🔐 Legacy accounts, bad OAuth hygiene—how major companies get hacked. Nation-state actors are exploiting flaws in common SaaS management.

Security can't be on auto-pilot. Find out how to improve your SaaS security posture: https://thehackernews.com/2024/02/midnight-blizzard-and-cloudflare.html

🚨 Bumblebee, QakBot, Zloader, & PikaBot are back, targeting U.S. organizations with sophisticated phishing tactics.

Learn more: https://thehackernews.com/2024/02/bumblebee-malware-returns-with-new.html

Be wary of suspicious emails or downloads – these threats are sneakier than ever.

🛑 Ubuntu users, beware! Hackers can exploit a vulnerability in the command-not-found utility to recommend and trick you into installing rogue packages via snap repositories.

Learn more: https://thehackernews.com/2024/02/ubuntu-command-not-found-tool-could.html

Double-check sources before installation.

🛡️ Microsoft and OpenAI released a report exposing how major hacking groups tied to Russia, China, North Korea, and Iran are weaponizing 🤖 AI-powered tools to upgrade their cyberattack strategies.

🔗 Read details here → https://thehackernews.com/2024/02/microsoft-openai-warn-of-nation-state.html

⚠️ Attention, Sysadmins! A newly discovered critical vulnerability (CVE-2024-21410) in Microsoft Exchange Server is currently being actively exploited.

Details here → https://thehackernews.com/2024/02/critical-exchange-server-flaw-cve-2024.html

Attackers can hijack user accounts & gain admin-level control. Update ASAP!

🚨 Ransomware, cloud breaches, AI-powered attacks... Financial services under attack.

43% of senior bank execs admit they're unprepared for a major cyber event.

Get expert tips to boost your cyber defenses ➡️ https://thehackernews.com/2024/02/cybersecurity-tactics-finserv.html

🚨 GoldFactory, the mastermind behind sophisticated banking trojans like GoldPickaxe for iOS and Android, is now employing deepfake tech & social engineering tactics to swipe your sensitive data.

Learn more: https://thehackernews.com/2024/02/chinese-hackers-using-deepfakes-in.html

🛑 Alert: Firmware analysis reveals shocking vulnerabilities in Ivanti's Pulse Secure appliances.

Running on an 11-year-old Linux version with outdated libraries — susceptible to 973 flaws, including 111 with publicly known exploits.

Read: https://thehackernews.com/2024/02/ivanti-pulse-secure-found-using-11-year.html

🚨 Russian threat actor Turla strikes again with a new backdoor, TinyTurla-NG, targeting NGOs in Poland and exfiltrating sensitive data from password management software.

Learn more: https://thehackernews.com/2024/02/russian-turla-hackers-target-polish.html

SaaS isn't just software; it's the lifeline of modern businesses. But with great convenience comes great vulnerability.

Learn more in this latest eye-opening analysis uncovering the hidden risks within SaaS applications: https://thehackernews.com/2024/02/how-nation-state-actors-target-your.html

⚡ U.S. government disrupted a Russia-linked botnet targeting governments and militaries. The botnet was made up of compromised SOHO routers.

Learn more: https://thehackernews.com/2024/02/us-government-disrupts-russian-linked.html

Think twice before leaving old employee accounts active!

CISA reports a major cyber attack on a state government organization. Attackers used leaked credentials from a former employee's administrator account to breach the network.

Read: https://thehackernews.com/2024/02/us-state-government-network-breached.html

🚨 Beware! A malicious Python script is enabling cybercriminals to send bulk smishing messages by exploiting Amazon Web Services (AWS) Simple Notification Service (SNS).

Learn more: https://thehackernews.com/2024/02/malicious-sns-sender-script-abuses-aws.html

Cybersecurity breaches are no longer just headlines for big corporations. SMBs are on the front lines. Find out how NTT Security is leading the charge to democratize cybersecurity.

Read: https://thehackernews.com/2024/02/why-we-must-democratize-cybersecurity.html

🕵️‍♂️ Beware! A new macOS backdoor dubbed "RustDoor" is targeting 💰 cryptocurrency companies. Once disguised as a Visual Studio update, now hiding in job offer PDFs.

Learn more: https://thehackernews.com/2024/02/rustdoor-macos-backdoor-targets.html

⚠️ CISA warns of hackers exploiting a security flaw (CVE-2020-3259) in Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software in Akira ransomware attacks.

Learn more: https://thehackernews.com/2024/02/cisa-warning-akira-ransomware.html

Google open sources Magika, an AI-powered tool that boosts file type identification accuracy by 30%, helping defenders more easily identify malicious files.

Learn more: https://thehackernews.com/2024/02/google-open-sources-magika-ai-powered.html

Cyberattacks on business communication channels surged by 38% last year, exposing vulnerabilities that demand immediate attention. Are your communication platforms secure enough?

Learn essential strategies to protect your business from cyber threats: https://thehackernews.com/2024/02/how-businesses-can-safeguard-their.html

Ukrainian cybercriminal, Vyacheslav Igorevich Penchukov, pleads guilty to masterminding Zeus and IcedID malware attacks, infecting thousands of computers worldwide.

Learn more: https://thehackernews.com/2024/02/fbis-most-wanted-zeus-and-icedid.html

Iranian cyberespionage group Charming Kitten is using fake webinars and a new 'BASICSTAR' backdoor to target experts in Middle Eastern policy.

Learn more: https://thehackernews.com/2024/02/iranian-hackers-target-middle-east.html