🌍 Researchers have uncovered SecShow, a Chinese actor conducting global DNS probes. Operating from CERNET, these probes exploit open DNS resolvers for potential malicious activities.

🔗 Learn more: https://thehackernews.com/2024/06/chinese-actor-secshow-conducts-massive.html

Your business, attack surface and the threat landscape are not static - they are constantly changing.

Knowing where and how to prioritize your security resources to achieve the greatest impact with the least time invested is critical.

📅 Join Intruder’s webinar (June 12, 2024) to learn why exposure management is the way forward: https://thn.news/exposure-management-class

Can’t make it? Register for the webinar and a copy will be sent.

🌐 MSPs, are you ready to meet the soaring demand for cybersecurity services? Cynet’s All-in-One Cybersecurity Platform is your solution.

With a full suite of capabilities and 24/7 expert support, provide full breach protection with ease.

Learn more: https://thehackernews.com/2024/06/how-cynet-makes-msps-rich-their-clients.html

Microsoft has released updates addressing 51 security flaws for June 2024, including one Critical and 50 Important vulnerabilities.

Learn more: https://thehackernews.com/2024/06/microsoft-issues-patches-for-51-flaws.html

🚨 Warning - Chinese state-sponsored hackers exploited a Fortinet FortiGate vulnerability to infect 20,000 systems globally, targeting governments, organizations, and the defense industry.

Read about it here: https://thehackernews.com/2024/06/china-backed-hackers-exploit-fortinet.html

#cybersecurity

🛡️ Phishing campaigns target job-seekers with WARMCOOKIE backdoor, while another sophisticated attack exploits Windows search functionality to deliver malware.

Find Out More: https://thehackernews.com/2024/06/new-phishing-campaign-deploys.html

🚨 Alert: Black Basta ransomware group may have exploited a privilege escalation flaw (CVE-2024-26169) in the Microsoft Windows Error Reporting Service as a zero-day vulnerability.

Learn more: https://thehackernews.com/2024/06/black-basta-ransomware-may-have.html

🔒 Researchers uncover an ongoing cryptojacking campaign targeting misconfigured Kubernetes clusters to mine Dero cryptocurrency using malicious Docker images and UPX-packed miners.

Read: https://thehackernews.com/2024/06/cryptojacking-campaign-targets.html

"There is no cloud – it's just someone else's computer."

The recent Ticketmaster and Santander breaches prove this old saying still holds true.

Find out how to protect your organization's data in the cloud era. 👉 https://thehackernews.com/2024/06/lessons-from-ticketmaster-snowflake.html

Researchers have uncovered a cross-platform malware called Noodle RAT, used by Chinese-speaking threat actors for years.

Find out how this backdoor operates and why it's been flying under the radar. 👉

https://thehackernews.com/2024/06/new-cross-platform-malware-noodle-rat.html

🚨 ALERT: Google Pixel users, update your devices now.

Google has disclosed a high-severity security flaw, CVE-2024-32896, in Pixel Firmware, currently being exploited as a zero-day vulnerability.

Read: https://thehackernews.com/2024/06/google-warns-of-pixel-firmware-security.html

Ukrainian Cyber Police arrest 28-year-old suspect linked to Conti and LockBit ransomware groups. The alleged developer created crypters to help malware evade detection.

Learn more: https://thehackernews.com/2024/06/ukraine-police-arrest-suspect-linked-to.html

🚨 New Malware Alert: SSLoad is making waves with its sophisticated delivery via PhantomLoader. Discover the methods behind this Malware-as-a-Service and its implications for your security.

Read here: https://thehackernews.com/2024/06/cybercriminals-employ-phantomloader-to.html

Pakistani threat actors behind long-running malware campaign targeting India utilize GravityRAT (Android), HeavyLift (Windows), and GravityAdmin to compromise sensitive targets.

Read: https://thehackernews.com/2024/06/pakistan-linked-malware-campaign.html

🔒 Arid Viper launches mobile espionage campaign using trojanized Android apps to deliver AridSpy spyware, targeting Middle East users via fake messaging and job apps.

Read details: https://thehackernews.com/2024/06/arid-viper-launches-mobile-espionage.html

🛡️ Researchers uncover Sleepy Pickle, a stealthy attack technique that weaponizes the Pickle format to corrupt machine learning models, posing a severe supply chain risk.

Find details here: https://thehackernews.com/2024/06/new-attack-technique-sleepy-pickle.html

⚠️ Attention CISOs! Recent supply chain cyber-attacks are driving tighter cyber security regulations. Is your organization prepared?

Learn how to navigate the changing landscape and ensure compliance: https://thehackernews.com/2024/06/why-saas-security-is-suddenly-hot.html

Microsoft delays the rollout of its controversial AI-powered Recall feature for Copilot+ PCs, shifting to Windows Insider Program for quality and security enhancements.

Details here: https://thehackernews.com/2024/06/microsoft-delays-ai-powered-recall.html

🛡️ Google report reveals North Korean threat actors have been responsible for one-third of phishing activities in Brazil since 2020. These actors are targeting government, aerospace, tech, and financial sectors.

Learn about their tactics: https://thehackernews.com/2024/06/north-korean-hackers-target-brazilian.html

Quality matters in compliance! 79% of professionals noticed differences among auditors, and 38% faced report rejections due to quality.

Learn why detailed, accurate, and comprehensive reports are critical in our latest report >
https://thehackernews.com/expert-insights/2024/06/survey-reveals-compliance-professionals.html