🔒 GoAnywhere users, listen up! Critical bug lets anyone become admin.

Remember Cl0p ransomware? They hit 130 victims using a Fortra's GoAnywhere flaw last year. Now, CVE-2024-0204 is even worse. Update to 7.4.1 immediately.

Learn more: https://thehackernews.com/2024/01/patch-your-goanywhere-mft-immediately.html

🛡️ Australia, the U.K., and the U.S. unite to sanction Russian REvil hacker tied to the Medibank data breach, exposing sensitive healthcare data of millions.

Get the details → https://thehackernews.com/2024/01/us-uk-australia-sanction-russian-revil.html

ANYRUN tracked a new XenoRAT stego campaign using images with Base64-encoded MZ files.


⚠️ Campaign changes:

⚙️ Switched from uploaddeimagens[.]com[.]br to wallpapercave[.]com

⚙️ Anti-VM, .lnk startup launch, VBS script execution.


Get free ANYRUN trial: https://thn.news/BbqF9eSL

Employees are IT free agents, adopting any SaaS they need, anywhere, anytime.

Nudge Security sees EVERYTHING (even 3rd & 4th party risks!), helping you regain control without stifling productivity.

Discover your hidden SaaS mess now: https://thehackernews.com/2024/01/what-is-nudge-security-and-how-does-it.html

Critical Misconfiguration Found in Google Kubernetes Engine (GKE) - Posing a threat to over 250,000 clusters. Any Gmail account could exploit it to take control of your clusters.

Learn more: https://thehackernews.com/2024/01/google-kubernetes-misconfig-lets-any.html

🔧 Don't trust every library blindly. While it may save time, dependencies can introduce hidden vulnerabilities.

Learn how to identify 'unknown risks' in your code and protect your apps from stealthy supply chain attacks.

Read: https://thehackernews.com/2024/01/the-unknown-risks-of-software-supply.html

Kasseika, the latest #ransomware kid on the block, is using a sneaky trick called BYOVD to disarm your defenses before encrypting your files.

It even leaves no trace by wiping event logs.

Learn more: https://thehackernews.com/2024/01/kasseika-ransomware-using-byovd-trick.html

🕵️‍♂️ Russian state-backed APT29 hacker group breached HP Enterprise's cloud emails, stealing confidential data from cybersecurity and key departments.

Details here → https://thehackernews.com/2024/01/tech-giant-hp-enterprise-hacked-by.html

The breach remained undetected for over 6 months.

CherryLoader, a new Go-based malware loader, disguises itself as CherryTree note-taking app to deceive users.

It ghosts processes, disables Microsoft Defender, and maintains persistence.

Learn more → https://thehackernews.com/2024/01/new-cherryloader-malware-mimics.html

⚡ China-linked hacker group Blackwood hijacks app updates (Tencent QQ, WPS Office) to inject "NSPX30" spy implant. It steals data, captures keystrokes, and takes screenshots.

Learn more → https://thehackernews.com/2024/01/china-backed-hackers-hijack-software.html

⚠️ Chinese hackers have upgraded the LODEINFO malware to target Japanese organizations. They're spreading it via spear-phishing emails containing malicious Word documents, which install the backdoor through macros.

Read more ➡️ https://thehackernews.com/2024/01/lodeinfo-fileless-malware-evolves-with.html

🚨 Urgent: Critical Jenkins RCE vulnerability (CVE-2024-23897) discovered.

Hackers can remotely control your CI/CD pipelines. Patch immediately to prevent malicious code in builds.

Details here: https://thehackernews.com/2024/01/critical-jenkins-vulnerability-exposes.html

AI Goes Rogue: Fake Videos, Stolen Passwords, & New Frauds!

Hackers are using AI to create hyper-realistic scams. Axur Report exposes the latest tricks, including "apphishing" and e-commerce store takeovers.

Learn more: https://thehackernews.com/2024/01/cyber-threat-landscape-7-key-findings.html

Cybersecurity experts reveal the inner workings of SystemBC's command server, a dangerous #malware available on the darkweb, enabling cybercriminals to remotely control compromised systems and deliver ransomware.

Details here → https://thehackernews.com/2024/01/systembc-malwares-c2-server-analysis.html

🚨 Cisco's Unified & Contact Center solutions have a CRITICAL flaw (CVE-2024-20253) allowing remote attackers to take control.

Patch NOW! Don't let attackers eavesdrop on your business secrets.

Get the details: https://thehackernews.com/2024/01/critical-cisco-flaw-lets-hackers.html

Russian Malware Mastermind Jailed!

5 years for Vladimir Dunaev, creator of TrickBot, a Swiss Army knife of cybercrime. This malware wasn't just about stealing money. It targeted critical healthcare systems during a pandemic.

Details here → https://thehackernews.com/2024/01/russian-trickbot-mastermind-gets-5-year.html

🕵️ Cozy Bear returns! Microsoft confirms Russian hackers who breached them in November are now targeting more organizations.

Their playbook includes stolen credentials, supply chain attacks, OAuth abuse, and more.

Read more → https://thehackernews.com/2024/01/microsoft-warns-of-widening-apt29.html

⚠️ Chinese users beware! Malicious Google ads pushing fake Telegram & LINE apps. Cybercriminals are using fake messaging app ads to deploy RATs like PlugX & Gh0st RAT.

Learn more: https://thehackernews.com/2024/01/malicious-ads-on-google-target-chinese.html

41% attacks bypass network security.

Defense-in-Depth isn't enough. Use AI-powered Cyber Threat Intelligence (CTI) and Breach & Attack Simulation (BAS) to test defenses against real-world attacks, uncover vulnerabilities.

Read to find the key: https://thehackernews.com/2024/01/perfecting-defense-in-depth-strategy.html

AI in SaaS = Cool? Maybe. But it also brings NEW security risks.

Join our free WEBINAR with Wing Security's COO for expert insights & actionable tips based on a study of 493 companies on securing your SaaS in 2024.

Reserve your spot now: https://thehacker.news/saas-security-lessons