SASE improves networks but lacks in defending against phishing and takeovers.

Learn how secure browser extensions complete your cyber security strategy: https://thehackernews.com/2024/03/sase-solutions-fall-short-without.html

🛡️ A now-patched vulnerability (CVE-2024-21388) in Microsoft Edge could have allowed attackers to covertly install browser extensions without user consent.

Find details here: https://thehackernews.com/2024/03/microsoft-edge-bug-could-have-allowed.html

If you use Edge, make sure you've updated to the latest version.

🚨 CISA alerts on a security flaw in Microsoft SharePoint Server now part of the KEV catalog due to active exploitation.

Vulnerability CVE-2023-24955 allows remote code execution for Site Owners.

Read: https://thehackernews.com/2024/03/cisa-warns-hackers-actively-attacking.html

Users urged to patch following May 2023 updates.

With a Georgetown master's you'll gain the tactical skills to plan for, respond to, and mitigate information security threats.


https://thehackernews.uk/cybersecurity-webinar-2024

🕵️‍♂️ Indian government entities & energy companies targeted by cyber espionage using "HackBrowserData" malware to steal sensitive info.

Details: https://thehackernews.com/2024/03/hackers-target-indian-defense-and.html

Attack campaign named OperationFlightNight leverages Slack for data exfiltration.

Telegram's new Peer-to-Peer Login (P2PL) feature offers free premium membership but in exchange for using your phone number as a relay to send OTP SMS messages to others—potentially exposing their phone numbers to strangers.

Learn more: https://thehackernews.com/2024/03/telegram-offers-premium-subscription-in.html

⚠️ Researchers have cracked AMD's defenses with a new attack called "ZenHammer"—a variant of the RowHammer attack—targeting Zen 2 & Zen 3 systems equipped with DDR5 chips.

Find details here: https://thehackernews.com/2024/03/new-zenhammer-attack-bypasses-rowhammer.html

🔒 Learn how to secure your web applications in a world where malicious attacks are getting smarter.

Don't miss our cybersecurity webinar on identifying and tackling security blind spots with experts from F5 and OPSWAT.

Save you spot now: https://thehackernews.com/2024/03/new-webinar-avoiding-application.html

🛡️ Mishandled API keys & passwords are a ticking time bomb 💣 in your software.

Don't wait for disaster – make security a non-negotiable part of your dev cycle.

Learn more: https://thehackernews.com/2024/03/behind-scenes-art-of-safeguarding-non.html

Buying the wrong #dataprotection solution is a #disaster waiting to happen.

Gain a better understanding of data protection challenges and establish your buying criteria using Zerto's Data Protection Buyers Guide!

Get the free full guide here: https://thn.news/data-protection-buyers-guide

A sneaky new service called "Darcula" is helping cybercriminals steal your info. They're impersonating postal services, airlines, even the IRS and using iMessage and Google Messages to slip past firewalls.

Learn more ➟ https://thehackernews.com/2024/03/darcula-phishing-network-leveraging-rcs.html

Finland's Poliisi has accused APT31, a Chinese nation-state actor, of a cyber attack on the country's Parliament in 2020-2021.

Learn more ➟ https://thehackernews.com/2024/03/finland-blames-chinese-hacking-group.html

⚠️ 🐧 Linux users, beware! A nasty piece of malware named DinodasRAT is on the loose, targeting China, Taiwan, Turkey, and Uzbekistan. It's a C++ juggernaut capable of stealing a treasure trove of sensitive data.

Read details ➟ https://thehackernews.com/2024/03/linux-version-of-dinodasrat-spotted-in.html

⚠️ 👩‍💻 PyPI under attack...again.

🐍 Python's Package Index temporarily shut down new user sign-ups and project creation due to a surge of malicious typosquatting attempts.

Learn more: https://thehackernews.com/2024/03/pypi-halts-sign-ups-amid-surge-of.html

Malware aimed to snag cryptocurrency wallets and more.

💻 A new vulnerability, CVE-2024-28085, dubbed "WallEscape," impacts the "wall" command in util-linux, potentially exposing passwords or altering clipboards on Linux distros like Ubuntu & Debian.

Read more ➟ https://thehackernews.com/2024/03/new-linux-bug-could-lead-to-user.html

🚨 ALERT: TheMoon botnet, previously thought to be inactive, is back.

Over 40,000 hijacked routers & IoT devices power Faceless, a criminal proxy service used to steal data, attack financial systems, & spread malware like SolarMarker & IcedID.

Read ➟ https://thehackernews.com/2024/03/themoon-botnet-resurfaces-exploiting.html

⚠️ New security flaws found in Dormakaba's Saflok RFID locks could allow attackers to easily forge keycards and access any room, affecting MILLIONS of hotel locks worldwide.

Read: https://thehackernews.com/2024/03/dormakaba-locks-used-in-millions-of.html

Outdated pen testing is expensive & leaves holes in your security. With automation and AI, companies can now affordably assess network security regularly, spotting vulnerabilities before attackers do.

💪 Find out how: https://thehackernews.com/2024/03/the-golden-age-of-automated-penetration.html

🛑URGENT SECURITY ALERT!

Secret backdoor found in XZ Utils compression library used by major Linux distros, like Fedora, Kali Linux, and openSUSE. Attackers could breach SSH and take control of systems.

https://thehackernews.com/2024/03/urgent-secret-backdoor-found-in-xz.html

Update and review your systems immediately.

⚠️ Mac users, beware! Malicious ads and fake websites are spreading dangerous malware like Atomic Stealer, which can steal your passwords, cryptocurrency, and other sensitive data.

Learn more: https://thehackernews.com/2024/03/hackers-target-macos-users-with.html