π¨ Ongoing GuardZoo surveillance targets Middle East military via Android malware. Initiated Oct '19 by Houthi-aligned group, over 450 victims in Yemen, Egypt, Oman, Qatar, Saudi Arabia, Turkey, UAE.
Learn more: https://thehackernews.com/2024/07/guardzoo-malware-targets-over-450.html
Learn more: https://thehackernews.com/2024/07/guardzoo-malware-targets-over-450.html
π13π₯12π±4π1
Researchers reveal Jenkins Script Console vulnerability exploited for crypto mining. Learn about the risks and how to protect your CI/CD infrastructure.
Learn more: https://thehackernews.com/2024/07/hackers-exploiting-jenkins-script.html
Learn more: https://thehackernews.com/2024/07/hackers-exploiting-jenkins-script.html
π₯10π7
β οΈ New BlastRADIUS flaw in RADIUS protocol allows MitM attacks, bypassing integrity checks.
Attackers can modify Access-Request packets undetected, forcing user auth.
https://thehackernews.com/2024/07/radius-protocol-vulnerability-exposes.html
ISPs & orgs must update RADIUS servers, use TLS/IPSec, and avoid PAP/CHAP methods.
Attackers can modify Access-Request packets undetected, forcing user auth.
https://thehackernews.com/2024/07/radius-protocol-vulnerability-exposes.html
ISPs & orgs must update RADIUS servers, use TLS/IPSec, and avoid PAP/CHAP methods.
π€―13π6π₯6β‘1π1
π οΈ Discover the security and privacy risks of leading customer service chatbots with the new Exposure Rating toolβan advanced risk assessment for your website!
Learn more: https://thehackernews.com/expert-insights/2024/07/9-customer-service-chatbots-ranked-for.html
Learn more: https://thehackernews.com/expert-insights/2024/07/9-customer-service-chatbots-ranked-for.html
π₯9π4π4β‘1
π¨ New OpenSSH vulnerability (CVE-2024-6409) found in RHEL 9's versions 8.7p1 & 8.8p1, allowing RCE via race condition in privsep child process.
Read: https://thehackernews.com/2024/07/new-openssh-vulnerability-discovered.html
β οΈ Active exploits detected! This bug is distinct from CVE-2024-6387 but shares similarities.
Read: https://thehackernews.com/2024/07/new-openssh-vulnerability-discovered.html
β οΈ Active exploits detected! This bug is distinct from CVE-2024-6387 but shares similarities.
π±19π₯9π6π€―3β‘1
Crypto analysts expose HuiOne Guarantee, a key platform for cybercriminals in SE Asia.
Linked to $11B in transactions, HuiOne offers money laundering, tech, & data services, supporting pig butchering scams.
Read: https://thehackernews.com/2024/07/crypto-analysts-expose-huione.html
Linked to $11B in transactions, HuiOne offers money laundering, tech, & data services, supporting pig butchering scams.
Read: https://thehackernews.com/2024/07/crypto-analysts-expose-huione.html
π₯11π6β‘5π1
Microsoft's latest Patch Tuesday update addresses 143 security flaws, with 2 already under active exploitation. Critical vulnerabilities include issues in Hyper-V and MSHTML.
Timely updates can prevent significant security incidents. Experts stress the importance of regular updates and vigilance.
Find details here: https://thehackernews.com/2024/07/microsofts-july-update-patches-143.html
Timely updates can prevent significant security incidents. Experts stress the importance of regular updates and vigilance.
Find details here: https://thehackernews.com/2024/07/microsofts-july-update-patches-143.html
π₯17β‘6π3π3π1
ITDR is revolutionizing identity protection in the fight against ransomware.
Identity protection lags 20 years behind, but ITDR provides comprehensive coverage and real-time threat mitigation.
Learn more: https://thehackernews.com/2024/07/true-protection-or-false-promise.html
Have you evaluated your ITDR solutions recently? Don't wait until it's too late.
Identity protection lags 20 years behind, but ITDR provides comprehensive coverage and real-time threat mitigation.
Learn more: https://thehackernews.com/2024/07/true-protection-or-false-promise.html
Have you evaluated your ITDR solutions recently? Don't wait until it's too late.
π10β‘3π€3π1
New ransomware group EstateRansomware exploits Veeam software vulnerability, uses dormant VPN accounts for initial access, and deploys persistent backdoors in sophisticated attacks.
Learn more: https://thehackernews.com/2024/07/new-ransomware-group-exploiting-veeam.html
Learn more: https://thehackernews.com/2024/07/new-ransomware-group-exploiting-veeam.html
π€―7π4π3β‘2
Over 50% of new flaws exploited in 2023-24 were zero-days. π
Explore IoT firmware complexities, state-sponsored threats & the pitfalls of traditional patching.
Discover innovative isolation solutions to secure against rapid exploits: https://thehackernews.com/2024/07/smash-and-grab-extortion.html
Explore IoT firmware complexities, state-sponsored threats & the pitfalls of traditional patching.
Discover innovative isolation solutions to secure against rapid exploits: https://thehackernews.com/2024/07/smash-and-grab-extortion.html
π±11β‘5π5π3π1
Anyrun's TI Lookup now offers Suricata Search.
