⚠️ URGENT: Google has urgently patched a critical Chrome flaw, CVE-2024-7971, that’s being actively exploited.

This #vulnerability could let attackers compromise your system via a malicious HTML page.

Details: https://thehackernews.com/2024/08/google-fixes-high-severity-chrome-flaw.html

Ensure your browser is updated now.

Discover how Zero-Trust Network Access (ZTNA) strengthens cybersecurity, reduces costs, and streamlines remote access.

Explore best practices for seamlessly integrating ZTNA into your existing security systems.

Read: https://thehackernews.com/expert-insights/2024/08/best-practices-for-integrating-ztna.html

"ALBeast," a new vulnerability, puts 15,000 Amazon Web Services' (AWS) applications at risk by allowing attackers to bypass authentication through a flaw in AWS's Application Load Balancer (ALB).

Learn more: https://thehackernews.com/2024/08/new-albeast-vulnerability-exposes.html

A China-linked threat group, Velvet Ant, has exploited a vulnerability (CVE-2024-20399) in Cisco switches as zero-day to gain control and evade detection.

Read: https://thehackernews.com/2024/08/chinese-hackers-exploit-zero-day-cisco.html

SolarWinds has released a critical patch for its Web Help Desk (WHD) software to fix a flaw (CVE-2024-28987) that could allow unauthorized remote access.

If you're using versions before 12.8.3 Hotfix 2, it's crucial to update immediately to avoid potential breaches.

Learn more: https://thehackernews.com/2024/08/hardcoded-credential-vulnerability.html

A critical backdoor in MIFARE Classic cards allows attackers to clone them and access secure areas within minutes, threatening businesses reliant on these systems.

Learn more: https://thehackernews.com/2024/08/hardware-backdoor-discovered-in-rfid.html

The U.S. has extradited and charged a key figure in the Karakurt cybercrime group, which has been stealing data, laundering ransom payments, and extorting victims since 2021.

Read: https://thehackernews.com/2024/08/latvian-hacker-extradited-to-us-for.html

A new malware, Cthulhu Stealer, is targeting Apple macOS, stealing credentials and cryptocurrency wallets. Sold for $500 a month as part of a malware-as-a-service (MaaS) model, it disguises itself as legitimate software like CleanMyMac.

Read: https://thehackernews.com/2024/08/new-macos-malware-cthulhu-stealer.html

Is your business continuity plan strong enough to survive a Microsoft 365 outage?

Learn how to secure your Microsoft 365 environment with advanced backup solutions, ensuring data resilience against cyberattacks and compliance risks.

Read: https://thehackernews.com/expert-insights/2024/08/how-to-modernize-your-microsoft-365.html

Ransomware evolves—Qilin's latest attack stole Google Chrome credentials by exploiting a Group Policy Object to run a PowerShell script at each login, exposing sensitive data.

Read: https://thehackernews.com/2024/08/new-qilin-ransomware-attack-uses-vpn.html

⚡ Imagine every essential cybersecurity tool at your fingertips—unified in one intuitive platform, with 24/7 expert support.

Join our webinar for a no-nonsense demo & discover how to achieve total protection with an All-in-One solution.

Don't miss it: https://thehackernews.com/2024/08/webinar-experience-power-of-must-have.html

New vulnerabilities emerge every hour. Discover how exposure management enhances cybersecurity, prioritizes vulnerabilities, and optimizes security efforts.

Learn steps for implementation: https://thehackernews.com/2024/08/focus-on-what-matters-most-exposure.html

PEAKLIGHT, a new memory-only dropper, is deploying malware on Windows systems via pirated movie files. It uses PowerShell scripts to install information stealers like Lumma Stealer and CryptBot.

Read: https://thehackernews.com/2024/08/new-peaklight-dropper-deployed-in.html

Iranian state-backed hackers, APT42, have been caught using WhatsApp to target high-profile individuals worldwide.

U.S. accuses Iran of election interference attempts.

Read: https://thehackernews.com/2024/08/meta-exposes-iranian-hacker-group.html

Stay one step ahead—knowledge is your best defense.

CISA has added a new #vulnerability in Versa Director (CVE-2024-39717) to its Known Exploited Vulnerabilities catalog due to active exploitation.

This flaw lets attackers upload malicious files, posing a serious threat to organizations.

Read: https://thehackernews.com/2024/08/cisa-urges-federal-agencies-to-patch.html

'Sedexp' Linux malware identified—targeting financial systems by hiding credit card skimmers. Sedexp leverages udev rules for persistence, triggering its malicious actions upon every system reboot.

Learn more: https://thehackernews.com/2024/08/new-linux-malware-sedexp-hides-credit.html

🔥 Telegram founder Pavel Durov has been arrested in France due to the platform's content moderation failures, which have been linked to widespread cybercrime and illegal activities.

Read details: https://thehackernews.com/2024/08/telegram-founder-pavel-durov-arrested.html

🚨 Researchers have uncovered NGate, a new Android malware that relays NFC payment data to attackers. Targeting Czech banks, it clones payment cards and withdraws funds from ATMs.

Read: https://thehackernews.com/2024/08/new-android-malware-ngate-steals-nfc.html

🚨 Two critical vulnerabilities have been discovered in the Traccar GPS tracking system, potentially allowing unauthenticated attackers to achieve remote code execution.

Read details: https://thehackernews.com/2024/08/critical-flaws-in-traccar-gps-system.html

Researchers uncover 20+ vulnerabilities in ML software supply chains, posing serious security risks to MLOps platforms.

These flaws could lead to arbitrary code execution or even allow malicious datasets to infiltrate systems, affecting the integrity of AI-driven operations.

Read: https://thehackernews.com/2024/08/researchers-identify-over-20-supply.html

Tools like Slack & Teams are great for daily use, but they weren't built with a security-first approach. Protect sensitive data with SalaX Secure Collaboration 2024, offering end-to-end encryption for secure business communication.

Read: https://thehackernews.com/2024/08/unpacking-slack-hacks-6-ways-to-protect.html