π¨ Mindblowing numbers alert! π¨ According to recent research, 45% of employees still have access to their ex-employerβs data, and over 25% of companies have had their reputations damaged due to ex-employees misusing data after leaving the company π€‘
Want to make sure your organization doesnβt fall into this risky 1/3? Learn how to safeguard your data and create a bulletproof offboarding protocol in just 20 minutes! πΌ
Join ex-Google expert Ben King and the Zenphi team in a free webinar on βOffboarding in Google Workspaceβ. Get hands-on tips for:
β Automating access revokes
β Securing accounts post-departure
β Preventing unauthorized access
π Bonus: Register for free and receive an Employees offboarding checklist!
π‘This webinar will set you apart as a cybersecurity pro β donβt miss it : https://thn.news/offboarding-best-practices
Want to make sure your organization doesnβt fall into this risky 1/3? Learn how to safeguard your data and create a bulletproof offboarding protocol in just 20 minutes! πΌ
Join ex-Google expert Ben King and the Zenphi team in a free webinar on βOffboarding in Google Workspaceβ. Get hands-on tips for:
β Automating access revokes
β Securing accounts post-departure
β Preventing unauthorized access
π Bonus: Register for free and receive an Employees offboarding checklist!
π‘This webinar will set you apart as a cybersecurity pro β donβt miss it : https://thn.news/offboarding-best-practices
zenphi
Best Practices for Employee Offboarding in Google Workspace
Learn about the best practices of user offboarding from a Google Cloud security, ex-Google employee, and Zenphi Google Workspace experts
π16π5π€3π₯1
DOJ seized 32 pro-Russian propaganda domains that mimicked news outlets to spread disinformation. The goal: reduce global support for Ukraine and influence elections in the U.S. and abroad.
Learn more: https://thehackernews.com/2024/09/us-seizes-32-pro-russian-propaganda.html
Learn more: https://thehackernews.com/2024/09/us-seizes-32-pro-russian-propaganda.html
π₯19π9π€6π4π±1
9 Ways to Uncover Shadow AI
Discover how to enforce AI security best practices with this sample report from Wiz.
Read: https://thn.news/ai-security-assessment
Discover how to enforce AI security best practices with this sample report from Wiz.
Read: https://thn.news/ai-security-assessment
wiz.io
AI Security Posture Assessment Sample Report | Wiz
Wiz is the unified cloud security platform with prevention and response capabilities, enabling security and development teams to build faster and more securely.
π7π5
π NIST released CSF 2.0!
Itβs all about continuous improvement with proactive, ongoing cybersecurity. New guidance on emerging threats + a βGovernβ function to integrate cybersecurity into enterprise risk.
Is your org ready? Learn more: https://thehackernews.com/2024/09/nist-cybersecurity-framework-csf-and.html
Itβs all about continuous improvement with proactive, ongoing cybersecurity. New guidance on emerging threats + a βGovernβ function to integrate cybersecurity into enterprise risk.
Is your org ready? Learn more: https://thehackernews.com/2024/09/nist-cybersecurity-framework-csf-and.html
π12π6π₯4
β οΈ Veeam has patched 18 security flaws, including 5 critical ones allowing remote code execution (e.g., CVE-2024-40711 with a 9.8 CVSS score). Update now to protect your data.
Learn more: https://thehackernews.com/2024/09/veeam-releases-security-updates-to-fix.html
Learn more: https://thehackernews.com/2024/09/veeam-releases-security-updates-to-fix.html
π11π2π₯1
Tropic Trooper is back, targeting government entities in the Middle East and Malaysia with new cyber tactics! Detected in June 2024, this group has shifted focus to human rights studiesβescalating the risk.
Find details here: https://thehackernews.com/2024/09/chinese-speaking-hacker-group-targets.html
Find details here: https://thehackernews.com/2024/09/chinese-speaking-hacker-group-targets.html
π8π2π₯2π±2β‘1
Telegramβs CEO, Pavel Durov, speaks out after his arrest in France, calling the charges misguided.
Read: https://thehackernews.com/2024/09/paul-durov-criticizes-outdated-laws.html
Read: https://thehackernews.com/2024/09/paul-durov-criticizes-outdated-laws.html
π39π₯11π10β‘5
Apache OFBiz just patched a high-severity #vulnerability (CVE-2024-45195) that allowed unauthenticated remote code execution.
Read: https://thehackernews.com/2024/09/apache-ofbiz-update-fixes-high-severity.html
Read: https://thehackernews.com/2024/09/apache-ofbiz-update-fixes-high-severity.html
π11π3
New LiteSpeed Cache flaw (CVE-2024-44000) risks unauthorized access to WordPress sites via exposed debug logs.
Read: https://thehackernews.com/2024/09/critical-security-flaw-found-in.html
Even old logs can be exploited. Update and purge now!
Read: https://thehackernews.com/2024/09/critical-security-flaw-found-in.html
Even old logs can be exploited. Update and purge now!
π14π€6π2π₯1
GitHub Actions users are vulnerable to typosquatting, where simple misspellings (e.g. "actons/checkout") can run malicious code, compromising software supply chains.
Read: https://thehackernews.com/2024/09/github-actions-vulnerable-to.html
Protect your codeβdouble-check your CI/CD pipelines!
Read: https://thehackernews.com/2024/09/github-actions-vulnerable-to.html
Protect your codeβdouble-check your CI/CD pipelines!
