π¨ Alert for Chinese software seekers! Bogus ads on search engines like Baidu lead to fake Notepad++ & VNote downloads, deploying the Geacon trojan. Double-check URLs!
Read: https://thehackernews.com/2024/03/malicious-ads-targeting-chinese-users.html
Read: https://thehackernews.com/2024/03/malicious-ads-targeting-chinese-users.html
π10π₯6π1
Get the inside scoop on 2024's top threats.
We're thrilled to invite you to a series of webinars that will redefine your understanding of #cybersecurity in the era of SaaS, Generative AI, and comprehensive application protection.
REGISTER NOW π https://www.linkedin.com/pulse/saas-app-gen-ai-security-3-new-must-attend-live-webinars-fd9pc/
We're thrilled to invite you to a series of webinars that will redefine your understanding of #cybersecurity in the era of SaaS, Generative AI, and comprehensive application protection.
REGISTER NOW π https://www.linkedin.com/pulse/saas-app-gen-ai-security-3-new-must-attend-live-webinars-fd9pc/
Linkedin
SaaS, App and Gen AI Security - 3 New Must-Attend Live Webinars
In a digital era where cyber threats evolve faster than a blink, staying ahead isn't just an advantage; it's a necessity. We're thrilled to invite you to a groundbreaking series of webinars that will redefine your understanding of cybersecurity in the eraβ¦
π6π5π€4
π‘οΈ Google rolls out an enhanced Safe Browsing feature for Chrome on desktop & iOS.
Now with real-time URL checks against known malicious sites, aiming to block 25% more phishing attempts.
Learn more: https://thehackernews.com/2024/03/google-introduces-enhanced-real-time.html
Now with real-time URL checks against known malicious sites, aiming to block 25% more phishing attempts.
Learn more: https://thehackernews.com/2024/03/google-introduces-enhanced-real-time.html
π17π€9π6π₯5β‘2π2
Researchers have uncovered new threat in third-party plugins for OpenAI's ChatGPT that could allow attackers to install malicious plugins without users' consent and hijack accounts on third-party websites such as GitHub.
Read: https://thehackernews.com/2024/03/third-party-chatgpt-plugins-could-lead.html
Read: https://thehackernews.com/2024/03/third-party-chatgpt-plugins-could-lead.html
π₯20π8π±5π2
Researchers have uncovered "GhostRace" (CVE-2024-2193), a new variation of the Spectre v1 vulnerability affecting CPUs with speculative execution. This attack exploits race conditions to allow attackers to leak sensitive data.
Read: https://thehackernews.com/2024/03/ghostrace-new-data-leak-vulnerability.html
Read: https://thehackernews.com/2024/03/ghostrace-new-data-leak-vulnerability.html
π₯22π8π3
Watch Out! Hackers are using fake cracked software on GitHub to spread the RisePro information-stealing malware.
Read: https://thehackernews.com/2024/03/hackers-using-cracked-software-on.html
Read: https://thehackernews.com/2024/03/hackers-using-cracked-software-on.html
π18π€―9π8π₯3π2
β οΈ ALERT: Russian hackers, APT28, have launched significant phishing attacks targeting governments and NGOs across Europe, the Americas, and Asia. These attacks deploy counterfeit documents that appear official.
Read: https://thehackernews.com/2024/03/apt28-hacker-group-targeting-europe.html
Read: https://thehackernews.com/2024/03/apt28-hacker-group-targeting-europe.html
π€17π9π₯8π±5π2π2
π¨ Critical flaw discovered in miniOrange WordPress plugins.
If you're using miniOrange's Malware Scanner (β€ 4.7.2) or Web Application Firewall (β€ 2.1.1), DELETE THEM IMMEDIATELY.
The vulnerability allows attackers to take over your site.
https://thehackernews.com/2024/03/wordpress-admins-urged-to-remove.html
If you're using miniOrange's Malware Scanner (β€ 4.7.2) or Web Application Firewall (β€ 2.1.1), DELETE THEM IMMEDIATELY.
The vulnerability allows attackers to take over your site.
https://thehackernews.com/2024/03/wordpress-admins-urged-to-remove.html
π21π8π₯1π€1
Researchers uncover a sophisticated malware campaign using fake Google Sites pages and HTML smuggling to distribute AZORult, a notorious info stealer.
Learn more: https://thehackernews.com/2024/03/hackers-using-sneaky-html-smuggling-to.html
Learn more: https://thehackernews.com/2024/03/hackers-using-sneaky-html-smuggling-to.html
π10π1
Fortra has patched a critical flaw (CVE-2024-25153) in FileCatalyst file transfer, preventing unauthorized remote code execution and blocking attackers from taking full control of vulnerable servers.
