Tropic Trooper is back, targeting government entities in the Middle East and Malaysia with new cyber tactics! Detected in June 2024, this group has shifted focus to human rights studies—escalating the risk.

Find details here: https://thehackernews.com/2024/09/chinese-speaking-hacker-group-targets.html

Telegram’s CEO, Pavel Durov, speaks out after his arrest in France, calling the charges misguided.

Read: https://thehackernews.com/2024/09/paul-durov-criticizes-outdated-laws.html

Apache OFBiz just patched a high-severity #vulnerability (CVE-2024-45195) that allowed unauthenticated remote code execution.

Read: https://thehackernews.com/2024/09/apache-ofbiz-update-fixes-high-severity.html

New LiteSpeed Cache flaw (CVE-2024-44000) risks unauthorized access to WordPress sites via exposed debug logs.

Read: https://thehackernews.com/2024/09/critical-security-flaw-found-in.html

Even old logs can be exploited. Update and purge now!

GitHub Actions users are vulnerable to typosquatting, where simple misspellings (e.g. "actons/checkout") can run malicious code, compromising software supply chains.

Read: https://thehackernews.com/2024/09/github-actions-vulnerable-to.html

Protect your code—double-check your CI/CD pipelines!

🚨 Alert: OSGeo GeoServer GeoTools (CVE-2024-36401) with a CVSS score of 9.8 is being exploited to deploy crypto miners, botnets, and the SideWalk backdoor. CISA has listed it as a KEV affecting IT and government sectors.

Read: https://thehackernews.com/2024/09/geoserver-vulnerability-targeted-by.html

Patch your systems NOW!

vCISO services are essential: 98% of MSPs/MSSPs will offer them as SMBs seek affordable, top-tier security to protect assets & ensure compliance. It's a revenue booster & positions providers as trusted leaders.

Read: https://thehackernews.com/2024/09/the-state-of-virtual-ciso-report.html

🔥 A SonicWall #vulnerability (CVE-2024-40766) is under active exploitation.

This critical flaw allows attackers to bypass access controls and potentially crash firewalls, compromising business operations. Don't wait.

https://thehackernews.com/2024/09/sonicwall-urges-users-to-patch-critical.html

Patch now or risk falling victim.

Two men were indicted for running WWH Club, a dark web marketplace with 350,000+ users selling stolen personal data and hacking services. Despite law enforcement, WWH Club remains active, underscoring the resilience of cybercrime.

Read: https://thehackernews.com/2024/09/fbi-cracks-down-on-dark-web-marketplace.html

North Korean hackers are targeting developers on #LinkedIn with fake job offers, using coding tests to infect macOS. Once inside, they steal credentials, access code, and drain crypto funds. Social engineering remains a serious cyber threat

Read: https://thehackernews.com/2024/09/north-korean-threat-actors-deploy.html

U.S. and allies link Russian hacking group Cadet Blizzard to GRU’s 161st Center.

Targets: NATO, EU critical infrastructure, aiming to sabotage and steal data with WhisperGate malware.

Learn more: https://thehackernews.com/2024/09/us-offers-10-million-for-info-on.html

🚨 A new cyber espionage threat, TIDRONE, is targeting drone manufacturers in Taiwan—potentially compromising military operations.

TIDRONE uses custom malware like CXCLNT and CLNTEND to exploit system vulnerabilities and steal sensitive data.

https://thehackernews.com/2024/09/tidrone-espionage-group-targets-taiwan.html

⚠️ Progress Software has released security updates for a critical vulnerability (CVE-2024-7591) in LoadMaster & Multi-Tenant hypervisors, allowing unauthenticated attackers to execute system commands.

https://thehackernews.com/2024/09/progress-software-issues-patch-for.html

Don’t risk your infrastructure. Update systems now!

With businesses relying on SaaS tools like Microsoft 365, attackers are targeting platforms like Teams & SharePoint.

Implementing MFA and AI-driven detection is crucial for data resilience.

Ready to defend? Start here: https://thehackernews.com/expert-insights/2024/09/achieving-data-resilience-in-microsoft.html

Mustang Panda APT is exploiting VS Code to target Southeast Asian governments. It allows hackers to run commands, steal data, and spread malware via VS Code’s reverse shell.

Read for details: https://thehackernews.com/2024/09/chinese-hackers-exploit-visual-studio.html

Strengthen defenses now—monitor for these tactics!

Blind Eagle APT targets Colombia’s insurance sector with custom Quasar RAT via phishing and Google Drive.

Learn more: https://thehackernews.com/2024/09/blind-eagle-targets-colombian-insurance.html

Sensitive data at risk—secure your systems and train employees to spot threats.

Introducing Wing Security's SaaS Pulse—a FREE tool for continuous SaaS risk management! Stay ahead of risks like leaked credentials & shadow IT with automated monitoring.

Learn more: https://thehackernews.com/2024/09/wing-security-saas-pulse-continuous.html

Start securing your SaaS stack today.

Adding more cybersecurity tools increases third-party risk and widens your attack surface. Each new tool can expose you to vendor vulnerabilities.

Rethink your strategy—adopt smarter, holistic approaches for true security.

Learn more: https://thehackernews.com/2024/09/one-more-tool-will-do-it-reflecting-on.html

🔥 New "RAMBO" attack uses radio signals from a device’s RAM to steal sensitive data, including keystrokes, encryption keys, & biometrics. Attackers can intercept this data with off-the-shelf radio gear.

Learn more: https://thehackernews.com/2024/09/new-rambo-attack-uses-ram-radio-signals.html

Become a leader in cybersecurity risk management with Georgetown. Learn more in our webinar on September 18.

Sign up: https://thn.news/cyber-risk-webinar-ig

FinTech, Healthcare & SaaS thrive on data—so do cybercriminals.

As digital ecosystems grow complex, non-human identities like API keys and bots are key targets. Secure them to protect sensitive data and build trust.

Learn more: https://thehackernews.com/expert-insights/2024/09/fintech-healthcare-saas-need-non-human.html