🛡️ TA866 is back with thousands of invoice-themed, booby-trapped emails targeting users with WasabiSeed and Screenshotter malware to spy on your screen and steal valuable data.

Learn more: https://thehackernews.com/2024/01/invoice-phishing-alert-ta866-deploys.html

🔐 Microsoft discloses Russian APT infiltrated its systems through a test account, stealing emails and attachments of senior executives and others in cybersecurity and legal departments.

Find details here ➡️ https://thehackernews.com/2024/01/microsofts-top-execs-emails-breached-in.html

🚨CISA issues emergency directive against two major zero-day actively exploited flaws in Ivanti products.

Learn more: https://thehackernews.com/2024/01/cisa-issues-emergency-directive-to.html

Patch your Ivanti Connect Secure and Policy Secure ASAP.

Age ain't nothin' but a number... for vulnerabilities, that is. 35% of serious flaws linger for months! Time to prioritize patching.

Learn how in "Security Navigator 24" - https://thehackernews.com/2024/01/52-of-serious-vulnerabilities-we-find.html

Alert! New Java malware "NS-STEALER" uses bots to steal your logins and wallet data from popular browsers and exfiltrates secrets via Discord.

Learn more: https://thehackernews.com/2024/01/ns-stealer-uses-discord-bots-to.html

FTC bans another data broker, InMarket, for selling our movements without consent. Protect yourself: learn how they track you & what you can do

Read: https://thehackernews.com/2024/01/ftc-bans-inmarket-for-selling-precise.html

Hackers Feast on Unpatched ActiveMQ! CVE-2023-46604, a critical remote code execution flaw, is back in the spotlight.

Learn more: https://thehackernews.com/2024/01/apache-activemq-flaw-exploited-in-new.html

Update your Apache ASAP or risk ransomware, rootkits, and botnets.

Java & Android libraries vulnerable to new supply chain attack — MavenGate!

Hackers can hijack popular abandoned libraries & inject malware into your apps.

Click to read more: https://thehackernews.com/2024/01/hackers-hijack-popular-java-and-android.html

North Korea's ScarCruft targeting media & experts.

A new attack campaign using fake threat reports & infected ZIPs aimed at gathering intel on defense strategies.

Find details here: https://thehackernews.com/2024/01/north-korean-hackers-weaponize-fake.html

Cybercrime Marketplace Mastermind, 21, Walks Free (Mostly) – Fitzpatrick, the Creator of BreachForums, Avoids Prison but Faces 20 Years of Supervision.

Read: https://thehackernews.com/2024/01/breachforums-founder-sentenced-to-20.html

Apple fixes first "in-the-wild" zero-day of 2024. Update iPhones, iPads, and Macs NOW!

Details: https://thehackernews.com/2024/01/apple-issues-patch-for-critical-zero.html

Atlassian Confluence RCE flaw under active attack (CVE-2023-22527). Hackers are scanning the web within 3 days of disclosure.

Learn more ➡️ https://thehackernews.com/2024/01/40000-attacks-in-3-days-critical.html

Patch NOW - Don't wait for a "whoami" knock at your server door.

Cracked software? Beware!

Malicious "Activator" booby-traps DMG files on macOS, tricking users into granting admin access. It then steals crypto wallet data and system info.

Learn more: https://thehackernews.com/2024/01/activator-alert-macos-malware-hides-in.html

Did you download Warbeast2000 or Kodiak2k from npm? If so, your SSH keys 🔑 might be compromised! These packages steal keys & upload them to GitHub.

🔒 Find details here: https://thehackernews.com/2024/01/malicious-npm-packages-exfiltrate-1600.html

VexTrio, the shadowy entity controlling a massive network of 70,000+ domains, is finally in the spotlight. This "traffic broker" fuels countless scams & malware campaigns, including ClearFake, SocGholish, & more.

Read: https://thehackernews.com/2024/01/vextrio-uber-of-cybercrime-brokering.html

At Georgetown, gain the tactical skills to plan for and respond to information security threats. Attend our webinar on 2/2.

View event: https://thehackernews.co/497Ugvd

DDoS Attacks on Steroids!

Gcore Radar reveals attacks now hitting 1.6 Terabits, a 5x surge. Are your servers ready for 2024's cybertsunami?

Read the report for critical insights: https://thehackernews.com/2024/01/from-megabits-to-terabits-gcore-radar.html

🔒 GoAnywhere users, listen up! Critical bug lets anyone become admin.

Remember Cl0p ransomware? They hit 130 victims using a Fortra's GoAnywhere flaw last year. Now, CVE-2024-0204 is even worse. Update to 7.4.1 immediately.

Learn more: https://thehackernews.com/2024/01/patch-your-goanywhere-mft-immediately.html

🛡️ Australia, the U.K., and the U.S. unite to sanction Russian REvil hacker tied to the Medibank data breach, exposing sensitive healthcare data of millions.

Get the details → https://thehackernews.com/2024/01/us-uk-australia-sanction-russian-revil.html

ANYRUN tracked a new XenoRAT stego campaign using images with Base64-encoded MZ files.


⚠️ Campaign changes:

⚙️ Switched from uploaddeimagens[.]com[.]br to wallpapercave[.]com

⚙️ Anti-VM, .lnk startup launch, VBS script execution.


Get free ANYRUN trial: https://thn.news/BbqF9eSL