APT41, a China-based hacking group, has infiltrated global sectors, gaining unauthorized access and extracting data since 2023.

Using sophisticated malware like DUSTPAN & DUSTTRAP, they evade detection and maintain long-term access.

https://thehackernews.com/2024/07/apt41-infiltrates-networks-in-italy.html

A pro-Houthi threat group, OilAlpha, has targeted humanitarian organizations in Yemen with Android spyware to steal sensitive data.

Find details here: https://thehackernews.com/2024/07/pro-houthi-group-targets-yemen-aid.html

CrowdStrike's recent update has led to major disruptions for businesses worldwide, causing Windows workstations to crash.

This incident affects businesses across various sectors, from airlines to hospitals.

Learn more: https://thehackernews.com/2024/07/faulty-crowdstrike-update-crashes.html

Sigma Computing hosted a webinar with AI leaders on industry trends and applications. These insights aid professionals in fraud prevention, retail, and data management.

Recap here: https://thehackernews.com/2024/07/summary-of-ai-leaders-spill-their.html

🚨 Two Russian nationals have pleaded guilty in a U.S. court for their roles in the LockBit ransomware scheme, which targeted over 2,500 entities globally.

Read details here: https://thehackernews.com/2024/07/two-russian-nationals-plead-guilty-in.html

Did you know? Cybercriminals can compromise up to 30,000 accounts by attempting one million email-password combinations. The threat is real and growing.

Identity theft is more sophisticated, with phishing, stealer malware & brute force attacks on the rise.

Learn how Cybersixgill's identity intelligence protects organizations by detecting and mitigating compromised credentials.

Read: https://thehackernews.com/2024/07/safeguard-personal-and-corporate.html

🚨 A 17-year-old suspected member of the Scattered Spider cybercrime syndicate has been arrested in the U.K.

This group has targeted major companies, including MGM Resorts, with #ransomware.

Read here: https://thehackernews.com/2024/07/17-year-old-linked-to-scattered-spider.html

CrowdStrike's recent update glitch caused global IT disruptions, and now threat actors are exploiting this by distributing Remcos RAT malware to Latin American customers disguised as a hotfix.

Read details: https://thehackernews.com/2024/07/cybercriminals-exploit-crowdstrike.html

⚡ A new variant of the Play ransomware is now targeting VMWare ESXi environments, broadening its reach across Linux platforms.

With industries like IT & finance at high risk, experts stress the importance of proactive defenses.

Read: https://thehackernews.com/2024/07/new-linux-variant-of-play-ransomware.html

⚠️ New Alert: SocGholish malware is exploiting BOINC to deliver AsyncRAT, posing a severe threat to network security.

This sophisticated attack method could be used to execute ransomware and escalate privileges within your systems.

Details: https://thehackernews.com/2024/07/socgholish-malware-exploits-boinc.html

New Playbook for vCISOs: "Your First 100 Days as a vCISO – 5 Steps to Success" is now available!

If you're a virtual CISO, this comprehensive guide is essential for mastering your client's cybersecurity strategy and risk governance.

https://thehackernews.com/2024/07/msps-mssps-how-to-increase-engagement.html

FLUXROOT and PINEAPPLE cybercriminal groups exploiting Google Cloud for phishing attacks targeting Mercado Pago users in Latin America.

Learn more: https://thehackernews.com/2024/07/pineapple-and-fluxroot-hacker-groups.html

Sophisticated Chinese cybercrime syndicate "Vigorish Viper" exposed, using advanced tech suite for global operations, including illegal gambling and human trafficking.

The use of DNS manipulation and traffic distribution systems shows the sophistication of modern cybercriminals.

Learn more: https://thehackernews.com/2024/07/experts-uncover-chinese-cybercrime.html

🚀 New AI Features in Cybersecurity! Tines has released AI-enhanced workflows, including an SMS analysis service to detect phishing scams quickly and accurately.

🔍 This tool streamlines threat detection, enabling faster and more accurate responses, and promotes a culture of cybersecurity within organizations.

🛡️ By automating SMS analysis, security teams can reduce manual, repetitive tasks and focus on higher-level threats.

🔧 Learn more: https://thehackernews.com/2024/07/how-to-set-up-automated-sms-analysis.html

In a surprising move, Google has decided to abandon its plan to phase out third-party cookies in Chrome and will instead introduce a user-choice system.

Learn more: https://thehackernews.com/2024/07/google-abandons-plan-to-phase-out-third.html

CERT-UA has alerted of a new spear-phishing campaign targeting a Ukrainian research institution with malware named HATVIBE and CHERRYSPY, exploiting a CVE-2024-23692 vulnerability.

Learn more: https://thehackernews.com/2024/07/ukrainian-institutions-targeted-using.html

The European Commission has given Meta until September 1, 2024, to justify its "pay or consent" ad model or face sanctions.

Experts warn of potential fines and operational changes if Meta fails to comply.

Learn more: https://thehackernews.com/2024/07/meta-given-deadline-to-address-eu.html

⚠️ Cyber Alert: Cybercriminals are exploiting swap files on compromised e-commerce sites to hide credit card skimmers, bypassing cleanup attempts.

Find details here: https://thehackernews.com/2024/07/magento-sites-targeted-with-sneaky.html

🚨 Researchers identified FrostyGoop, a new ICS-focused malware, attacking a Ukrainian energy firm and disrupting services to over 600 buildings.

It can manipulate Industrial Control Systems, posing a serious threat to critical infrastructure.

Read: https://thehackernews.com/2024/07/new-ics-malware-frostygoop-targeting.html

Temporary passwords during onboarding are a ticking time bomb for many organizations. Often shared insecurely, these passwords expose systems to cyber threats.

Discover about innovative solutions for enhancing cybersecurity from day one: https://thehackernews.com/2024/07/how-to-securely-onboard-new-employees.html