Evasive Panda compromises an ISP to push malicious software updates.

The group used DNS poisoning to alter update mechanisms, deploying malware on both macOS and Windows systems.

Read: https://thehackernews.com/2024/08/china-linked-hackers-compromise-isp-to.html

A new Android banking trojan, BlankBot, is targeting Turkish users to steal financial information.

It performs keylogging, screen recording, and intercepts SMS messages, posing a severe threat to user data.

Read: https://thehackernews.com/2024/08/new-android-trojan-blankbot-targets.html

A high-severity vulnerability (CVE-2024-6242) has been found in Rockwell Automation ControlLogix 1756 devices.

Exploiting this vulnerability could lead to unauthorized CIP commands, affecting device configurations and user projects.

Read: https://thehackernews.com/2024/08/critical-flaw-in-rockwell-automation.html

Cybersecurity incident response faces major challenges: timely detection, data collection, and coordination.

Quick, effective responses minimize damage. Tools like Wazuh boost readiness through automation and third-party integration.

Learn more: https://thehackernews.com/2024/08/enhancing-incident-response-readiness.html

Organizations in Kazakhstan are targeted by a new threat cluster, Bloody Wolf, distributing STRRAT malware.

This #malware allows attackers to hijack corporate computers and steal restricted data for as little as $80.

Phishing emails impersonating government agencies trick victims into installing malicious Java files.

Read: https://thehackernews.com/2024/08/kazakh-organizations-targeted-by-bloody.html

Ensure your team is aware of these tactics and bolster email security measures.

Researchers uncover design flaws in Windows Smart App Control and SmartScreen, allowing hackers to bypass security measures and gain system access undetected.

Learn more: https://thehackernews.com/2024/08/researchers-uncover-flaws-in-windows.html

A zero-day vulnerability in Apache OFBiz ERP system has been disclosed, allowing remote code execution.

This vulnerability, CVE-2024-38856, has a critical CVSS score of 9.8, making it extremely dangerous for businesses using this software.

Read: https://thehackernews.com/2024/08/new-zero-day-flaw-in-apache-ofbiz-erp.html

Share this to raise awareness!

Google has patched a new Android kernel vulnerability, CVE-2024-36971, that allows RCE.

It has been actively exploited by commercial spyware vendors in targeted attacks, posing a severe risk to Android users.

Read: https://thehackernews.com/2024/08/google-patches-new-android-kernel.html

Kaspersky has identified a new Android spyware, LianSpy, targeting users in Russia since 2021.

This malware captures screencasts, exfiltrates user files, and harvests call logs and app lists.

Find details here: https://thehackernews.com/2024/08/new-android-spyware-lianspy-evades.html

North Korea's Moonstone Sleet is pushing malicious npm packages to infect Windows systems.

Despite low downloads, the packages aimed to mimic popular libraries and potentially cause significant harm.

Read: https://thehackernews.com/2024/08/north-korean-hackers-moonstone-sleet.html

Innovate with AI Pioneers Gather and connect with developers across the community at Intel Innovation, September 24-25. Witness the breakthroughs propelling AI into the future and be a part of the revolution.

Don’t miss out – register now: https://thn.news/innovation-2024

Insider threats account for 26% of SaaS security incidents.

These threats are challenging to detect because insiders often have valid credentials and access.

ITDR platforms can help by monitoring behavioral clues and flagging anomalies.

Learn how: https://thehackernews.com/2024/08/suspicious-minds-insider-threats-in.html

NTERPOL recovers $39 million in largest BEC scam bust. Global stop-payment mechanism halts massive business email fraud. Seven arrested in Singapore.

Learn more: https://thehackernews.com/2024/08/interpol-recovers-41-million-in-largest.html

Apple tightens Gatekeeper protections in macOS Sequoia.

This enhances security against malware by making it harder for users to bypass critical security checks.

Now, users must navigate to System Settings > Privacy & Security to authorize apps, preventing easy overrides.

Read: https://thehackernews.com/2024/08/apples-new-macos-sequoia-tightens.html

How do you feel about this update? Share your thoughts!

A new Android banking trojan, Chameleon, is targeting Canadian users by posing as a CRM app.

Chameleon can bypass Android restrictions, making it a significant threat.

Learn more: https://thehackernews.com/2024/08/chameleon-android-banking-trojan.html

CrowdStrike reveals root cause of global Windows device crash, implements new safety measures, and faces potential lawsuit from Delta Air Lines.

Read details here: https://thehackernews.com/2024/08/crowdstrike-reveals-root-cause-of.html

A South Asian media organization was targeted with a new Go-based backdoor, GoGra.

GoGra utilizes Microsoft Graph API for command-and-control, mimicking techniques used by other advanced threats.

Read: https://thehackernews.com/2024/08/new-go-based-backdoor-gogra-targets.html

New vulnerabilities in Roundcube webmail could allow attackers to steal emails & passwords via malicious JavaScript.

Three CVEs have been addressed in the latest Roundcube updates. Make sure you're using versions 1.6.8 or 1.5.8 to stay protected.

Read: https://thehackernews.com/2024/08/roundcube-webmail-flaws-allow-hackers.html

New #Linux Kernel Exploitation Technique Unveiled: SLUBStick

This technique could elevate limited heap vulnerabilities to arbitrary memory read-and-write capabilities, threatening system security.

Researchers have shown SLUBStick can successfully bypass defenses like KASLR with a 99% success rate.

Read: https://thehackernews.com/2024/08/new-linux-kernel-exploit-technique.html

A critical security flaw in Progress Software's WhatsUp Gold is under active exploitation.

This vulnerability allows unauthenticated remote code execution, posing a severe threat to network security.

The flaw (CVE-2024-4885) affects versions released before 2023.1.3. A PoC exploit is already in circulation.

Read: https://thehackernews.com/2024/08/critical-security-flaw-in-whatsup-gold.html

Update to the latest version immediately to protect your systems!

FBI and CISA warn of BlackSuit ransomware, with demands soaring to $500M and individual ransoms hitting $60M. These actors use sophisticated methods like phishing, RDP exploits, and legitimate RMM tools to infiltrate and persist in networks.

https://thehackernews.com/2024/08/fbi-and-cisa-warn-of-blacksuit.html