Threat actor "Patchwork" uses romance scams to spread espionage apps in India and Pakistan. Learn how they infiltrated Android devices with VajraSpy malware.
Read more π https://thehackernews.com/2024/02/patchwork-using-romance-scam-lures-to.html
Read more π https://thehackernews.com/2024/02/patchwork-using-romance-scam-lures-to.html
π11π10β‘7π₯2
Tired of juggling cybersecurity tools?
Cato XDR simplifies it all with a SASE-based approach for faster threat detection & response.
See how it works in 20 mins! β‘οΈ https://thehackernews.com/2024/02/hands-on-review-sase-based-xdr-from.html
Cato XDR simplifies it all with a SASE-based approach for faster threat detection & response.
See how it works in 20 mins! β‘οΈ https://thehackernews.com/2024/02/hands-on-review-sase-based-xdr-from.html
π12
A Belarusian-Latvian national linked to the defunct cryptocurrency exchange BTC-e faces up to 25 years in prison for an alleged $4 billion money-laundering scheme.
Learn more about this major cybercrime case: https://thehackernews.com/2024/02/belarusian-national-linked-to-btc-e.html
Learn more about this major cybercrime case: https://thehackernews.com/2024/02/belarusian-national-linked-to-btc-e.html
π20π€―6β‘2π2π1π€1
π U.S. imposes visa restrictions on those (developers, sellers, beneficiaries, and companies) involved in illegal surveillance through commercial spyware like Pegasus.
Learn more: https://thehackernews.com/2024/02/us-imposes-visa-restrictions-on-those.html
Learn more: https://thehackernews.com/2024/02/us-imposes-visa-restrictions-on-those.html
π17π€17π6π₯5β‘4
A recently disclosed SSRF vulnerability (CVE-2024-21893) in Ivanti Connect Secure and Policy Secure products is now under mass exploitation.
Learn more: https://thehackernews.com/2024/02/recently-disclosed-ssrf-flaw-in-ivanti.html
Patch now to protect your organization from system takeover.
Learn more: https://thehackernews.com/2024/02/recently-disclosed-ssrf-flaw-in-ivanti.html
Patch now to protect your organization from system takeover.
π12π±12β‘9
Job seekers, beware! A new cybercriminal group called ResumeLooters is targeting job search platforms in APAC, stealing millions of resumes and personal data.
Learn more: https://thehackernews.com/2024/02/hackers-exploit-job-boards-in-apac.html
Learn more: https://thehackernews.com/2024/02/hackers-exploit-job-boards-in-apac.html
π±20π6π4π€4
Feeling overwhelmed by your sprawling SaaS stack?
You're not alone. Dramatically improve your SaaS Security posture with 201% ROI. New study reveals how a $10B media company achieved this with an SSPM platform.
Learn more: https://thehackernews.com/2024/02/how-10b-enterprise-customer-drastically.html
You're not alone. Dramatically improve your SaaS Security posture with 201% ROI. New study reveals how a $10B media company achieved this with an SSPM platform.
Learn more: https://thehackernews.com/2024/02/how-10b-enterprise-customer-drastically.html
π12π₯5
π¨ Beware: Cybercriminals use fake Facebook job ads to spread Ov3r_Stealer, a Windows #malware. It steals sensitive information, risking your personal and financial data.
Read: https://thehackernews.com/2024/02/beware-fake-facebook-job-ads-spreading.html
Read: https://thehackernews.com/2024/02/beware-fake-facebook-job-ads-spreading.html
π8π6π2π€1
π‘οΈ Researchers uncover details of 3 vulnerabilities in Azure HDInsight's Apache Hadoop, Kafka, and Spark services that could have allowed attackers root access and system disruption.
Learn more: https://thehackernews.com/2024/02/high-severity-flaws-found-in-azure.html
Learn more: https://thehackernews.com/2024/02/high-severity-flaws-found-in-azure.html
π21π€―3π2π1
β οΈ Patch Alert β Critical vulnerability in JetBrains' TeamCity On-Premises (CVE-2024-23917) allows unauthenticated remote attackers to gain administrative control and take over servers.
Learn more: https://thehackernews.com/2024/02/critical-jetbrains-teamcity-on-premises.html
Learn more: https://thehackernews.com/2024/02/critical-jetbrains-teamcity-on-premises.html
π±11π7π6
π΅οΈ Chinese state-backed hackers exploited FortiOS SSL-VPN flaws to breach a Dutch military network, deploying a stealthy backdoor called COATHANGER.
