🚨 URGENT → AnyDesk, a popular remote desktop software, suffered a breach, resulting in the compromise of its production systems.

Here's what you need to do:

✓ Update to the latest version ASAP!
✓ Change your password

Details here: https://thehackernews.com/2024/02/anydesk-hacked-popular-remote-desktop.html

⚡ Mastodon users, beware!

A critical security flaw (CVE-2024-23832) affecting the decentralized social network could allow attackers to impersonate and take over any account.

Find details here → https://thehackernews.com/2024/02/mastodon-vulnerability-allows-hackers.html

U.S. Treasury Department has just imposed sanctions on 6 Iranian officials linked to cyberattacks on critical infrastructure, including a US water treatment plant.

Read details here → https://thehackernews.com/2024/02/us-sanctions-6-iranian-officials-for.html

Cybercriminals are targeting Mexican users with a new variant of the Mispadu banking malware, exploiting a patched Windows SmartScreen bypass flaw.

Read details here: https://thehackernews.com/2024/02/new-mispadu-banking-trojan-exploiting.html

NSO Group's Pegasus spyware targeted nearly 3 dozen journalists, activists, and lawyers in Jordan, raising concerns about privacy violations and government abuse.

Read: https://thehackernews.com/2024/02/pegasus-spyware-targeted-iphones-of.html

60% of cybersecurity incidents are repeats! Learn how combining industry frameworks like NIST & MITRE can help you proactively manage cyber risks & prevent future attacks.

Read: https://thehackernews.com/2024/02/combined-security-practices-changing.html

Threat actor "Patchwork" uses romance scams to spread espionage apps in India and Pakistan. Learn how they infiltrated Android devices with VajraSpy malware.

Read more 👉 https://thehackernews.com/2024/02/patchwork-using-romance-scam-lures-to.html

Tired of juggling cybersecurity tools?

Cato XDR simplifies it all with a SASE-based approach for faster threat detection & response.

See how it works in 20 mins! ➡️ https://thehackernews.com/2024/02/hands-on-review-sase-based-xdr-from.html

A Belarusian-Latvian national linked to the defunct cryptocurrency exchange BTC-e faces up to 25 years in prison for an alleged $4 billion money-laundering scheme.

Learn more about this major cybercrime case: https://thehackernews.com/2024/02/belarusian-national-linked-to-btc-e.html

🌍 U.S. imposes visa restrictions on those (developers, sellers, beneficiaries, and companies) involved in illegal surveillance through commercial spyware like Pegasus.

Learn more: https://thehackernews.com/2024/02/us-imposes-visa-restrictions-on-those.html

A recently disclosed SSRF vulnerability (CVE-2024-21893) in Ivanti Connect Secure and Policy Secure products is now under mass exploitation.

Learn more: https://thehackernews.com/2024/02/recently-disclosed-ssrf-flaw-in-ivanti.html

Patch now to protect your organization from system takeover.

Job seekers, beware! A new cybercriminal group called ResumeLooters is targeting job search platforms in APAC, stealing millions of resumes and personal data.

Learn more: https://thehackernews.com/2024/02/hackers-exploit-job-boards-in-apac.html

Feeling overwhelmed by your sprawling SaaS stack?

You're not alone. Dramatically improve your SaaS Security posture with 201% ROI. New study reveals how a $10B media company achieved this with an SSPM platform.

Learn more: https://thehackernews.com/2024/02/how-10b-enterprise-customer-drastically.html

🚨 Beware: Cybercriminals use fake Facebook job ads to spread Ov3r_Stealer, a Windows #malware. It steals sensitive information, risking your personal and financial data.

Read: https://thehackernews.com/2024/02/beware-fake-facebook-job-ads-spreading.html

🛡️ Researchers uncover details of 3 vulnerabilities in Azure HDInsight's Apache Hadoop, Kafka, and Spark services that could have allowed attackers root access and system disruption.

Learn more: https://thehackernews.com/2024/02/high-severity-flaws-found-in-azure.html

⚠️ Patch Alert → Critical vulnerability in JetBrains' TeamCity On-Premises (CVE-2024-23917) allows unauthenticated remote attackers to gain administrative control and take over servers.

Learn more: https://thehackernews.com/2024/02/critical-jetbrains-teamcity-on-premises.html

🕵️ Chinese state-backed hackers exploited FortiOS SSL-VPN flaws to breach a Dutch military network, deploying a stealthy backdoor called COATHANGER.

Learn more: https://thehackernews.com/2024/02/chinese-hackers-exploited-fortigate.html

Governments and tech giants such as France, the U.K., the U.S., Google, Meta, and Microsoft have joined forces to combat the misuse of commercial spyware for human rights violations.

Learn more: https://thehackernews.com/2024/02/global-coalition-and-tech-giants-unite.html

2024 marks the rise of vCISO services, with 45% of MSPs and MSSPs joining the trend. Position yourself as a cybersecurity leader.

Watch the webinar for a 5-phase action plan to vCISO success: https://thehackernews.com/2024/02/new-webinar-5-steps-to-vciso-success.html

🔥 A critical vulnerability has been found in the shim bootloader, leaving millions of Linux systems vulnerable to attack.

Learn more about CVE-2023-40547: https://thehackernews.com/2024/02/critical-bootloader-vulnerability-in.html

Update your device immediately if it uses shim and Secure Boot.