Researchers report a surge in FakeBat malware infections from malvertising, targeting users searching for business software via trojanized MSIX installers.

Learn more: https://thehackernews.com/2024/08/cybercriminals-exploit-popular-software.html

Researchers have uncovered a new malware, UULoader, being used to deliver powerful threats like Gh0st RAT and Mimikatz.

With its focus on Chinese and Korean users, this malware could be part of a broader trend.

Read: https://thehackernews.com/2024/08/new-uuloader-malware-distributes-gh0st.html

CISA warns of active ransomware exploits targeting Jenkins via the CVE-2024-23897 vulnerability.

It allows attackers to execute malicious code, putting sensitive data at risk across industries.

Read: https://thehackernews.com/2024/08/cisa-warns-of-critical-jenkins.html

Patch your Jenkins systems now before it's too late.

Thousands of Oracle NetSuite e-commerce sites risk exposing sensitive customer data due to misconfigured access controls on custom record types (CRTs). Review and secure your settings now to prevent unauthorized access.

Read: https://thehackernews.com/2024/08/thousands-of-oracle-netsuite-sites-at.html

Blind Eagle cyberthreat group targets Latin America with adaptive tactics, using spear-phishing and RATs for financial theft and espionage.

Learn more: https://thehackernews.com/2024/08/blind-eagle-hackers-exploit-spear.html

Iranian state-sponsored group TA453 is targeting a prominent Jewish figure with spear-phishing campaigns to deploy a new malware tool, AnvilEcho.

Read more: https://thehackernews.com/2024/08/iranian-cyber-group-ta453-targets.html

Don’t be a victim—double-check every link, even from trusted sources.

A new security flaw in Microsoft Azure Kubernetes Services could allow attackers to escalate privileges and access sensitive credentials. The attack leverages Azure WireServer to decode critical secrets, putting many clusters at risk.

Read: https://thehackernews.com/2024/08/researchers-uncover-tls-bootstrap.html

Msupedge, a new backdoor exploiting PHP vulnerability CVE-2024-4577, was discovered in a cyber attack on a Taiwanese university. It uses DNS tunneling, making it hard to detect and posing a serious threat to organizations.

https://thehackernews.com/2024/08/hackers-exploit-php-vulnerability-to.html

Explore how Application Detection and Response (ADR) technology effectively defends against sophisticated threats like the Log4Shell vulnerability, ensuring robust application security and minimizing risk

Read: https://thehackernews.com/2024/08/anatomy-of-attack.html

70% of IT pros have faced security incidents due to incomplete offboarding.

Incomplete IT offboarding isn’t just a technical hiccup—it’s a direct threat to your organization’s security and budget.

Learn how to streamline offboarding process: https://thehackernews.com/2023/11/how-to-automate-hardest-parts-of.html

A new phishing campaign is targeting mobile users in the Czech Republic, leveraging Progressive Web Applications (PWAs) to steal banking credentials.

Learn more: https://thehackernews.com/2024/08/czech-mobile-users-targeted-in-new.html

Compromised API keys can expose your AWS environment. Monitor CloudTrail logs for unusual S3 access or security changes to detect threats. Secure your cloud by learning key detection strategies.

Learn more: https://thehackernews.com/2024/08/detecting-aws-account-compromise-key.html

🚨 A critical (CVSS 10.0) vulnerability in the GiveWP plugin exposes over 100,000 WordPress sites to remote code execution attacks.

Learn more: https://thehackernews.com/2024/08/givewp-wordpress-plugin-vulnerability.html

Don’t delay—secure your website now!

CERT-UA warns of new phishing attacks by Vermin hackers, using POW images to spread SPECTR and FIRMACHAGENT #malware targeting Ukrainian devices.

Learn more: https://thehackernews.com/2024/08/cert-ua-warns-of-new-vermin-linked.html

A newly discovered macOS malware, TodoSwift, linked to North Korean hacking groups, poses a serious threat to crypto businesses, especially targeting blockchain engineers with sophisticated multi-stage attacks.

Learn more: https://thehackernews.com/2024/08/new-macos-malware-todoswift-linked-to.html

The operator of Styx Stealer inadvertently leaked sensitive client data from their own machine, a glaring OPSEC failure. Styx Stealer, a malware variant, can steal browser data, Telegram sessions, and cryptocurrency wallets.

Read: https://thehackernews.com/2024/08/styx-stealer-creators-opsec-fail-leaks.html

70% of IT pros have faced security incidents due to incomplete offboarding.

Incomplete IT offboarding isn’t just a technical hiccup—it’s a direct threat to your organization’s security and budget.

Learn how to streamline offboarding process: https://thehackernews.com/2023/11/how-to-automate-hardest-parts-of.html

A new remote access trojan, MoonPeak, is actively being deployed by a North Korean hacking group, UAT-5394.

This malware only works with specific C2 servers, indicating a tailored approach to bypass defenses.

Read details: https://thehackernews.com/2024/08/north-korean-hackers-deploy-new.html

Shadow IT and unchecked SaaS applications create significant security blind spots.

Learn the risks and how to protect your business data from third-party app attacks in today's workplace.

Read: https://thehackernews.com/2024/08/its-time-to-untangle-saas-ball-of-yarn.html

A critical security flaw in #Microsoft's Copilot Studio, tracked as CVE-2024-38206, has been disclosed, potentially exposing sensitive information.

Learn more: https://thehackernews.com/2024/08/microsoft-patches-critical-copilot.html

New malware PG_MEM targets PostgreSQL databases with weak passwords, exploiting features to mine cryptocurrency and potentially control servers.

Once inside, attackers can deploy malware, steal data, and even control the server.

Read: https://thehackernews.com/2024/08/new-malware-pgmem-targets-postgresql.html