🚨 Critical Alert for Network Admins!

Juniper Networks just dropped an urgent security patch.

➟ CVE-2024-2973: Authentication bypass flaw
➟ CVSS score: 10.0
➟ Affects Session Smart Router & Conductor in HA configs

Read: https://thehackernews.com/2024/07/juniper-networks-releases-critical.html

🚨 A critical OpenSSH flaw (CVE-2024-6387) allows unauthenticated remote code execution on glibc-based Linux systems. 14 million servers at risk.

https://thehackernews.com/2024/07/new-openssh-vulnerability-could-lead-to.html

Apply the latest patches now!

🛑 ALERT: Software from Conceptworld trojanized to spread info-stealing malware!

If you downloaded Notezilla, RecentX, or Copywhiz in June, check your systems NOW!

Details here: https://thehackernews.com/2024/07/indian-software-firms-products-hacked.html

Explore end-to-end secrets security strategies to protect machine identities, prevent breaches, and empower developers with secure credential management practices.

Read: https://thehackernews.com/2024/07/end-to-end-secrets-security-making-plan.html

Transparent Tribe launches a new Android malware campaign, targeting mobile users with CapraRAT spyware disguised as popular apps.

Read: https://thehackernews.com/2024/07/caprarat-spyware-disguised-as-popular.html

🔒 iOS & macOS devs, heads up!

Discover how 3 new vulnerabilities in CocoaPods, a popular Apple developer tool, could lead to supply chain attacks on iOS & macOS apps.

Details here: https://thehackernews.com/2024/07/critical-flaws-in-cocoapods-expose-ios.html

Ensure your dependencies are up-to-date.

⚠️ Think twice before connecting to "free" Wi-Fi...

A 42-year-old Australian man charged for running fake Wi-Fi hotspots on 🛫 flights to steal personal data of passengers.

Learn more: https://thehackernews.com/2024/07/australian-man-charged-for-fake-wi-fi.html

Heads up! China-linked hackers are exploiting a zero-day vulnerability in Cisco NX-OS to execute commands as root, undetected, and deliver malware.

Read details: https://thehackernews.com/2024/07/chinese-hackers-exploiting-cisco.html

🌐 Meta's ad-free option in the E.U. hits another roadblock! Regulators say "pay or consent" model breaches competition rules.

But is offering choices really a breach? What’s your take?

Read: https://thehackernews.com/2024/07/metas-pay-or-consent-approach-faces-eu.html

🚨 New CPU vulnerability alert!

Intel's Raptor Lake & Alder Lake CPUs at risk from "Indirector" side-channel attack.

Read: https://thehackernews.com/2024/07/new-intel-cpu-vulnerability-indirector.html

Could leak sensitive data.

🔐 Average ransomware payment hits $2M, up 500%! Time to ditch outdated MFA and secure your organization with next-gen MFA to defend against sophisticated attacks.

Learn more: https://thehackernews.com/2024/07/how-mfa-failures-are-fueling-500-surge.html

IDC Spotlight: Creating a Cohesive Disaster and Cyber Recovery Strategy. Discover why IDC recommends an integrated approach for Cyber Recovery in 2024/2025.

Read: https://thn.news/cohesive-recovery-strategy

⚠️ Alert - A South Korean ERP vendor's update server was hacked to deliver a Go-based backdoor dubbed Xctdoor, stealing sensitive business info with keystrokes and screenshots.

Learn more: https://thehackernews.com/2024/07/south-korean-erp-vendors-server-hacked.html

Israeli entities are under attack by hackers using public frameworks like Donut and Sliver. The campaign, dubbed "Supposed Grasshopper," is using custom WordPress sites for payload delivery.

Learn more: https://thehackernews.com/2024/07/israeli-entities-targeted-by.html

Think that job offer is too good to be true? You might be right!

Hackers use fake job descriptions to exploit an MSHTML flaw and deploy MerkSpy spyware, targeting Canada, India, Poland, and the US.

Read: https://thehackernews.com/2024/07/microsoft-mshtml-flaw-exploited-to.html

Open-Source Intelligence + AI = Game Changer!

AI-powered tools are now handling massive data volumes, real-time analysis, and multilingual content.

Ready to level up your OSINT game?

Learn more: https://thehackernews.com/2024/07/the-emerging-role-of-ai-in-open-source.html

Twilio reports a data breach exposing 33 million Authy phone numbers, urges users to update apps and stay vigilant against phishing.

Details here > https://thehackernews.com/2024/07/twilios-authy-app-breach-exposes.html

Global police operation disrupts cybercrime networks, shuts down 600 servers linked to Cobalt Strike cyberattacks, and arrests 54 for elderly fraud schemes.

Learn more: https://thehackernews.com/2024/07/global-police-operation-shuts-down-600.html

⚠️ Attention IT Pros!

#Microsoft reveals critical vulnerabilities in Rockwell Automation PanelView Plus. Unauthenticated attackers could exploit these to execute code remotely or trigger DoS attacks.

Read: https://thehackernews.com/2024/07/microsoft-uncovers-critical-flaws-in.html

Discover the advanced Zergeca botnet capable of powerful DDoS attacks, proxying, scanning, and more, targeting major countries and using stealthy communication methods.

Read: https://thehackernews.com/2024/07/new-golang-based-zergeca-botnet-capable.html