⚠️ North Korean APT Kimsuky caught using new Golang-based info stealer "Troll Stealer" & malware "GoBear," both signed with stolen certificates, targeting sensitive data like SSH keys, browser data & system info.

Learn more → https://thehackernews.com/2024/02/kimsukys-new-golang-stealer-troll-and.html

Google starts blocking sideloading of shady Android apps in Singapore. This pilot program targets apps that could potentially abuse permissions to steal one-time passwords and sensitive data.

Learn more: https://thehackernews.com/2024/02/google-starts-blocking-sideloading-of.html

🚨 Alert: HijackLoader malware evolves with stealthier defense evasion techniques, posing a greater challenge to cybersecurity defenses.

This malware is getting smarter and harder to detect. Click to learn more: https://thehackernews.com/2024/02/hijackloader-evolves-researchers-decode.html

Unified identity isn't just a buzzword—it's a game-changer in cybersecurity. Discover how consolidating identity challenges can bolster your organization's security posture.

Read: https://thehackernews.com/2024/02/unified-identity-look-for-meaning.html

Chinese state-sponsored hacking group, Volt Typhoon, infiltrates U.S. critical infrastructure networks for over five years, posing a significant threat to essential services.

Read: https://thehackernews.com/2024/02/chinese-hackers-operate-undetected-in.html

🚨 Deja Vu for Ivanti users!

Another authentication bypass security vulnerability (CVE-2024-22024) has been found in #Ivanti products, affecting Connect Secure, Policy Secure, and ZTA gateways.

Details: https://thehackernews.com/2024/02/warning-new-ivanti-auth-bypass-flaw.html

Don't wait, patch ASAP to secure your devices!

🛑 Urgent: Patch it now - Hackers are exploiting it!

Fortinet has unveiled a critical security flaw in its SSL VPN, CVE-2024-21762, allowing hackers to execute arbitrary code.

Learn more: https://thehackernews.com/2024/02/fortinet-warns-of-critical-fortios-ssl.html

🚨 New backdoor called Zardoor used in cyberattack on Saudi Islamic charity, stealing data for over 2 years. Hackers use everyday tools like WMI to move undetected.

Read our full report: https://thehackernews.com/2024/02/stealthy-zardoor-backdoor-targets-saudi.html

Concerned about the expanded attack surface in the cloud?

Wazuh, an open-source cybersecurity platform, provides real-time threat detection and incident response for your cloud environments.

Check it out: https://thehackernews.com/2024/02/wazuh-in-cloud-era-navigating.html

New banking trojan "Coyote" targeting 61 Brazilian banks.

It uses Nim and Node.js for evasion and the Squirrel installer framework for distribution. Coyote steals data and can take screenshots.

Learn more: https://thehackernews.com/2024/02/new-coyote-trojan-targets-61-brazilian.html

Stop chasing false alarms! Myrror prioritizes vulnerabilities by impact, not noise. Focus on what truly matters & defend against supply chain attacks.

Learn how to protect your code from hidden threats: https://thehackernews.com/2024/02/hands-on-review-myrror-security-code.html

⚠️ Android users, beware! A new variant of MoqHao malware silently auto-executes upon installation, snatching data, and hijacking Wi-Fi—all without you needing to lift a finger.

Learn more: https://thehackernews.com/2024/02/new-variant-of-moqhao-android-malware.html

🕵️‍♂️ Raspberry Robin malware has been spotted using new exploits and is now spreading via Discord for wider infection, while also being improved to make it stealthier than before.

Learn more: https://thehackernews.com/2024/02/raspberry-robin-malware-upgrades-with.html

U.S. Justice Department cracks down on cybercrime, seizing infrastructure used to sell the notorious "Warzone RAT" and arresting two individuals involved in its distribution and support.

Learn more: https://thehackernews.com/2024/02/us-doj-dismantles-warzone-rat.html

🙌 💻 Microsoft is bringing Linux-like Sudo for Windows 11, a new feature that allows users to run commands with administrator privileges without having to open a new elevated console window.

https://thehackernews.com/2024/02/microsoft-introduces-linux-like-sudo.html

🌍 The U.S. Department of State is offering up to 💰 $10 million for information on Hive ransomware operators, and an additional $5 million for those involved in Hive ransomware activities.

Read details here: https://thehackernews.com/2024/02/us-offers-10-million-bounty-for-info.html

🔒 CISA teams up with OpenSSF to introduce a framework called "Principles for Package Repository Security," aimed at fortifying open-source software ecosystems against cyber threats.

Learn more: https://thehackernews.com/2024/02/cisa-and-openssf-release-framework-for.html

Ever wondered why cyber attacks seem unstoppable? It's the identity blind spots! Check out how Silverfort's platform fills this crucial gap, ensuring rapid detection and containment of compromised accounts.

Learn more: https://thehackernews.com/2024/02/why-are-compromised-identities.html

A free Rhysida ransomware decryptor has been released!

Researchers have discovered a vulnerability in the Rhysida #malware, allowing them to develop a decryption tool.

Learn more: https://thehackernews.com/2024/02/rhysida-ransomware-cracked-free.html

🚨 CISA warns of an exploited vulnerability in Roundcube email software that could lead to information disclosure through malicious link references in plain text messages.

Learn more: https://thehackernews.com/2024/02/alert-cisa-warns-of-active-roundcube.html