Bots now account for 44.5% of travel industry's web traffic, warns Imperva in their 2024 Bad Bot Report.

With the summer travel season approaching, the risk of fraud and account takeovers is higher than ever, posing significant risks to customer trust and operational efficiency.

Industry experts recommend advanced traffic analysis,blocking outdated browsers and real-time bot detection to mitigate these threats.

Learn more: https://thehackernews.com/2024/07/automated-threats-pose-increasing-risk.html

🔒 Tired of security alerts being ignored by devs?

We've got the solution. Join this free WEBINAR & learn how to build a Security Champion 🦸 program & turn developers into your strongest cybersecurity allies.

Save your seat now: https://thehackernews.com/2024/07/appsec-webinar-how-to-turn-developers.html

Researchers uncover "HotPage" adware masquerading as an ad-blocker. This malware can inject code into processes, potentially granting attackers system-level access on Windows.

Learn more: https://thehackernews.com/2024/07/alert-hotpage-adware-disguised-as-ad.html

🚨 Major Security Breach at WazirX!

Indian cryptocurrency exchange WazirX lost $230 million in assets due to a breach exploiting Liminal's wallet interface, likely linked to North Korean threat actors.

Find details here: https://thehackernews.com/2024/07/wazirx-cryptocurrency-exchange-loses.html

🚨 SolarWinds addresses critical security flaws in its Access Rights Manager (ARM) software.

These vulnerabilities could allow unauthorized access to sensitive data or execution of arbitrary code.

Read here: https://thehackernews.com/2024/07/solarwinds-patches-11-critical-flaws-in.html

APT41, a China-based hacking group, has infiltrated global sectors, gaining unauthorized access and extracting data since 2023.

Using sophisticated malware like DUSTPAN & DUSTTRAP, they evade detection and maintain long-term access.

https://thehackernews.com/2024/07/apt41-infiltrates-networks-in-italy.html

A pro-Houthi threat group, OilAlpha, has targeted humanitarian organizations in Yemen with Android spyware to steal sensitive data.

Find details here: https://thehackernews.com/2024/07/pro-houthi-group-targets-yemen-aid.html

CrowdStrike's recent update has led to major disruptions for businesses worldwide, causing Windows workstations to crash.

This incident affects businesses across various sectors, from airlines to hospitals.

Learn more: https://thehackernews.com/2024/07/faulty-crowdstrike-update-crashes.html

Sigma Computing hosted a webinar with AI leaders on industry trends and applications. These insights aid professionals in fraud prevention, retail, and data management.

Recap here: https://thehackernews.com/2024/07/summary-of-ai-leaders-spill-their.html

🚨 Two Russian nationals have pleaded guilty in a U.S. court for their roles in the LockBit ransomware scheme, which targeted over 2,500 entities globally.

Read details here: https://thehackernews.com/2024/07/two-russian-nationals-plead-guilty-in.html

Did you know? Cybercriminals can compromise up to 30,000 accounts by attempting one million email-password combinations. The threat is real and growing.

Identity theft is more sophisticated, with phishing, stealer malware & brute force attacks on the rise.

Learn how Cybersixgill's identity intelligence protects organizations by detecting and mitigating compromised credentials.

Read: https://thehackernews.com/2024/07/safeguard-personal-and-corporate.html

🚨 A 17-year-old suspected member of the Scattered Spider cybercrime syndicate has been arrested in the U.K.

This group has targeted major companies, including MGM Resorts, with #ransomware.

Read here: https://thehackernews.com/2024/07/17-year-old-linked-to-scattered-spider.html

CrowdStrike's recent update glitch caused global IT disruptions, and now threat actors are exploiting this by distributing Remcos RAT malware to Latin American customers disguised as a hotfix.

Read details: https://thehackernews.com/2024/07/cybercriminals-exploit-crowdstrike.html

⚡ A new variant of the Play ransomware is now targeting VMWare ESXi environments, broadening its reach across Linux platforms.

With industries like IT & finance at high risk, experts stress the importance of proactive defenses.

Read: https://thehackernews.com/2024/07/new-linux-variant-of-play-ransomware.html

⚠️ New Alert: SocGholish malware is exploiting BOINC to deliver AsyncRAT, posing a severe threat to network security.

This sophisticated attack method could be used to execute ransomware and escalate privileges within your systems.

Details: https://thehackernews.com/2024/07/socgholish-malware-exploits-boinc.html

New Playbook for vCISOs: "Your First 100 Days as a vCISO – 5 Steps to Success" is now available!

If you're a virtual CISO, this comprehensive guide is essential for mastering your client's cybersecurity strategy and risk governance.

https://thehackernews.com/2024/07/msps-mssps-how-to-increase-engagement.html

FLUXROOT and PINEAPPLE cybercriminal groups exploiting Google Cloud for phishing attacks targeting Mercado Pago users in Latin America.

Learn more: https://thehackernews.com/2024/07/pineapple-and-fluxroot-hacker-groups.html

Sophisticated Chinese cybercrime syndicate "Vigorish Viper" exposed, using advanced tech suite for global operations, including illegal gambling and human trafficking.

The use of DNS manipulation and traffic distribution systems shows the sophistication of modern cybercriminals.

Learn more: https://thehackernews.com/2024/07/experts-uncover-chinese-cybercrime.html

🚀 New AI Features in Cybersecurity! Tines has released AI-enhanced workflows, including an SMS analysis service to detect phishing scams quickly and accurately.

🔍 This tool streamlines threat detection, enabling faster and more accurate responses, and promotes a culture of cybersecurity within organizations.

🛡️ By automating SMS analysis, security teams can reduce manual, repetitive tasks and focus on higher-level threats.

🔧 Learn more: https://thehackernews.com/2024/07/how-to-set-up-automated-sms-analysis.html

In a surprising move, Google has decided to abandon its plan to phase out third-party cookies in Chrome and will instead introduce a user-choice system.

Learn more: https://thehackernews.com/2024/07/google-abandons-plan-to-phase-out-third.html

CERT-UA has alerted of a new spear-phishing campaign targeting a Ukrainian research institution with malware named HATVIBE and CHERRYSPY, exploiting a CVE-2024-23692 vulnerability.

Learn more: https://thehackernews.com/2024/07/ukrainian-institutions-targeted-using.html