A critical security flaw in Progress Software's WhatsUp Gold is under active exploitation.

This vulnerability allows unauthenticated remote code execution, posing a severe threat to network security.

The flaw (CVE-2024-4885) affects versions released before 2023.1.3. A PoC exploit is already in circulation.

Read: https://thehackernews.com/2024/08/critical-security-flaw-in-whatsup-gold.html

Update to the latest version immediately to protect your systems!

FBI and CISA warn of BlackSuit ransomware, with demands soaring to $500M and individual ransoms hitting $60M. These actors use sophisticated methods like phishing, RDP exploits, and legitimate RMM tools to infiltrate and persist in networks.

https://thehackernews.com/2024/08/fbi-and-cisa-warn-of-blacksuit.html

Researchers have uncovered a sophisticated phishing campaign leveraging Google Drawings and WhatsApp links.

This attack cleverly uses trusted platforms to bypass security measures, making it more challenging to detect.

Read: https://thehackernews.com/2024/08/new-phishing-scam-uses-google-drawings.html

Microsoft is addressing two critical vulnerabilities in the Windows Update system.

These flaws could allow attackers to stage downgrade attacks, replacing current Windows files with older, vulnerable versions.

Read: https://thehackernews.com/2024/08/windows-downgrade-attack-risks-exposing.html

SANS Network Security 2024 is happening this September in Las Vegas!

This event is crucial for staying ahead of cybersecurity threats and advancements.

It features 45+ courses, 40+ GIAC certifications, and AI-focused keynotes by Daniel Miessler.

Register now: https://thehackernews.com/2024/08/unlock-future-of-cybersecurity.html

Don't miss out on this opportunity to enhance your cybersecurity skills!

A new "0.0.0.0 Day" vulnerability, existing for 18 years, affects major web browsers (Chrome, Firefox, Safari) on MacOS and Linux devices.

This flaw could let malicious sites access local services.

Read: https://thehackernews.com/2024/08/0000-day-18-year-old-browser.html

Relying only on Automated Security Validation (ASV) is insufficient for full protection against cyber threats. While ASV identifies and validates vulnerabilities, it must be integrated with broader threat management strategies for complete security.

Learn how combining ASV with Continuous Threat Exposure Management (CTEM) enhances cybersecurity efficiency and effectiveness.

Read: https://thehackernews.com/2024/08/automated-security-validation-one-very.html

North Korea-linked threat actor Kimsuky has launched new attacks targeting university staff and researchers.

Kimsuky uses spear-phishing campaigns to deploy custom tools and gain persistent access to compromised systems.

Read: https://thehackernews.com/2024/08/university-professors-targeted-by-north.html

U.S. cybersecurity agency CISA warns of hackers exploiting Cisco's legacy Smart Install (SMI) feature that could lead to unauthorized access to sensitive data.

Learn more: https://thehackernews.com/2024/08/cisa-warns-of-hackers-exploiting-legacy.html

U.S. DoJ charges a Nashville man for running a "laptop farm" to help North Koreans get remote IT jobs in the U.S. and U.K., fraudulently obtaining over $250,000 and causing companies significant losses.

Read: https://thehackernews.com/2024/08/doj-charges-nashville-man-for-helping.html

Celebrate SANS Institute's 35th Anniversary with a $1700 Complimentary Cyber Bundle at Network Security 2024! 🎉

Register for in-person training and get a bonus SANS course (AIS247), OnDemand bundle, and a @Night pass to the AI Cybersecurity Summit (Sept 8-9).

Don't miss out: https://thn.news/net-sec-2024

Cybersecurity researchers uncovered vulnerabilities in Sonos smart speakers that could allow remote eavesdropping.

The weaknesses allow attackers to execute remote code and covertly capture audio, highlighting the critical need for robust security in IoT devices.

These flaws, impacting devices pre-dating the Sonos S2 release 15.9, put users' privacy at risk.

Learn more: https://thehackernews.com/2024/08/new-flaws-in-sonos-smart-speakers-allow.html

Microsoft has disclosed four security flaws in OpenVPN that could be chained to enable RCE and local privilege escalation.

These vulnerabilities can lead to full control over targeted endpoints, risking data breaches and system compromise.

Read: https://thehackernews.com/2024/08/microsoft-reveals-four-openvpn-flaws.html

Microsoft reveals a new unpatched vulnerability in Office (CVE-2024-38200) that could expose sensitive data to malicious actors.

It affects multiple Office versions and could be exploited via web-based attacks, making it a significant threat.

While a formal patch is expected soon, Microsoft has already rolled out an alternative fix.

Read: https://thehackernews.com/2024/08/microsoft-warns-of-unpatched-office.html

⚡ Researchers have uncovered critical AWS vulnerabilities that could allow attackers to gain full control over AWS accounts, manipulate AI modules, or exfiltrate sensitive data, putting countless organizations at risk.

Read: https://thehackernews.com/2024/08/experts-uncover-severe-aws-flaws.html

A widespread malware campaign is installing rogue Chrome and Edge extensions via fake websites, affecting over 300,000 users.

It hijacks search queries and installs hard-to-remove extensions.

Read: https://thehackernews.com/2024/08/new-malware-hits-300000-users-with.html

10 newly discovered flaws in Google’s Quick Share app could allow remote code execution on Windows devices.

These vulnerabilities affect both Android and Windows, potentially enabling attackers to take remote control of the systems.

Read: https://thehackernews.com/2024/08/researchers-uncover-10-flaws-in-googles.html

Developers, double-check your dependencies!

Researchers have uncovered a malicious Python package, “solana-py,” on PyPI, designed to steal Solana blockchain wallet keys.

This deceptive package mimics the legitimate “solana” API and has already been downloaded over 1,100 times, posing a serious threat to developers and end users.

The package injects malicious code into the "init .py" script, exfiltrating sensitive information to an external domain.

Read: https://thehackernews.com/2024/08/rogue-pypi-library-solana-users-steals.html

Russian organizations face a new spear-phishing threat, EastWind, using PlugY malware for screen monitoring, keystroke logging, and data theft, endangering sensitive information and security.

Read: https://thehackernews.com/2024/08/russian-government-hit-by-eastwind.html

Major vulnerabilities found in Ewon Cosy+ remote access solution could allow attackers to gain root privileges and hijack VPN sessions.

Attackers can exploit these flaws to decrypt sensitive data and intercept critical network communications.

Read: https://thehackernews.com/2024/08/industrial-remote-access-tool-ewon-cosy.html

A critical #vulnerability (CVE-2024-7589) in OpenSSH on FreeBSD could allow attackers to execute code remotely with root privileges.

Learn more: https://thehackernews.com/2024/08/freebsd-releases-urgent-patch-for-high.html

If you're using FreeBSD, update your systems immediately and restart sshd.