Microsoft Fixes 72 Flaws, Including Patch for Actively Exploited CLFS Vulnerability
Microsoft closed out its Patch Tuesday updates for 2024 with fixes for a total of 72 security flaws spanning its software portfolio, including one that…
Category: TheHackerNews
U.S. Charges Chinese Hacker for Exploiting Zero-Day in 81,000 Sophos Firewalls
Dec 11, 2024Ravie LakshmananVulnerability / Data Breach The U.S. government on Tuesday unsealed charges against a Chinese national for allegedly breaking into thousands of Sophos…
Ivanti Issues Critical Security Updates for CSA and Connect Secure Vulnerabilities
Dec 11, 2024Ravie LakshmananVulnerability / Network Security Ivanti has released security updates to address multiple critical flaws in its Cloud Services Application (CSA) and Connect…
Cleo File Transfer Vulnerability Under Exploitation – Patch Pending, Mitigation Urged
Dec 10, 2024Ravie LakshmananVulnerability / Threat Analysis Users of Cleo-managed file transfer software are being urged to ensure that their instances are not exposed to…
Fake Recruiters Distribute Banking Trojan via Malicious Apps in Phishing Scam
Dec 10, 2024Ravie LakshmananMobile Security / Cryptocurrency Cybersecurity researchers have shed light on a sophisticated mobile phishing (aka mishing) campaign that’s designed to distribute an…
Automated Internal and External Pentesting
Dec 10, 2024The Hacker NewsVulnerability / Perimeter Security In today’s rapidly evolving threat landscape, safeguarding your organization against cyberattacks is more critical than ever. Traditional…
Hackers Weaponize Visual Studio Code Remote Tunnels for Cyber Espionage
Dec 10, 2024Ravie LakshmananCyber Espionage / Hacking News A suspected China-nexus cyber espionage group has been attributed to an attacks targeting large business-to-business IT service…
Eight Arrested in Belgium and Netherlands
Dec 10, 2024Ravie LakshmananCybercrime / Vishing Belgian and Dutch authorities have arrested eight suspects in connection with a “phone phishing” gang that primarily operated out…
CERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security Force
Dec 10, 2024Ravie LakshmananMalware / Cyber Attack The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new set of cyber attacks that…
Ongoing Phishing and Malware Campaigns in December 2024
Dec 10, 2024The Hacker NewsMalware Analysis / Cyber Threat Cyber attackers never stop inventing new ways to compromise their targets. That’s why organizations must stay…
Black Basta Ransomware Evolves with Email Bombing, QR Codes, and Social Engineering
Dec 09, 2024Ravie LakshmananThreat Intelligence / Malware The threat actors linked to the Black Basta ransomware have been observed switching up their social engineering tactics,…
Seven Bolt-Ons to Make Your Entra ID More Secure for Critical Sessions
Dec 09, 2024The Hacker NewsIdentity Security / Passwordless Identity security is all the rage right now, and rightfully so. Securing identities that access an organization’s…