A free Rhysida ransomware decryptor has been released!

Researchers have discovered a vulnerability in the Rhysida #malware, allowing them to develop a decryption tool.

Learn more: https://thehackernews.com/2024/02/rhysida-ransomware-cracked-free.html

🚨 CISA warns of an exploited vulnerability in Roundcube email software that could lead to information disclosure through malicious link references in plain text messages.

Learn more: https://thehackernews.com/2024/02/alert-cisa-warns-of-active-roundcube.html

🛑 Urgent: Hackers exploit Ivanti security flaw to deploy stealthy DSLog backdoor. Don't wait – factory reset appliances and apply the latest patches immediately.

Learn more: https://thehackernews.com/2024/02/ivanti-vulnerability-exploited-to.html

Data Detection & Response (DDR) is not just a buzzword.

Data protection has evolved in the cloud era, shifting focus from permissions and physical access.

To secure the dynamic cloud landscape, Sentra has released a tailored DDR guide.

Check it out: https://thehackernews.co/data-detection-and-response

PikaBot malware undergoes a dramatic transformation, simplifying its code and communication methods.

Click to learn more: https://thehackernews.com/2024/02/pikabot-resurfaces-with-streamlined.html

🚨Glupteba botnet upgrades with UEFI firmware stealth tech, making it undetectable by regular antivirus. This nasty malware steals info, mines #cryptocurrency , and attacks your router.

Learn more: https://thehackernews.com/2024/02/glupteba-botnet-evades-detection-with.html

⚠️ Zero-day alert!

💻 Microsoft released security patches for 73 flaws in its software for February 2024. This includes 5 critical and 2 actively exploited zero-day vulnerabilities.

Details here: https://thehackernews.com/2024/02/microsoft-rolls-out-patches-for-73.html

Don't wait, 🛡️ update your systems now.

🚨 ALERT: Beware, traders!

Hackers are exploiting a ZERO-DAY flaw in Microsoft Defender SmartScreen to deliver DarkMe malware. This sophisticated attack can steal your data and give hackers access to your financial accounts.

Learn more: https://thehackernews.com/2024/02/darkme-malware-targets-traders-using.html

🔐 Legacy accounts, bad OAuth hygiene—how major companies get hacked. Nation-state actors are exploiting flaws in common SaaS management.

Security can't be on auto-pilot. Find out how to improve your SaaS security posture: https://thehackernews.com/2024/02/midnight-blizzard-and-cloudflare.html

🚨 Bumblebee, QakBot, Zloader, & PikaBot are back, targeting U.S. organizations with sophisticated phishing tactics.

Learn more: https://thehackernews.com/2024/02/bumblebee-malware-returns-with-new.html

Be wary of suspicious emails or downloads – these threats are sneakier than ever.

🛑 Ubuntu users, beware! Hackers can exploit a vulnerability in the command-not-found utility to recommend and trick you into installing rogue packages via snap repositories.

Learn more: https://thehackernews.com/2024/02/ubuntu-command-not-found-tool-could.html

Double-check sources before installation.

🛡️ Microsoft and OpenAI released a report exposing how major hacking groups tied to Russia, China, North Korea, and Iran are weaponizing 🤖 AI-powered tools to upgrade their cyberattack strategies.

🔗 Read details here → https://thehackernews.com/2024/02/microsoft-openai-warn-of-nation-state.html

⚠️ Attention, Sysadmins! A newly discovered critical vulnerability (CVE-2024-21410) in Microsoft Exchange Server is currently being actively exploited.

Details here → https://thehackernews.com/2024/02/critical-exchange-server-flaw-cve-2024.html

Attackers can hijack user accounts & gain admin-level control. Update ASAP!

🚨 Ransomware, cloud breaches, AI-powered attacks... Financial services under attack.

43% of senior bank execs admit they're unprepared for a major cyber event.

Get expert tips to boost your cyber defenses ➡️ https://thehackernews.com/2024/02/cybersecurity-tactics-finserv.html

🚨 GoldFactory, the mastermind behind sophisticated banking trojans like GoldPickaxe for iOS and Android, is now employing deepfake tech & social engineering tactics to swipe your sensitive data.

Learn more: https://thehackernews.com/2024/02/chinese-hackers-using-deepfakes-in.html

🛑 Alert: Firmware analysis reveals shocking vulnerabilities in Ivanti's Pulse Secure appliances.

Running on an 11-year-old Linux version with outdated libraries — susceptible to 973 flaws, including 111 with publicly known exploits.

Read: https://thehackernews.com/2024/02/ivanti-pulse-secure-found-using-11-year.html

🚨 Russian threat actor Turla strikes again with a new backdoor, TinyTurla-NG, targeting NGOs in Poland and exfiltrating sensitive data from password management software.

Learn more: https://thehackernews.com/2024/02/russian-turla-hackers-target-polish.html

SaaS isn't just software; it's the lifeline of modern businesses. But with great convenience comes great vulnerability.

Learn more in this latest eye-opening analysis uncovering the hidden risks within SaaS applications: https://thehackernews.com/2024/02/how-nation-state-actors-target-your.html

⚡ U.S. government disrupted a Russia-linked botnet targeting governments and militaries. The botnet was made up of compromised SOHO routers.

Learn more: https://thehackernews.com/2024/02/us-government-disrupts-russian-linked.html

Think twice before leaving old employee accounts active!

CISA reports a major cyber attack on a state government organization. Attackers used leaked credentials from a former employee's administrator account to breach the network.

Read: https://thehackernews.com/2024/02/us-state-government-network-breached.html