Learn more: https://thehackernews.com/2024/02/chinese-hackers-exploited-fortigate.html
Learn more: https://thehackernews.com/2024/02/chinese-hackers-exploited-fortigate.html
π€13π9π3π€―3
Governments and tech giants such as France, the U.K., the U.S., Google, Meta, and Microsoft have joined forces to combat the misuse of commercial spyware for human rights violations.
Learn more: https://thehackernews.com/2024/02/global-coalition-and-tech-giants-unite.html
Learn more: https://thehackernews.com/2024/02/global-coalition-and-tech-giants-unite.html
π29π€6
2024 marks the rise of vCISO services, with 45% of MSPs and MSSPs joining the trend. Position yourself as a cybersecurity leader.
Watch the webinar for a 5-phase action plan to vCISO success: https://thehackernews.com/2024/02/new-webinar-5-steps-to-vciso-success.html
Watch the webinar for a 5-phase action plan to vCISO success: https://thehackernews.com/2024/02/new-webinar-5-steps-to-vciso-success.html
π15
π₯ A critical vulnerability has been found in the shim bootloader, leaving millions of Linux systems vulnerable to attack.
Learn more about CVE-2023-40547: https://thehackernews.com/2024/02/critical-bootloader-vulnerability-in.html
Update your device immediately if it uses shim and Secure Boot.
Learn more about CVE-2023-40547: https://thehackernews.com/2024/02/critical-bootloader-vulnerability-in.html
Update your device immediately if it uses shim and Secure Boot.
π€―23β‘6π5π±5π1
π¨ Exciting News from ANYRUN:
Introducing Threat Intelligence Lookup! π
Unlock contextual data and malware samples related to specific #IOCs, TTPs, and keywords, speeding up your investigations and boosting your cybersecurity defenses.
Try it now! π https://thehackernews.co/496HXQ1
Introducing Threat Intelligence Lookup! π
Unlock contextual data and malware samples related to specific #IOCs, TTPs, and keywords, speeding up your investigations and boosting your cybersecurity defenses.
Try it now! π https://thehackernews.co/496HXQ1
any.run
Threat Intelligence Lookup, a searchable database of IOCs and events for threat hunting
Access cyber threat intelligence online with TI Lookup, a vast repository of threat data extracted from ANY.RUN's malware analysis sessions. Identify threats and discover context information related to specific IOCs, TTPs, and artifacts in processes, commandβ¦
π20π5π€4π1
π URGENT: Cisco, Fortinet, and VMware have (again!) released patches for new critical vulnerabilities in their products.
Patch immediately to prevent device takeover, data theft, and operational disruption.
Learn more: https://thehackernews.com/2024/02/critical-patches-released-for-new-flaws.html
Patch immediately to prevent device takeover, data theft, and operational disruption.
Learn more: https://thehackernews.com/2024/02/critical-patches-released-for-new-flaws.html
π20π€11π₯6π€―5
β οΈ North Korean APT Kimsuky caught using new Golang-based info stealer "Troll Stealer" & malware "GoBear," both signed with stolen certificates, targeting sensitive data like SSH keys, browser data & system info.
Learn more β https://thehackernews.com/2024/02/kimsukys-new-golang-stealer-troll-and.html
Learn more β https://thehackernews.com/2024/02/kimsukys-new-golang-stealer-troll-and.html
π13π₯6π€―5π2
Google starts blocking sideloading of shady Android apps in Singapore. This pilot program targets apps that could potentially abuse permissions to steal one-time passwords and sensitive data.
Learn more: https://thehackernews.com/2024/02/google-starts-blocking-sideloading-of.html
Learn more: https://thehackernews.com/2024/02/google-starts-blocking-sideloading-of.html
π€10π9β‘1π1
π¨ Alert: HijackLoader malware evolves with stealthier defense evasion techniques, posing a greater challenge to cybersecurity defenses.
This malware is getting smarter and harder to detect. Click to learn more: https://thehackernews.com/2024/02/hijackloader-evolves-researchers-decode.html
This malware is getting smarter and harder to detect. Click to learn more: https://thehackernews.com/2024/02/hijackloader-evolves-researchers-decode.html
π11π₯7β‘5
Unified identity isn't just a buzzwordβit's a game-changer in cybersecurity. Discover how consolidating identity challenges can bolster your organization's security posture.
Read: https://thehackernews.com/2024/02/unified-identity-look-for-meaning.html
Read: https://thehackernews.com/2024/02/unified-identity-look-for-meaning.html
π12π€7π₯3β‘1