π User can find active network threats using details of Suricata detection rules
Rule parameters can be combined with extra indicators like domains and IPs for more specific results
More β¬οΈ
https://go.thn.li/malware-analysis
π User can find active network threats using details of Suricata detection rules
Rule parameters can be combined with extra indicators like domains and IPs for more specific results
More β¬οΈ
https://go.thn.li/malware-analysis
ANY.RUN's Cybersecurity Blog
Search for Network Threats by Suricata in TI Lookup - ANY.RUN's Cybersecurity Blog
See how you can search for network threats using Suricata rule details in ANY.RUN's Threat Intelligence Lookup.
π₯12π6β‘2
Whoβs using genAI tools in your organization? Find out in minutes with Nudge Security. Start a free trial and discover every SaaS account ever created by anyone in your org, including generative AI tools.
Read: https://thn.news/ai-risks
Read: https://thn.news/ai-risks
Nudgesecurity
Discover & Secure Generative AI Usage with Nudge Security
Balance the productivity benefits of generative AI with security oversight by programmatically discovering the tools your employees are using.
π€10π6β‘3π€―2π₯1
β οΈ GitLab has patched a critical vulnerability (CVE-2024-6385) with a CVSS score of 9.6, allowing attackers to run pipeline jobs as any user.
Also, Citrix updates for CVE-2024-6235, & Broadcom addresses flaws in VMware Cloud Director (CVE-2024-22277) & Aria Automation (CVE-2024-22280).
Learn more: https://thehackernews.com/2024/07/gitlab-patches-critical-flaw-allowing.html
Don't wait β secure your development environment now.
Also, Citrix updates for CVE-2024-6235, & Broadcom addresses flaws in VMware Cloud Director (CVE-2024-22277) & Aria Automation (CVE-2024-22280).
Learn more: https://thehackernews.com/2024/07/gitlab-patches-critical-flaw-allowing.html
Don't wait β secure your development environment now.
π19β‘8
A recently disclosed security flaw in PHP (CVE-2024-4577) is being exploited by multiple threat actors to deploy remote access trojans, cryptocurrency miners, and DDoS botnets.
Learn more https://thehackernews.com/2024/07/php-vulnerability-exploited-to-spread.html
Learn more https://thehackernews.com/2024/07/php-vulnerability-exploited-to-spread.html
β‘9π€―8π4π₯4
β οΈ A new phishing campaign is spreading Poco RAT malware among Spanish-speaking sectors, including utilities and manufacturing.
Details here: https://thehackernews.com/2024/07/new-poco-rat-targets-spanish-speaking.html
π Analysts note the malware's unique focus on anti-analysis and C2 activities, making it harder to detect.
Details here: https://thehackernews.com/2024/07/new-poco-rat-targets-spanish-speaking.html
π Analysts note the malware's unique focus on anti-analysis and C2 activities, making it harder to detect.
π₯9π8π€4
APT41 is suspected of using an advanced version of StealthVector, called DodgeBox, to deliver a new backdoor named MoonWalk.
Understanding the advanced evasion techniques used by DodgeBox is essential for maintaining robust cybersecurity.
Read: https://thehackernews.com/2024/07/chinese-apt41-upgrades-malware-arsenal.html
Understanding the advanced evasion techniques used by DodgeBox is essential for maintaining robust cybersecurity.
Read: https://thehackernews.com/2024/07/chinese-apt41-upgrades-malware-arsenal.html
π8π€5β‘4π₯2
π¨ Developers, be cautious! New wave of malicious packages found in NuGet!
Hackers are using IL Weaving to inject malicious code into legitimate binaries, embedding remote access trojans in popular packages.
Read: https://thehackernews.com/2024/07/60-new-malicious-packages-uncovered-in.html
Hackers are using IL Weaving to inject malicious code into legitimate binaries, embedding remote access trojans in popular packages.
Read: https://thehackernews.com/2024/07/60-new-malicious-packages-uncovered-in.html
π±10β‘3π3π2π€―2
β οΈ Urgent: Palo Alto Networks has rolled out critical security updates to fix five vulnerabilities, including CVE-2024-5910, a severe authentication bypass flaw (CVSS 9.3).
Learn more: https://thehackernews.com/2024/07/palo-alto-networks-patches-critical.html
These updates affect multiple PAN-OS versions and Prisma Access.
Learn more: https://thehackernews.com/2024/07/palo-alto-networks-patches-critical.html
These updates affect multiple PAN-OS versions and Prisma Access.
π₯8π€―5π4β‘3π€2
As cybercriminals target smaller firms, affordable Privileged Access Management (PAM) solutions are essential for safeguarding sensitive data.
PAM reduces insider threats and ensures compliance with regulations like GDPR and HIPAA.
Learn more: https://thehackernews.com/2024/07/streamlined-security-solutions-pam-for.html
PAM reduces insider threats and ensures compliance with regulations like GDPR and HIPAA.
Learn more: https://thehackernews.com/2024/07/streamlined-security-solutions-pam-for.html
π16π€4β‘3π₯2
Alert: U.S. authorities disrupt major Russian influence operation using AI. The campaign targeted multiple countries and exploited social media platform vulnerabilities.
Learn more: https://thehackernews.com/2024/07/us-seizes-domains-used-by-ai-powered.html
Learn more: https://thehackernews.com/2024/07/us-seizes-domains-used-by-ai-powered.html
π₯18π8π8π€―6π±4π€3β‘2