Beware! Voice phishing has taken an advanced twist with "Letscall."

This multi-step vishing attack combines hi-tech malware, voice traffic routing, and social engineering to deceive victims into micro-loans and disclose personal info.

Read: https://thehackernews.com/2023/07/vishing-goes-high-tech-new-letscall.html

🚨 Beware, Android users! Two popular file management apps on #Google Play Store revealed as spyware, sending users' data to servers in China.

Over 1.5M users' security and privacy are at risk.

Read details: https://thehackernews.com/2023/07/two-spyware-apps-on-google-play-with-15.html

🚨 ALERT: $20 million stolen from Revolut in a massive cyber attack. The organized criminal groups took advantage of a loophole, leading to significant financial losses:

Read: http://thehackernews.com/2023/07/hackers-steal-20-million-by-exploiting.html

Beware, LATAM businesses! A sophisticated banking trojan called TOITOIN is targeting Latin American organizations. Evading detection with custom-designed modules and a multi-stage attack strategy, it demands immediate attention.

Read: https://thehackernews.com/2023/07/new-toitoin-banking-trojan-targeting.html

RomCom RAT strikes again! Cyber threat actors are targeting the NATO Summit in Vilnius with phishing attacks.

Read: https://thehackernews.com/2023/07/romcom-rat-targeting-nato-and-ukraine.html

🔒 Mozilla Firefox has introduced a new feature called Quarantined Domains, which blocks certain add-ons on specific sites due to security risks.

Read details: https://thehackernews.com/2023/07/new-mozilla-feature-blocks-risky-add.html

⚡ Apple just released critical updates to patch an actively exploited zero-day (CVE-2023-37450) flaw.

🛡️ Update to iOS 16.5.1 (a), iPadOS 16.5.1 (a), macOS Ventura 13.4.1 (a), and Safari 16.5.2.

Read: https://thehackernews.com/2023/07/apple-issues-urgent-patch-for-zero-day.html

Protect your systems against Big Head ransomware's diverse attack vectors! It's not just about encryption—it also incorporates a file infector called Neshta to deceive security solutions.

Read: https://thehackernews.com/2023/07/beware-of-big-head-ransomware-spreading.html

New report reveals ongoing SCARLETEEL attack campaign targeting AWS Fargate. Cybercriminals escalate privileges, exploit vulnerabilities, and profit through crypto mining.

Learn more about this attack: https://thehackernews.com/2023/07/scarleteel-cryptojacking-campaign.html

Discover the power of MITRE ATT&CK! This widely adopted framework categorizes tactics, techniques, and procedures used in cyberattacks, helping security professionals build strong defense strategies.

Learn more: https://thehackernews.com/2023/07/how-to-apply-mitre-att-to-your.html

🚨 Security Alert: Hackers are exploiting a Microsoft Windows policy loophole to forge signatures on kernel-mode drivers, gaining complete system access.

Learn more about this major threat: https://thehackernews.com/2023/07/hackers-exploit-windows-policy-loophole.html

Heads up, everyone! Microsoft has released updates to fix 130 security flaws, including 6 zero-day vulnerabilities being actively exploited. Update your software now to keep your systems secure.

Learn more: https://thehackernews.com/2023/07/microsoft-releases-patches-for-130.html

A sophisticated threat actor has been employing a new Python-based fileless attack called PyLoose to mine cryptocurrency on cloud workloads, bypassing traditional detection methods.

Read details: https://thehackernews.com/2023/07/python-based-pyloose-fileless-attack.html

🚨🕹️ Attention gamers! A new rootkit signed by Microsoft has been discovered, targeting the #gaming sector in China.

Read details here: https://thehackernews.com/2023/07/chinese-hackers-deploy-microsoft-signed.html

Microsoft thwarts cyber attack by a Chinese nation-state actor targeting government agencies and organizations, focused on espionage and data theft.

Read more: https://thehackernews.com/2023/07/microsoft-thwarts-chinese-cyber-attack.html

Ransomware attacks continue to rise in 2023, with cybercriminals extorting a staggering $449.1 million in the first half of the year alone. These extortionists are showing no signs of slowing down, with their sights set on a potential $898.6 million haul in 2023.

Read: https://thehackernews.com/2023/07/ransomware-extortion-skyrockets-in-2023.html

Phishing attacks are becoming more sophisticated with AI. Discover how cybercriminals leverage AI to enhance their phishing techniques and what organizations can do to defend against them.

Read: https://thehackernews.com/2023/07/the-risks-and-preventions-of-ai-in.html

⚡️ SonicWall and Fortinet both address critical vulnerabilities in their network security software. Update SonicWall's GMS and Analytics, and Fortinet's FortiOS and FortiProxy immediately to protect against unauthorized access.

Read: https://thehackernews.com/2023/07/new-vulnerabilities-disclosed-in.html

A sophisticated China-based hacking campaign has targeted U.S. government agencies and organizations, compromising email accounts via Microsoft Outlook Web Access in Exchange Online (OWA) & Outlook.

Read: https://thehackernews.com/2023/07/us-government-agencies-emails.html

U.S. CISA warns of critical vulnerabilities in Rockwell Automation ControlLogix ENIP modules, allowing remote code execution and DoS attacks.

Read details: https://thehackernews.com/2023/07/rockwell-automation-controllogix-bugs.html

Watch out, researchers! A recently discovered proof-of-concept (PoC) exploit on GitHub for CVE-2023-35829 turns out to be a malicious downloader. It silently executes a bash noscript disguised as a kernel-level process.

Read more: https://thehackernews.com/2023/07/blog-post.html