🔒 Protecting data in the cloud requires a new approach. Discover why browser-based DLP is the key to securing corporate data online.

Get insights from LayerX's comprehensive guide:
https://thehackernews.com/2024/03/data-leakage-prevention-in-age-of-cloud.html

⚠️ Beware of fake DocuSign emails – they're designed to trick you into downloading the New CHAVECLOAK Android banking malware.

What it does:
- Hijacks your screen
- Logs your keystrokes
- Uses fake pop-ups to capture your banking logins

Read: https://thehackernews.com/2024/03/new-banking-trojan-chavecloak-targets.html

⚠️ Heads up, WordPress admins! Over 3,900 websites compromised in weeks.

A high-severity flaw in the Ultimate Member plugin exposes sites to attacks, leading to phishing scams.

Learn more: https://thehackernews.com/2024/03/malware-campaign-exploits-popup-builder.html

Secure your sites NOW.

For the first time, Russia detains a South Korean national, Baek Won-soon, on cyber espionage charges. Transferred from Vladivostok to Moscow for further investigation.

Learn more: https://thehackernews.com/2024/03/south-korean-citizen-detained-in-russia.html

Heads up, developers! Hackers are targeting crypto wallets with sneaky PyPI packages. Thousands of downloads already affected. Check your dependencies!

Learn more: https://thehackernews.com/2024/03/watch-out-these-pypi-python-packages.html

Tired of being overwhelmed by security exposures?

Discover the power of Continuous Threat Exposure Management (CTEM). Identify critical assets, prioritize risks, and get actionable recommendations for improved security posture.

Get started 👇 https://thehackernews.com/2024/03/ctem-101-go-beyond-vulnerability.html

🚨 Microsoft releases Patch Tuesday updates to patch 61 new vulnerabilities, including privilege escalation flaws in Azure, Windows, & Authenticator.

Update ASAP. Learn more: https://thehackernews.com/2024/03/microsofts-march-updates-fix-61.html

🚨 Alert: A new phishing campaign uses a Java-based downloader to distribute VCURMS & STRRAT RATs, leveraging public services like AWS & GitHub for malware hosting.

Learn more: https://thehackernews.com/2024/03/alert-cybercriminals-deploying-vcurms.html

Beware of adversary-in-the-middle attacks: Hackers create fake login pages to steal credentials and manipulate MFA prompts. Protect yourself by verifying websites and being cautious with links

Read: https://thehackernews.com/2024/02/4-ways-hackers-use-social-engineering.html

Researchers reveal Google's Gemini AI is vulnerable to LLM attacks that could leak sensitive data, generate harmful content, and be used for malicious purposes.

Read: https://thehackernews.com/2024/03/researchers-highlight-googles-gemini-ai.html

Cybercriminals are now targeting the latest weak spot—identities within SaaS applications.

Join our webinar to learn how to secure both human and non-human identities against data breaches and financial losses.

Register now: https://thehackernews.com/2024/03/join-our-webinar-on-protecting-human.html

Latest version of PixPirate Android banking trojan evades detection by removing the ability to launch the app from the home screen. The complex infection chain involves both a downloader and the main malicious app working in tandem.

Read: https://thehackernews.com/2024/03/pixpirate-android-banking-trojan-using.html

Tools of the Trade: Anti-malware scanning, WAFs, and sandboxing alone aren't sufficient for protecting against malicious uploads.

Learn why and discover what offers better protection in our detailed analysis: https://thehackernews.com/2024/03/demystifying-common-cybersecurity-myth.html

⚠️ Vulnerability Alert: Fortinet warns of a severe SQL Injection vulnerability (CVE-2023-48788) in FortiClientEMS allowing unauthenticated attackers to execute code remotely.

Details: https://thehackernews.com/2024/03/fortinet-warns-of-severe-sqli.html

Check if your versions are affected and upgrade ASAP!

🛑 A new DarkGate malware campaign uses a recently patched #Microsoft Windows flaw (CVE-2024-21412) to deploy malicious software via bogus installers.

Learn more: https://thehackernews.com/2024/03/darkgate-malware-exploits-recently.html

Researchers detail a high-severity flaw in Kubernetes, CVE-2023-5528, that allowed attackers remote code execution with SYSTEM privileges on Windows endpoints within a cluster.

Learn more: https://thehackernews.com/2024/03/researchers-detail-kubernetes.html

RedCurl cybercrime group found exploiting Windows Program Compatibility Assistant for malicious activities. This sophisticated method allows attackers to bypass security and run malicious commands.

Read: https://thehackernews.com/2024/03/redcurl-cybercrime-group-abuses-windows.html

Blind Eagle expands its cyber threats, now using Ande Loader malware to deliver RATs via phishing.

Targets? Spanish-speaking manufacturing industry in North America

Read: https://thehackernews.com/2024/03/ande-loader-malware-targets.html

Russian-Canadian national Mikhail Vasiliev has been sentenced to nearly 4 years in prison for his role in the infamous LockBit ransomware operation and has been ordered to pay over $860,000 in restitution.

Read details here: https://thehackernews.com/2024/03/lockbit-ransomware-hacker-ordered-to.html

🔒 Balancing act for CISOs: Ensuring security without hindering productivity.

Discover how Cato SSE 360, part of the Cato SASE Cloud platform, nails this balance by optimizing cost, complexity, and user experience.

Read: https://thehackernews.com/2024/03/3-things-cisos-achieve-with-cato.html