New Webinar: 5 Steps to vCISO Success for MSPs and MSSPs

2024 will be the year of the vCISO. An incredible 45% of MSPs and MSSPs are planning to start offering vCISO services in 2024. As an MSP/MSSP providing vCISO services, you own the organization’s cybersecurity infrastructure and strategy. But you also need to position yourself as a reliable decision-maker, navigating professional responsibilities, business needs and leadership

https://thehackernews.com/2024/02/new-we...ccess.html

Critical Boot Loader Vulnerability in Shim Impacts Nearly All Linux Distros

The maintainers of shim have released version 15.8 to address six security flaws, including a critical bug that could pave the way for remote code execution under specific circumstances.
Tracked as CVE-2023-40547 (CVSS score: 9.8), the vulnerability could be exploited to achieve a Secure Boot bypass. Bill Demirkapi of the Microsoft Security Response Center (MSRC) has been&

https://thehackernews.com/2024/02/critic...ty-in.html

After FBI Takedown, KV-Botnet Operators Shift Tactics in Attempt to Bounce Back

The threat actors behind the KV-botnet made "behavioral changes" to the malicious network as U.S. law enforcement began issuing commands to neutralize the activity.
KV-botnet is the name given to a network of compromised small office and home office (SOHO) routers and firewall devices across the world, with one specific cluster acting as a covert data transfer system for other Chinese

https://thehackernews.com/2024/02/after-...ators.html

Critical Patches Released for New Flaws in Cisco, Fortinet, VMware Products

Cisco, Fortinet, and VMware have released security fixes for multiple security vulnerabilities, including critical weaknesses that could be exploited to perform arbitrary actions on affected devices.
The first set from Cisco consists of three flaws – CVE-2024-20252 and CVE-2024-20254 (CVSS score: 9.6) and CVE-2024-20255 (CVSS score: 8.2) – impacting Cisco Expressway Series that could allow an

https://thehackernews.com/2024/02/critic...flaws.html

Kimsuky's New Golang Stealer 'Troll' and 'GoBear' Backdoor Target South Korea

The North Korea-linked nation-state actor known as Kimsuky is suspected of using a previously undocumented Golang-based information stealer called Troll Stealer.
The malware steals "SSH, FileZilla, C drive files/directories, browsers, system information, [and] screen captures" from infected systems, South Korean cybersecurity company S2W said in a new technical report.
Troll

https://thehackernews.com/2024/02/kimsuk...l-and.html

Google Starts Blocking Sideloading of Potentially Dangerous Android Apps in Singapore

Google has unveiled a new pilot program in Singapore that aims to prevent users from sideloading certain apps that abuse Android app permissions to read one-time passwords and gather sensitive data.
"This enhanced fraud protection will analyze and automatically block the installation of apps that may use sensitive runtime permissions frequently abused for financial fraud when the user attempts

https://thehackernews.com/2024/02/google...ng-of.html

HijackLoader Evolves: Researchers Decode the Latest Evasion Methods

The threat actors behind a loader malware called HijackLoader have added new techniques for defense evasion, as the malware continues to be increasingly used by other threat actors to deliver additional payloads and tooling.
"The malware developer used a standard process hollowing technique coupled with an additional trigger that was activated by the parent process writing to a pipe,"

https://thehackernews.com/2024/02/hijack...ecode.html

Unified Identity – look for the meaning behind the hype!

If you've listened to software vendors in the identity space lately, you will have noticed that “unified” has quickly become the buzzword that everyone is adopting to describe their portfolio. And this is great! Unified identity has some amazing benefits! 
However (there is always a however, right?) not every “unified” “identity” “security” “platform” is made equal. Some vendors call the

https://thehackernews.com/2024/02/unifie...aning.html

Chinese Hackers Operate Undetected in U.S. Critical Infrastructure for Half a Decade

The U.S. government on Wednesday said the Chinese state-sponsored hacking group known as Volt Typhoon had been embedded into some critical infrastructure networks in the country for at least five years.
Targets of the threat actor include communications, energy, transportation, and water and wastewater systems sectors in the U.S. and Guam.
"Volt Typhoon's choice of targets and pattern

https://thehackernews.com/2024/02/chines...ed-in.html

Global Coalition and Tech Giants Unite Against Commercial Spyware Abuse

A coalition of dozens of countries, including France, the U.K., and the U.S., along with tech companies such as Google, MDSec, Meta, and Microsoft, have signed a joint agreement to curb the abuse of commercial spyware to commit human rights abuses.
The initiative, dubbed the Pall Mall Process, aims to tackle the proliferation and irresponsible use of commercial cyber intrusion tools by

https://thehackernews.com/2024/02/global...unite.html