North Korean cyber espionage group APT45 is now deploying ransomware.

This marks a significant shift from traditional espionage to financially-motivated attacks, affecting critical infrastructure.

Read more: https://thehackernews.com/2024/07/north-korean-hackers-shift-from-cyber.html

Progress Software urges users to update Telerik Report Server due to a critical security flaw (CVE-2024-6327) with a CVSS score of 9.9.

This vulnerability can lead to RCE, posing a significant risk to your data and systems.

Read details: https://thehackernews.com/2024/07/critical-flaw-in-telerik-report-server.html

⚠️ Cyber Alert: CrowdStrike warns of a new phishing campaign exploiting the Falcon Sensor update mishap.

This sophisticated attack targets German customers with fake installers, aiming to steal sensitive data.

Read here: https://thehackernews.com/2024/07/crowdstrike-warns-of-new-phishing-scam.html

Researchers warn of a campaign exploiting Selenium Grid services for cryptocurency mining.

Over 30,000 instances are exposed to remote command execution, necessitating immediate security measures.

Learn more: https://thehackernews.com/2024/07/ongoing-cyberattack-targets-exposed.html

🔐 U.S. DoJ charges North Korean hacker Rim Jong Hyok for ransomware attacks on U.S. hospitals.

The attacks disrupted essential services & posed serious risks to patient care.

💰 $10M reward announced for tips leading to the arrest of Hyok.

https://thehackernews.com/2024/07/us-doj-indicts-north-korean-hacker-for.html

New insights on application security testing highlight 6 essential methods.

These methods, including DAST & SAST, help identify vulnerabilities early and throughout the application lifecycle.

Learn more: https://thehackernews.com/2024/07/6-types-of-applications-security.html

Cybersecurity expert Foster Nethercott highlights offensive AI’s potential as a major threat. Offensive AI can create novel malware capable of evading traditional security measures, posing significant risks.

His paper outlines key points: https://thehackernews.com/2024/07/offensive-ai-sine-qua-non-of.html

A new phishing-as-a-service platform from the GXC Team targets Spanish banks and other institutions with malicious Android apps and AI-powered voice calling tools.

Learn more: https://thehackernews.com/2024/07/spanish-hackers-bundle-phishing-kits.html

Beware of the "lr-utils-lib" PyPI package—it's a new threat to macOS users!

This package steals Google Cloud credentials, posing a serious risk to both individual developers and enterprises.

Read details: https://thehackernews.com/2024/07/malicious-pypi-package-targets-macos-to.html

French authorities and Europol launch "disinfection operation" against PlugX malware.

This operation aims to clean infected systems across multiple European countries, potentially affecting millions worldwide.

PlugX can persist on air-gapped networks and USB drives, posing a long-term risk.

Learn more: https://thehackernews.com/2024/07/french-authorities-launch-operation-to.html

Gh0st RAT malware is being delivered via the Gh0stGambit dropper, targeting Chinese-speaking Windows users through fake Chrome installers.

The malware can steal data, log keystrokes, and even enable remote access.

Read: https://thehackernews.com/2024/07/gh0st-rat-trojan-targets-chinese.html

The threat actor Stargazer Goblin has created a network of over 3,000 fake GitHub accounts to distribute malware, netting $100,000 in illicit profits.

Read details here: https://thehackernews.com/2024/07/stargazer-goblin-creates-3000-fake.html

Searchable encryption is emerging as a new gold standard in data security.

This breakthrough technology enables data to be encrypted while still being used, eliminating flaws during data processing.

Discover the power of searchable encryption: https://thehackernews.com/2024/07/how-searchable-encryption-changes-data.html

Acronis warns of a critical security flaw in its Cyber Infrastructure (ACI) product. This vulnerability, CVE-2023-45249, allows RCE due to default passwords, posing a high risk (CVSS score: 9.8)

Read: https://thehackernews.com/2024/07/critical-flaw-in-acronis-cyber.html

Ensure your ACI is up-to-date.

A vulnerability in VMware ESXi hypervisors has been exploited by ransomware groups to gain administrative access and deploy malware.

It allows attackers to escalate privileges easily, posing a severe risk to organizations using ESXi.

https://thehackernews.com/2024/07/vmware-esxi-flaw-exploited-by.html

Alert: A new phishing campaign, called OneDrive Pastejacking, uses an HTML file mimicking a Microsoft OneDrive error message to trick users into running a malicious PowerShell script.

Details here: https://thehackernews.com/2024/07/onedrive-phishing-scam-tricks-users.html

SideWinder, a nation-state threat actor, targets maritime facilities in the Indian Ocean and Mediterranean Sea.

This campaign could disrupt international maritime operations and compromise sensitive data.

Learn more: https://thehackernews.com/2024/07/new-sidewinder-cyber-attacks-target.html

Widespread phishing campaigns in Poland lead to the deployment of malware families like Agent Tesla and Formbook.

Attackers use compromised email accounts and company servers to spread malware and collect stolen data.

Read: https://thehackernews.com/2024/07/cybercriminals-target-polish-businesses.html

Cybersixgill’s "State of the Underground 2024" report reveals the latest trends in the dark web. Understanding these trends is crucial for anticipating and mitigating cyber threats.

The report covers compromised credit card trends, initial access trends, and ransomware tactics used by threat actors.

Read: https://thehackernews.com/2024/07/cyber-threat-intelligence-illuminating.html

New Mandrake Android spyware found in five Google Play Store apps, undetected for two years.

This spyware compromised over 32,000 devices across multiple countries, showcasing the evolving threat landscape.

Learn more: https://thehackernews.com/2024/07/new-mandrake-spyware-found-in-google.html