π10π5π₯4π€3β‘1
π¨ Alert: OSGeo GeoServer GeoTools (CVE-2024-36401) with a CVSS score of 9.8 is being exploited to deploy crypto miners, botnets, and the SideWalk backdoor. CISA has listed it as a KEV affecting IT and government sectors.
Read: https://thehackernews.com/2024/09/geoserver-vulnerability-targeted-by.html
Patch your systems NOW!
Read: https://thehackernews.com/2024/09/geoserver-vulnerability-targeted-by.html
Patch your systems NOW!
π7π7π±5π2π€2β‘1
vCISO services are essential: 98% of MSPs/MSSPs will offer them as SMBs seek affordable, top-tier security to protect assets & ensure compliance. It's a revenue booster & positions providers as trusted leaders.
Read: https://thehackernews.com/2024/09/the-state-of-virtual-ciso-report.html
Read: https://thehackernews.com/2024/09/the-state-of-virtual-ciso-report.html
π8π3π±2β‘1π1π€1
π₯ A SonicWall #vulnerability (CVE-2024-40766) is under active exploitation.
This critical flaw allows attackers to bypass access controls and potentially crash firewalls, compromising business operations. Don't wait.
https://thehackernews.com/2024/09/sonicwall-urges-users-to-patch-critical.html
Patch now or risk falling victim.
This critical flaw allows attackers to bypass access controls and potentially crash firewalls, compromising business operations. Don't wait.
https://thehackernews.com/2024/09/sonicwall-urges-users-to-patch-critical.html
Patch now or risk falling victim.
π19π7β‘2π₯2π±1
Two men were indicted for running WWH Club, a dark web marketplace with 350,000+ users selling stolen personal data and hacking services. Despite law enforcement, WWH Club remains active, underscoring the resilience of cybercrime.
Read: https://thehackernews.com/2024/09/fbi-cracks-down-on-dark-web-marketplace.html
Read: https://thehackernews.com/2024/09/fbi-cracks-down-on-dark-web-marketplace.html
π12π₯7π€5π±4β‘2π2
North Korean hackers are targeting developers on #LinkedIn with fake job offers, using coding tests to infect macOS. Once inside, they steal credentials, access code, and drain crypto funds. Social engineering remains a serious cyber threat
Read: https://thehackernews.com/2024/09/north-korean-threat-actors-deploy.html
Read: https://thehackernews.com/2024/09/north-korean-threat-actors-deploy.html
π€―35π₯16π14π12π7π±5π€3β‘2
U.S. and allies link Russian hacking group Cadet Blizzard to GRUβs 161st Center.
Targets: NATO, EU critical infrastructure, aiming to sabotage and steal data with WhisperGate malware.
Learn more: https://thehackernews.com/2024/09/us-offers-10-million-for-info-on.html
Targets: NATO, EU critical infrastructure, aiming to sabotage and steal data with WhisperGate malware.
Learn more: https://thehackernews.com/2024/09/us-offers-10-million-for-info-on.html
π16π€10π6π₯1
π¨ A new cyber espionage threat, TIDRONE, is targeting drone manufacturers in Taiwanβpotentially compromising military operations.
TIDRONE uses custom malware like CXCLNT and CLNTEND to exploit system vulnerabilities and steal sensitive data.
https://thehackernews.com/2024/09/tidrone-espionage-group-targets-taiwan.html
TIDRONE uses custom malware like CXCLNT and CLNTEND to exploit system vulnerabilities and steal sensitive data.
https://thehackernews.com/2024/09/tidrone-espionage-group-targets-taiwan.html
π16π3π₯1π1π€1
β οΈ Progress Software has released security updates for a critical vulnerability (CVE-2024-7591) in LoadMaster & Multi-Tenant hypervisors, allowing unauthenticated attackers to execute system commands.
https://thehackernews.com/2024/09/progress-software-issues-patch-for.html
Donβt risk your infrastructure. Update systems now!
https://thehackernews.com/2024/09/progress-software-issues-patch-for.html
Donβt risk your infrastructure. Update systems now!
π₯12π10β‘2
With businesses relying on SaaS tools like Microsoft 365, attackers are targeting platforms like Teams & SharePoint.
Implementing MFA and AI-driven detection is crucial for data resilience.
Ready to defend? Start here: https://thehackernews.com/expert-insights/2024/09/achieving-data-resilience-in-microsoft.html
Implementing MFA and AI-driven detection is crucial for data resilience.
Ready to defend? Start here: https://thehackernews.com/expert-insights/2024/09/achieving-data-resilience-in-microsoft.html
π10π7π€2π€―2β‘1
Mustang Panda APT is exploiting VS Code to target Southeast Asian governments. It allows hackers to run commands, steal data, and spread malware via VS Codeβs reverse shell.
Read for details: https://thehackernews.com/2024/09/chinese-hackers-exploit-visual-studio.html
Strengthen defenses nowβmonitor for these tactics!
Read for details: https://thehackernews.com/2024/09/chinese-hackers-exploit-visual-studio.html
Strengthen defenses nowβmonitor for these tactics!
π€5π€―4π2
Blind Eagle APT targets Colombiaβs insurance sector with custom Quasar RAT via phishing and Google Drive.
Learn more: https://thehackernews.com/2024/09/blind-eagle-targets-colombian-insurance.html
Sensitive data at riskβsecure your systems and train employees to spot threats.
Learn more: https://thehackernews.com/2024/09/blind-eagle-targets-colombian-insurance.html
Sensitive data at riskβsecure your systems and train employees to spot threats.
π6π€―3π€2π1