DEV#POPPER malware campaign targets developers on Windows, Linux, and macOS. The campaign exploits job interview scenarios to deliver #malware, compromising sensitive information.

Read: https://thehackernews.com/2024/07/north-korea-linked-malware-targets.html

ReversingLabs’ new guide breaks down all-things software supply chain security (SSCS).

It covers the current landscape of risks and threats, the steps to secure development pipelines, how to develop a third party-risk management program, and how to hunt for threats in your software supply chain.

Read: https://thehackernews.uk/reversinglabs-sscs-dummies

⚠️ Alert: DigiCert will revoke 83,267 SSL/TLS certificates within 24 hours due to a Domain Control Validation oversight.

This affects 6,807 customers & may cause temporary disruptions in secure communications.

Read: https://thehackernews.com/2024/07/digicert-to-revoke-83000-ssl.html

Ensure your certificates are up-to-date.

Facebook users targeted by scam e-commerce network using fake websites to steal personal and financial data.

The scam involves 608 fake sites, mainly accessed via mobile devices and ad lures on Facebook.

Read: https://thehackernews.com/2024/08/facebook-ads-lead-to-fake-websites.html

Stay vigilant and report suspicious ads.

Google Chrome introduces app-bound encryption for better cookie protection.

This new layer of security aims to prevent information-stealing malware from accessing cookies.

Learn more: https://thehackernews.com/2024/08/google-chrome-adds-app-bound-encryption.html

Researchers discovered a new Android trojan, BingoMod, which steals money and wipes devices, complicating recovery and forensic analysis.

Read: https://thehackernews.com/2024/08/new-android-banking-trojan-bingomod.html

⚠️ Developers beware: Stack Exchange exploited to push malware-laden Python packages targeting crypto wallets.

This attack steals sensitive data and cryptocurrency, risking individual and organizational security.

https://thehackernews.com/2024/08/hackers-distributing-malicious-python.html

Cybersecurity experts emphasize the growing threat of obfuscation techniques used by malware authors.

Obfuscation complicates detection, allowing malware to evade traditional security measures and cause significant harm.

Learn more: https://thehackernews.com/2024/08/obfuscation-there-are-two-sides-to.html

Over a million domains are at risk of being hijacked through the Sitting Ducks attack, a DNS #vulnerability.

The attack is being used by Russian-nexus cybercriminals to serve #malware and conduct spams, affecting over 35,000 domains since 2018.

Read: https://thehackernews.com/2024/08/over-1-million-domains-at-risk-of.html

Researchers report increased abuse of Cloudflare's TryCloudflare service for delivering malware like AsyncRAT and XWorm through phishing emails with deceptive PDFs, exposing businesses to sophisticated cyberattack.

Read: https://thehackernews.com/2024/08/cybercriminals-abusing-cloudflare.html

Two Russian cybercriminals involved in major financial fraud schemes have been released in a massive prisoner swap.

The exchange included 16 individuals from various countries, underscoring the global stakes.

Read about it here: https://thehackernews.com/2024/08/us-releases-high-profile-russian.html

Researchers uncover new Windows backdoor, BITSLOTH, using BITS for C2 operations.


BITSLOTH can perform various malicious activities, including keylogging and screen capture.

Read: https://thehackernews.com/2024/08/new-windows-backdoor-bitsloth-exploits.html

A Russia-linked threat actor, APT28, is using a car-for-sale #phishing lure to deliver a new Windows backdoor called HeadLace.

APT28 repurposes tactics from other Russian groups, demonstrating evolving cyber threats.

Read: https://thehackernews.com/2024/08/apt28-targets-diplomats-with-headlace.html

A Taiwanese research institute specializing in computing was breached by nation-state hackers linked to China.

The attack involved sophisticated tools like ShadowPad and Cobalt Strike, exploiting outdated software vulnerabilities.

Read: https://thehackernews.com/2024/08/apt41-hackers-use-shadowpad-cobalt.html

New Mirai botnet variant targets OFBiz ERP system vulnerability. Exploitation can lead to severe data breaches and business disruption.

Attackers are using directory traversal techniques, exploiting a flaw that was patched in May.

Read: https://thehackernews.com/2024/08/mirai-botnet-targeting-ofbiz-servers.html

Check your ERP systems now. Apply patches immediately.

New DDoS attack campaign targets Jupyter Notebooks.

Misconfigured Jupyter Notebooks are being exploited, highlighting vulnerabilities in common data science tools.

The attack, named Panamorfi, uses a Java-based tool called mineping to execute TCP flood DDoS attacks, consuming server resources.

Read: https://thehackernews.com/2024/08/hackers-exploit-misconfigured-jupyter.html

Ensure your Jupyter Notebooks are properly configured to prevent exploitation.

The U.S. Department of Justice and Federal Trade Commission have sued TikTok for violating children's privacy laws.

TikTok is accused of illegally collecting children's personal information without parental consent, violating COPPA and a prior consent order.

Read: https://thehackernews.com/2024/08/doj-and-ftc-sue-tiktok-for-violating.html

Evasive Panda compromises an ISP to push malicious software updates.

The group used DNS poisoning to alter update mechanisms, deploying malware on both macOS and Windows systems.

Read: https://thehackernews.com/2024/08/china-linked-hackers-compromise-isp-to.html

A new Android banking trojan, BlankBot, is targeting Turkish users to steal financial information.

It performs keylogging, screen recording, and intercepts SMS messages, posing a severe threat to user data.

Read: https://thehackernews.com/2024/08/new-android-trojan-blankbot-targets.html

A high-severity vulnerability (CVE-2024-6242) has been found in Rockwell Automation ControlLogix 1756 devices.

Exploiting this vulnerability could lead to unauthorized CIP commands, affecting device configurations and user projects.

Read: https://thehackernews.com/2024/08/critical-flaw-in-rockwell-automation.html