01/medusa-ransomware-on-rise-from-data.html

⚡ Nation-state hackers weaponizing Ivanti Connect Secure VPN zero-days to deploy five malware families in a targeted cyber espionage campaign.

Learn more: https://thehackernews.com/2024/01/nation-state-actors-weaponize-ivanti.html

Patch ASAP!

⚠️ Your cloud account could be mining cryptocurrency without you knowing!

29-year-old Ukrainian arrested for a major cryptojacking scheme, netting over $2 MILLION in profits.

Read details: https://thehackernews.com/2024/01/29-year-old-ukrainian-cryptojacking.html

🚨 Critical Update! Juniper Networks addresses a major 9.8-rated RCE vulnerability in SRX Series firewalls & EX Series switches.

CVE-2024-21591 details here: https://thehackernews.com/2024/01/critical-rce-vulnerability-uncovered-in.html

Denmark's energy sector faced cyber threats in 2023 due to an old Zyxel firewall vulnerability. Forescout's report suggests Sandworm group may not be responsible.

Insightful details here ➡️ https://thehackernews.com/2024/01/new-findings-challenge-attribution-in.html

Environmental services hit by a massive 61,839% increase in DDoS attacks.

Gaming, gambling, telecoms... no industry is safe from HTTP DDoS attacks.

Read this latest report to understand the scope of these threats: https://thehackernews.com/2024/01/ddos-attacks-on-environmental-services.html

⚠️ Over 7,100 WordPress sites have been hit by the 'Balada Injector' #malware, which exploits sites using a vulnerable version of the Popup Builder plugin.

Read More ➡️ https://thehackernews.com/2024/01/balada-injector-infects-over-7100.html

Bosch's smart devices have high-severity vulnerabilities, posing a risk to your thermostat and smart nutrunners.

Find out how it could impact your home security: https://thehackernews.com/2024/01/high-severity-flaws-uncovered-in-bosch.html

⚡ Critical security flaw found in Opera Browser!

MyFlow sync feature lets attackers take over your Windows and macOS systems.

Read the full story: https://thehackernews.com/2024/01/opera-myflaw-bug-could-let-hackers-run.html

Check out XM Cyber 2024 State of Security Posture Report and discover what 300 CISOs and other security decision-makers have to say about their security efforts and the trends in exposure management impacting day-to-day work as well as long-term planning.

It's a CAN'T MISS if reducing cyber exposures is on your 2024 to-do list!

Grab your copy now: https://thn.news/security-posture-report-2024

🔒 Exclusive Webinar Alert!

Zero Trust Security: Your ultimate shield against sophisticated cyberattacks. Find out how to lock down your data and stop data breaches.

Reserve your spot in this must-attend webinar now: https://thehacker.news/zero-trust-attack-surface?source=social

🚨 Ransomware roars back! 55.5% surge in victims in 2023, but LockBit isn't the only king anymore.

Meet 3AM, Rhysida, and Akira - rising stars you need to know.

Read the latest Ransomware Report: https://thehackernews.com/2024/01/3-ransomware-group-newcomers-to-watch.html