🚨 CISA Adds GeoServer Flaw to KEV Catalog!

Critical RCE vulnerability CVE-2024-36401 is actively exploited, affecting all default GeoServer installations.

Read: https://thehackernews.com/2024/07/cisa-warns-of-actively-exploited-rce.html

Your geospatial data & systems are at severe risk of unauthorized access & manipulation.

Kaspersky, Russian cybersecurity giant, to exit U.S. market by July 20, 2024, following Commerce Department ban citing national security risks.

Read details: https://thehackernews.com/2024/07/kaspersky-exits-us-market-following.html

This move impacts thousands of U.S. businesses and individuals using Kaspersky products.

⚡ Alert: Void Banshee is actively exploiting a zero-day flaw in Microsoft MHTML to spread the Atlantida info-stealer.

CVE-2024-38112 threatens sensitive data across numerous platforms.

Learn about the attack chain: https://thehackernews.com/2024/07/void-banshee-apt-exploits-microsoft.html

Iranian state-sponsored hackers MuddyWater shift tactics, deploying new backdoor BugSleep in Middle East cyber attacks, moving away from using legitimate RMM tools.

Learn more: https://thehackernews.com/2024/07/iranian-hackers-deploy-new-bugsleep.html

Experts warn of an evolving threat landscape.

Malicious npm packages "img-aws-s3-object-multipart-copy" and "legacyaws-s3-object-multipart-copy" found with backdoor code; sophisticated attack using image files to conceal malicious code, urging developers to be extra cautious.

https://thehackernews.com/2024/07/malicious-npm-packages-found-using.html

Exploring DSPMs at Black Hat 2024?

With Sentra's DSPM:

✔️ Your data stays in your environment
✔️ There's no need to manually configure connections
✔️ Get continuous activity log monitoring & suspicious activities alert

Get a live demo: https://thn.news/sentra-black-hat-2024

Discover how the 'Konfety' ad fraud operation exploits Google Play Store apps, using a novel 'decoy/evil twin' mechanism to commit large-scale ad fraud

Read it here: https://thehackernews.com/2024/07/konfety-ad-fraud-uses-250-google-play.html

Learn cybersecurity risk management from the experts. Attend Georgetown's virtual sample class on July 26.

Sign up here: https://thn.news/georgetown-cyber-risk-li

🚨 Identity-based threats to SaaS apps are escalating!

A robust Identity Threat Detection & Response (ITDR) system can prevent massive breaches, such as the Snowflake incident.

Learn essential steps to strengthen your identity fabric & prevent breaches: https://thehackernews.com/2024/07/threat-prevention-detection-in-saas.html

⚠️ New Critical Flaw Alert: Apache HugeGraph-Server vulnerability (CVE-2024-27348) with a CVSS score of 9.8 is being actively exploited for remote code execution.

Learn more: https://thehackernews.com/2024/07/critical-apache-hugegraph-vulnerability.html

Are your servers up-to-date?

🚨 Cybercrime group Scattered Spider is now using RansomHub and Qilin ransomware strains, according to Microsoft.

Learn about the evolving cybercrime landscape and new ransomware threats: https://thehackernews.com/2024/07/scattered-spider-adopts-ransomhub-and.html

China-linked APT17 targets Italian entities with 9002 RAT malware, utilizing spear-phishing attacks via Office documents and malicious links.

Understanding these tactics helps organizations anticipate and mitigate similar threats.

Read: https://thehackernews.com/2024/07/china-linked-apt17-targets-italian.html

🚨 Alert: FIN7 cybercrime group's latest tool, AvNeutralizer, used by ransomware groups such as Black Basta, is now being marketed in criminal darkweb forums with new capabilities to evade security solutions.

Learn more: https://thehackernews.com/2024/07/fin7-group-advertises-security.html

SIM swap attacks are on the rise, with T-Mobile and Verizon employees being targeted to enable these scams.

Developing a culture of security awareness is essential to prevent these breaches.

Learn how to mitigate these threats: https://thehackernews.com/2024/07/navigating-insider-risks-are-your.html

Cybersecurity researchers have identified a new variant of BeaverTail malware disguised as a #macOS app targeting job seekers. The malware, used by DPRK hackers, steals sensitive information and installs backdoors.

Learn more: https://thehackernews.com/2024/07/north-korean-hackers-update-beavertail.html

Wiz Demo: See The #1 Cloud Security Platform In Action

Toxic combinations polluting your cloud? See how Wiz uncovers hidden risk and blocks attack paths to reduce your cloud exposure.

Book a Demo: https://thn.news/wiz-demo-hn

🚨 ALERT: Cisco patches critical vulnerability in Smart Software Manager On-Prem. This flaw could allow attackers to change any user's password, including admins.

CVE-2022-22948 could be exploited with crafted HTTP requests—Patch now!

Read: https://thehackernews.com/2024/07/cisco-warns-of-critical-flaw-affecting.html

Meta suspends use of GenAI in Brazil following a preliminary ban by the country's data protection authority.

Read: https://thehackernews.com/2024/07/meta-halts-ai-use-in-brazil-following.html

Analysts suggest this might influence future AI policies globally, urging companies to prioritize user consent.

A sophisticated cyber espionage group, TAG-100, is targeting global organizations in over 10 countries using open-source tools. This widespread attack affects multiple sectors and regions.

Details here: https://thehackernews.com/2024/07/tag-100-new-threat-actor-uses-open.html

Critical vulnerabilities have been discovered in SAP's AI Core platform, potentially exposing customer data and access tokens.

This affects businesses using SAP for AI workflows, threatening supply chain attacks and unauthorized access to sensitive information.

Learn about the 'SAPwned' flaws and their impact on The Hacker News: https://thehackernews.com/2024/07/sap-ai-core-vulnerabilities-expose.html