North Korea's Moonstone Sleet is pushing malicious npm packages to infect Windows systems.

Despite low downloads, the packages aimed to mimic popular libraries and potentially cause significant harm.

Read: https://thehackernews.com/2024/08/north-korean-hackers-moonstone-sleet.html

Innovate with AI Pioneers Gather and connect with developers across the community at Intel Innovation, September 24-25. Witness the breakthroughs propelling AI into the future and be a part of the revolution.

Don’t miss out – register now: https://thn.news/innovation-2024

Insider threats account for 26% of SaaS security incidents.

These threats are challenging to detect because insiders often have valid credentials and access.

ITDR platforms can help by monitoring behavioral clues and flagging anomalies.

Learn how: https://thehackernews.com/2024/08/suspicious-minds-insider-threats-in.html

NTERPOL recovers $39 million in largest BEC scam bust. Global stop-payment mechanism halts massive business email fraud. Seven arrested in Singapore.

Learn more: https://thehackernews.com/2024/08/interpol-recovers-41-million-in-largest.html

Apple tightens Gatekeeper protections in macOS Sequoia.

This enhances security against malware by making it harder for users to bypass critical security checks.

Now, users must navigate to System Settings > Privacy & Security to authorize apps, preventing easy overrides.

Read: https://thehackernews.com/2024/08/apples-new-macos-sequoia-tightens.html

How do you feel about this update? Share your thoughts!

A new Android banking trojan, Chameleon, is targeting Canadian users by posing as a CRM app.

Chameleon can bypass Android restrictions, making it a significant threat.

Learn more: https://thehackernews.com/2024/08/chameleon-android-banking-trojan.html

CrowdStrike reveals root cause of global Windows device crash, implements new safety measures, and faces potential lawsuit from Delta Air Lines.

Read details here: https://thehackernews.com/2024/08/crowdstrike-reveals-root-cause-of.html

A South Asian media organization was targeted with a new Go-based backdoor, GoGra.

GoGra utilizes Microsoft Graph API for command-and-control, mimicking techniques used by other advanced threats.

Read: https://thehackernews.com/2024/08/new-go-based-backdoor-gogra-targets.html

New vulnerabilities in Roundcube webmail could allow attackers to steal emails & passwords via malicious JavaScript.

Three CVEs have been addressed in the latest Roundcube updates. Make sure you're using versions 1.6.8 or 1.5.8 to stay protected.

Read: https://thehackernews.com/2024/08/roundcube-webmail-flaws-allow-hackers.html

New #Linux Kernel Exploitation Technique Unveiled: SLUBStick

This technique could elevate limited heap vulnerabilities to arbitrary memory read-and-write capabilities, threatening system security.

Researchers have shown SLUBStick can successfully bypass defenses like KASLR with a 99% success rate.

Read: https://thehackernews.com/2024/08/new-linux-kernel-exploit-technique.html

A critical security flaw in Progress Software's WhatsUp Gold is under active exploitation.

This vulnerability allows unauthenticated remote code execution, posing a severe threat to network security.

The flaw (CVE-2024-4885) affects versions released before 2023.1.3. A PoC exploit is already in circulation.

Read: https://thehackernews.com/2024/08/critical-security-flaw-in-whatsup-gold.html

Update to the latest version immediately to protect your systems!

FBI and CISA warn of BlackSuit ransomware, with demands soaring to $500M and individual ransoms hitting $60M. These actors use sophisticated methods like phishing, RDP exploits, and legitimate RMM tools to infiltrate and persist in networks.

https://thehackernews.com/2024/08/fbi-and-cisa-warn-of-blacksuit.html

Researchers have uncovered a sophisticated phishing campaign leveraging Google Drawings and WhatsApp links.

This attack cleverly uses trusted platforms to bypass security measures, making it more challenging to detect.

Read: https://thehackernews.com/2024/08/new-phishing-scam-uses-google-drawings.html

Microsoft is addressing two critical vulnerabilities in the Windows Update system.

These flaws could allow attackers to stage downgrade attacks, replacing current Windows files with older, vulnerable versions.

Read: https://thehackernews.com/2024/08/windows-downgrade-attack-risks-exposing.html

SANS Network Security 2024 is happening this September in Las Vegas!

This event is crucial for staying ahead of cybersecurity threats and advancements.

It features 45+ courses, 40+ GIAC certifications, and AI-focused keynotes by Daniel Miessler.

Register now: https://thehackernews.com/2024/08/unlock-future-of-cybersecurity.html

Don't miss out on this opportunity to enhance your cybersecurity skills!

A new "0.0.0.0 Day" vulnerability, existing for 18 years, affects major web browsers (Chrome, Firefox, Safari) on MacOS and Linux devices.

This flaw could let malicious sites access local services.

Read: https://thehackernews.com/2024/08/0000-day-18-year-old-browser.html

Relying only on Automated Security Validation (ASV) is insufficient for full protection against cyber threats. While ASV identifies and validates vulnerabilities, it must be integrated with broader threat management strategies for complete security.

Learn how combining ASV with Continuous Threat Exposure Management (CTEM) enhances cybersecurity efficiency and effectiveness.

Read: https://thehackernews.com/2024/08/automated-security-validation-one-very.html

North Korea-linked threat actor Kimsuky has launched new attacks targeting university staff and researchers.

Kimsuky uses spear-phishing campaigns to deploy custom tools and gain persistent access to compromised systems.

Read: https://thehackernews.com/2024/08/university-professors-targeted-by-north.html

U.S. cybersecurity agency CISA warns of hackers exploiting Cisco's legacy Smart Install (SMI) feature that could lead to unauthorized access to sensitive data.

Learn more: https://thehackernews.com/2024/08/cisa-warns-of-hackers-exploiting-legacy.html

U.S. DoJ charges a Nashville man for running a "laptop farm" to help North Koreans get remote IT jobs in the U.S. and U.K., fraudulently obtaining over $250,000 and causing companies significant losses.

Read: https://thehackernews.com/2024/08/doj-charges-nashville-man-for-helping.html

Celebrate SANS Institute's 35th Anniversary with a $1700 Complimentary Cyber Bundle at Network Security 2024! 🎉

Register for in-person training and get a bonus SANS course (AIS247), OnDemand bundle, and a @Night pass to the AI Cybersecurity Summit (Sept 8-9).

Don't miss out: https://thn.news/net-sec-2024