Read details: https://thehackernews.com/2024/03/fortra-patches-critical-rce.html
Patch immediately.
Read details: https://thehackernews.com/2024/03/fortra-patches-critical-rce.html
Patch immediately.
π10π7π€3
π¨ New cyberattack campaign, DEEP#GOSU, uses PowerShell & VBScript to target Windows systems.
Likely linked to North Korean group Kimsuky, it's a sophisticated threat aiming to steal sensitive data.
Read more on this multi-stage malware attack: https://thehackernews.com/2024/03/new-deepgosu-malware-campaign-targets.html
Likely linked to North Korean group Kimsuky, it's a sophisticated threat aiming to steal sensitive data.
Read more on this multi-stage malware attack: https://thehackernews.com/2024/03/new-deepgosu-malware-campaign-targets.html
π16π€6π₯3π2
π¨ A 31-year-old Moldovan national, Sandu Boris Diaconu, has been sentenced to 42 months in prison by a U.S. court for operating E-Root Marketplace, an illicit platform selling hundreds of thousands of compromised credentials.
Learn more: https://thehackernews.com/2024/03/e-root-marketplace-admin-sentenced-to.html
Learn more: https://thehackernews.com/2024/03/e-root-marketplace-admin-sentenced-to.html
π12π₯10π1
Operation PhantomBlu utilizes a clever trick to deliver the NetSupport RAT by exploiting Microsoft Office's OLE template manipulation, evading traditional detection methods.
Read details: https://thehackernews.com/2024/03/new-phishing-attack-uses-clever.html
Read details: https://thehackernews.com/2024/03/new-phishing-attack-uses-clever.html
π₯11π9π5π1
π¨ A new variant of the data-wiping malware, AcidRain, has been detected in the wild, specifically designed to target Linux x86 devices. Its origins can be traced back to the early days of the Russo-Ukrainian conflict.
Learn more: https://thehackernews.com/2024/03/suspected-russian-data-wiping-acidpour.html
Learn more: https://thehackernews.com/2024/03/suspected-russian-data-wiping-acidpour.html
π10π₯8π6β‘3
Cybercriminals are now using digital document publishing sites like FlipSnack, Issuu, and Marq for phishing and credential theft. These sites look legitimate, making them harder to detect.
Learn more: https://thehackernews.com/2024/03/hackers-exploiting-popular-document.html
Learn more: https://thehackernews.com/2024/03/hackers-exploiting-popular-document.html
π9π₯9π7
π¨ New report reveals Artificial Intelligence tools like large language models could be exploited to create self-augmenting malware, evading detection methods like YARA rules.
Learn more: https://thehackernews.com/2024/03/from-deepfakes-to-malware-ais-expanding.html
Learn more: https://thehackernews.com/2024/03/from-deepfakes-to-malware-ais-expanding.html
π17π₯11π6π€―2
APIs are the backbone of our digital world.
π¨ But with a staggering 71% of internet traffic being API calls, they're also a prime target for cyberattacks. Many are unmonitored or mismanaged, opening the door to sensitive data leaks.
Read: https://thehackernews.com/2024/03/apis-drive-majority-of-internet-traffic.html
π¨ But with a staggering 71% of internet traffic being API calls, they're also a prime target for cyberattacks. Many are unmonitored or mismanaged, opening the door to sensitive data leaks.
Read: https://thehackernews.com/2024/03/apis-drive-majority-of-internet-traffic.html
π€―14π10π3π₯1
Cybersecurity gap in the boardroom is real.
Boards often overlook risks like financial impacts, regulatory compliance, IP protection, APT resilience, cloud security, and AI utilization.
Learn transformative insights for a secure digital future: https://thehackernews.com/2024/03/crafting-and-communicating-your.html
Boards often overlook risks like financial impacts, regulatory compliance, IP protection, APT resilience, cloud security, and AI utilization.
Learn transformative insights for a secure digital future: https://thehackernews.com/2024/03/crafting-and-communicating-your.html
π20π₯4
π‘οΈ U.S. EPA creates π§ Water Sector Cybersecurity Task Force to protect critical infrastructure against increasing cyberattacks.
Learn more: https://thehackernews.com/2024/03/us-epa-forms-task-force-to-protect.html
Learn more: https://thehackernews.com/2024/03/us-epa-forms-task-force-to-protect.html
π₯10π8π6π6
Ukraine Cyber Police have arrested three individuals linked to the hijacking of over 100 MILLION email and Instagram accounts worldwide and selling them on darkweb forums.
Read details here: https://thehackernews.com/2024/03/ukraine-arrests-trio-for-hijacking-over.html
Read details here: https://thehackernews.com/2024/03/ukraine-arrests-trio-for-hijacking-over.html
π18π±17π€―9π₯4