🚨 Cybercrime group Scattered Spider is now using RansomHub and Qilin ransomware strains, according to Microsoft.

Learn about the evolving cybercrime landscape and new ransomware threats: https://thehackernews.com/2024/07/scattered-spider-adopts-ransomhub-and.html

China-linked APT17 targets Italian entities with 9002 RAT malware, utilizing spear-phishing attacks via Office documents and malicious links.

Understanding these tactics helps organizations anticipate and mitigate similar threats.

Read: https://thehackernews.com/2024/07/china-linked-apt17-targets-italian.html

🚨 Alert: FIN7 cybercrime group's latest tool, AvNeutralizer, used by ransomware groups such as Black Basta, is now being marketed in criminal darkweb forums with new capabilities to evade security solutions.

Learn more: https://thehackernews.com/2024/07/fin7-group-advertises-security.html

SIM swap attacks are on the rise, with T-Mobile and Verizon employees being targeted to enable these scams.

Developing a culture of security awareness is essential to prevent these breaches.

Learn how to mitigate these threats: https://thehackernews.com/2024/07/navigating-insider-risks-are-your.html

Cybersecurity researchers have identified a new variant of BeaverTail malware disguised as a #macOS app targeting job seekers. The malware, used by DPRK hackers, steals sensitive information and installs backdoors.

Learn more: https://thehackernews.com/2024/07/north-korean-hackers-update-beavertail.html

Wiz Demo: See The #1 Cloud Security Platform In Action

Toxic combinations polluting your cloud? See how Wiz uncovers hidden risk and blocks attack paths to reduce your cloud exposure.

Book a Demo: https://thn.news/wiz-demo-hn

🚨 ALERT: Cisco patches critical vulnerability in Smart Software Manager On-Prem. This flaw could allow attackers to change any user's password, including admins.

CVE-2022-22948 could be exploited with crafted HTTP requests—Patch now!

Read: https://thehackernews.com/2024/07/cisco-warns-of-critical-flaw-affecting.html

Meta suspends use of GenAI in Brazil following a preliminary ban by the country's data protection authority.

Read: https://thehackernews.com/2024/07/meta-halts-ai-use-in-brazil-following.html

Analysts suggest this might influence future AI policies globally, urging companies to prioritize user consent.

A sophisticated cyber espionage group, TAG-100, is targeting global organizations in over 10 countries using open-source tools. This widespread attack affects multiple sectors and regions.

Details here: https://thehackernews.com/2024/07/tag-100-new-threat-actor-uses-open.html

Critical vulnerabilities have been discovered in SAP's AI Core platform, potentially exposing customer data and access tokens.

This affects businesses using SAP for AI workflows, threatening supply chain attacks and unauthorized access to sensitive information.

Learn about the 'SAPwned' flaws and their impact on The Hacker News: https://thehackernews.com/2024/07/sap-ai-core-vulnerabilities-expose.html

Bots now account for 44.5% of travel industry's web traffic, warns Imperva in their 2024 Bad Bot Report.

With the summer travel season approaching, the risk of fraud and account takeovers is higher than ever, posing significant risks to customer trust and operational efficiency.

Industry experts recommend advanced traffic analysis,blocking outdated browsers and real-time bot detection to mitigate these threats.

Learn more: https://thehackernews.com/2024/07/automated-threats-pose-increasing-risk.html

🔒 Tired of security alerts being ignored by devs?

We've got the solution. Join this free WEBINAR & learn how to build a Security Champion 🦸 program & turn developers into your strongest cybersecurity allies.

Save your seat now: https://thehackernews.com/2024/07/appsec-webinar-how-to-turn-developers.html

Researchers uncover "HotPage" adware masquerading as an ad-blocker. This malware can inject code into processes, potentially granting attackers system-level access on Windows.

Learn more: https://thehackernews.com/2024/07/alert-hotpage-adware-disguised-as-ad.html

🚨 Major Security Breach at WazirX!

Indian cryptocurrency exchange WazirX lost $230 million in assets due to a breach exploiting Liminal's wallet interface, likely linked to North Korean threat actors.

Find details here: https://thehackernews.com/2024/07/wazirx-cryptocurrency-exchange-loses.html

🚨 SolarWinds addresses critical security flaws in its Access Rights Manager (ARM) software.

These vulnerabilities could allow unauthorized access to sensitive data or execution of arbitrary code.

Read here: https://thehackernews.com/2024/07/solarwinds-patches-11-critical-flaws-in.html

APT41, a China-based hacking group, has infiltrated global sectors, gaining unauthorized access and extracting data since 2023.

Using sophisticated malware like DUSTPAN & DUSTTRAP, they evade detection and maintain long-term access.

https://thehackernews.com/2024/07/apt41-infiltrates-networks-in-italy.html

A pro-Houthi threat group, OilAlpha, has targeted humanitarian organizations in Yemen with Android spyware to steal sensitive data.

Find details here: https://thehackernews.com/2024/07/pro-houthi-group-targets-yemen-aid.html

CrowdStrike's recent update has led to major disruptions for businesses worldwide, causing Windows workstations to crash.

This incident affects businesses across various sectors, from airlines to hospitals.

Learn more: https://thehackernews.com/2024/07/faulty-crowdstrike-update-crashes.html

Sigma Computing hosted a webinar with AI leaders on industry trends and applications. These insights aid professionals in fraud prevention, retail, and data management.

Recap here: https://thehackernews.com/2024/07/summary-of-ai-leaders-spill-their.html

🚨 Two Russian nationals have pleaded guilty in a U.S. court for their roles in the LockBit ransomware scheme, which targeted over 2,500 entities globally.

Read details here: https://thehackernews.com/2024/07/two-russian-nationals-plead-guilty-in.html

Did you know? Cybercriminals can compromise up to 30,000 accounts by attempting one million email-password combinations. The threat is real and growing.

Identity theft is more sophisticated, with phishing, stealer malware & brute force attacks on the rise.

Learn how Cybersixgill's identity intelligence protects organizations by detecting and mitigating compromised credentials.

Read: https://thehackernews.com/2024/07/safeguard-personal-and-corporate.html