OfflRouter malware has flown under the radar since 2015, infecting .DOC files within Ukrainian gov networks and leading to potentially confidential documents being exposed.

Details: https://thehackernews.com/2024/04/offlrouter-malware-evades-detection-in.html

🛠️ Ransomware won't wait, and neither should you.

Discover how Zerto’s Continuous Data Protection can dial back to seconds before an attack, ensuring minimal data loss.

Interested in how it works? Click to learn more: https://thehackernews.com/2024/04/recover-from-ransomware-in-5-minuteswe.html

A new threat, 'DuneQuixote', targets Middle Eastern governments with sophisticated evasion tactics and uses a sneaky cross-platform backdoor called CR4T.

🔗 Details here: https://thehackernews.com/2024/04/hackers-target-middle-east-governments.html

Akira ransomware group has extorted approximately $42 MILLION from over 250 global victims. It is now expanding its reach to target Linux, and VMware ESXi systems.

Read: https://thehackernews.com/2024/04/akira-ransomware-gang-extorts-42.html

Thought your firewall was enough?

Guess again... AiTM phishing, OAuth exploits, SSO attacks...hackers are getting creative targeting cloud identities.

Understand the next wave of cyberattacks – read this article: https://thehackernews.com/2024/04/showcasing-networkless-identity-attacks.html

China-linked hacking group Earth Hundun is targeting Asia-Pacific tech, research, and government sectors with advanced malware, including "Waterbear" and its upgraded successor, "Deuterbear."

Details: https://thehackernews.com/2024/04/blacktech-targets-tech-research-and-gov.html

🚨 Urgent: If you use CrushFTP for file transfers, update to the latest version immediately!

A critical flaw is being actively exploited, letting attackers escape Virtual File System (VFS) to access system files.

Click to learn more: https://thehackernews.com/2024/04/critical-update-crushftp-zero-day-flaw.html

Palo Alto Networks reveals more on exploited flaw. Attackers DON'T need device telemetry enabled. This is serious! Update your firewalls ASAP.

Details 👉 https://thehackernews.com/2024/04/palo-alto-networks-discloses-more.html

A new variant of RedLine Stealer, an information-stealing malware, has emerged using Lua bytecode to enhance its ability to evade detection. It is being distributed via repositories on GitHub disguised as game cheats.

Details: https://thehackernews.com/2024/04/new-redline-stealer-variant-disguised.html

North Korea-linked hackers, like Emerald Sleet, are using AI, particularly large language models (LLMs), for cyber operations, including spear-phishing, vulnerability research, reconnaissance and creating malicious content.

Details: https://thehackernews.com/2024/04/microsoft-warns-north-korean-hackers.html

⚠️Windows users, watch out!

Researchers detail a vulnerability in the Windows DOS-to-NT path conversion process which can be exploited by threat actors to gain rootkit-like capabilities, hiding files and processes without admin permissions.

https://thehackernews.com/2024/04/researchers-uncover-windows-flaws.html

MITRE Corporation hit by nation-state attack exploiting zero-day flaws in Ivanti Connect Secure.

Read: https://thehackernews.com/2024/04/mitre-corporation-breached-by-nation.html

Companies use 53 (🤯) security solutions on average... yet still get breached. How can we bridge this gap?

Read the latest report: https://thehackernews.com/2024/04/penteras-2024-report-reveals-hundreds.html

Ransomware victims, beware of re-victimization!

Orange Cyberdefense finds some organizations are hit multiple times. Reasons include affiliate crossovers and data misuse. Learn how to protect your organization.

Read: https://thehackernews.com/2024/04/ransomware-double-dip-re-victimization.html

Kaspersky has uncovered a concerning threat actor, ToddyCat, targeting government and military entities.

This group employs a wide range of tools to maintain persistent access and steal data on an "industrial scale."

https://thehackernews.com/2024/04/russian-hacker-group-toddycat-uses.html

🔐 Software supply chain breaches are a ticking time bomb. Forget playing defense - it's time to take the offensive against supply chain attackers.

⚡ Join our next cybersecurity webinar to learn battle-tested strategies from the experts.

Register now: https://thehacker.news/supply-chain-threats

💻 Hackers linked to Russia have been exploiting a Windows bug for YEARS to deploy GooseEgg malware for escalating attack access.

More insights here... https://thehackernews.com/2024/04/russias-apt28-exploited-windows-print.html

U.S. State Department imposed visa restrictions on 13 individuals linked to selling spyware for surveillance misuse targeting journalists, academics, and human rights defenders.

Read: https://thehackernews.com/2024/04/us-imposes-visa-restrictions-on-13.html

The Great Privacy Debate >>

European law enforcement agencies are deeply concerned about the widespread use of end-to-end encryption (E2EE), indicating it could severely hamper efforts to tackle online crimes like child abuse and terrorism.

https://thehackernews.com/2024/04/police-chiefs-call-for-solutions-to.html

Germany issues arrest warrants for 3 citizens accused of spying for China to obtain sensitive tech data that could aid Beijing's military capabilities.

Find details here: https://thehackernews.com/2024/04/german-authorities-issue-arrest.html