AI boom faces reality check: Generative AI still powerful in cybersecurity, enhancing defenses unpredictably. But high costs & expert handling needed. Not a silver bullet, yet reshaping industries.

Read it here: https://thehackernews.com/2024/08/the-ai-hangover-is-here-end-of-beginning.html

🚨 Phishing attacks have surged by 40% in the last year, driven by AI. With AI and Phishing-as-a-Service (PhaaS), cybercriminals can craft targeted phishing campaigns almost instantly, exploiting current events.

Learn more: https://thehackernews.com/2024/08/how-phishing-attacks-adapt-quickly-to.html

CERT-UA has uncovered a new phishing campaign that disguises itself as the Security Service of Ukraine, spreading malware capable of remote desktop access.

Read: https://thehackernews.com/2024/08/ukraine-warns-of-new-phishing-campaign.html

🔥 FBI disrupted the infrastructure of emerging ransomware group Dispossessor. This malware group targeted small-to-mid-sized businesses globally, with 43 victims identified, highlighting the growing risk to less-secure organizations.

https://thehackernews.com/2024/08/fbi-shuts-down-dispossessor-ransomware.html

How can organizations ensure their sensitive data is secure?

Data Security Posture Management (DSPM)

Check out Sentra_security's DSPM guide to learn:

🔸Why cloud-first enterprises are adopting DSPM
🔸What to look for in DSPM tools
🔸Key features of DSPM

👉 Read: https://thn.news/sentra-dspm-guide

🚨 Critical security flaws in Microsoft's Azure Health Bot Service could have exposed sensitive patient data across multiple tenants.

Hackers could exploit these to move laterally within customer environments, risking large-scale privacy breaches.

Read: https://thehackernews.com/2024/08/researchers-uncover-vulnerabilities-in_0471960302.html

Researchers have uncovered a critical vulnerability, dubbed GhostWrite, in T-Head’s XuanTie C910 and C920 RISC-V CPUs that could allow attackers to gain full access to affected devices.

Read: https://thehackernews.com/2024/08/ghostwrite-new-t-head-cpu-bugs-expose.html

China-backed Earth Baku hacker group expands cyber attacks globally, using new #malware (StealthReacher and SneakCross) and tactics to target governments and tech sectors across Europe, Middle East, and Africa.

Learn more: https://thehackernews.com/2024/08/china-backed-earth-baku-expands-cyber.html

Ivanti has released critical updates to patch a vulnerability (CVE-2024-7593) in its Virtual Traffic Manager (vTM) that allows authentication bypass and rogue admin creation.

Read: https://thehackernews.com/2024/08/critical-flaw-in-ivanti-virtual-traffic.html

Ensure your systems are secure—apply the patches now.

Microsoft’s latest Patch Tuesday addresses 90 security vulnerabilities, including 6 zero-days actively exploited in the wild.

Read: https://thehackernews.com/2024/08/microsoft-issues-patches-for-90-flaws.html

Don’t wait—apply the patches now to protect your systems.

DDoS attacks have increased by 46% in H1 2024, with peak attacks now hitting 1.7 Tbps.

This surge underscores the growing threat landscape, where businesses across all sectors must bolster their defenses.

Read: https://thehackernews.com/2024/08/ddos-attacks-surge-46-in-first-half-of.html

📢 AnyRun released a new guide on investigating emerging threats!

The service shares hands-on tips on collecting intelligence on the latest malware and phishing threats

🔗 Read now https://thn.news/anyrun-emerging-threats

Maksim Silnikau, the mastermind behind ransomware and exploit kits, including Angler, has been arrested and extradited to the U.S. His malicious software infected over 100,000 devices, causing millions in damages.

Learn more: https://thehackernews.com/2024/08/belarusian-ukrainian-hacker-extradited.html

A new social engineering campaign by the Black Basta ransomware group targets users with credential theft and malware attacks, using fake IT support calls via Microsoft Teams to trick them into downloading software like AnyDesk.

Read: https://thehackernews.com/2024/08/black-basta-linked-attackers-targets.html

A new Gafgyt botnet variant is exploiting weak SSH passwords to mine cryptocurrency using compromised GPU power.

Read: https://thehackernews.com/2024/08/new-gafgyt-botnet-variant-targets-weak.html

Secure your servers now—implement strong SSH passwords and continuous monitoring.

A new attack vector in GitHub Actions, dubbed ArtiPACKED, has been discovered, exposing repositories to potential takeovers and compromising cloud environments.

Learn more: https://thehackernews.com/2024/08/github-vulnerability-artipacked-exposes.html

A newly identified threat actor, Actor240524, is targeting Azerbaijani and Israeli diplomats in a sophisticated phishing campaign, aiming to steal sensitive diplomatic data.

Learn more: https://thehackernews.com/2024/08/new-cyber-threat-targets-azerbaijan-and.html

⚠️ RansomHub-linked cybercriminals have a new weapon—EDRKillShifter, a tool designed to neutralize your endpoint protection.

With a focus on exploiting vulnerable drivers, this tool can escalate privileges & execute payloads stealthily.

Read: https://thehackernews.com/2024/08/ransomhub-group-deploys-new-edr-killing.html

New threat actor COLDWASTREL emerges!

Russian-linked hackers target Eastern European NGOs, media, and U.S. think tanks in sophisticated spear-phishing campaigns.

Read: https://thehackernews.com/2024/08/russian-linked-hackers-target-eastern.html

SolarWinds has released critical patches for a security flaw in its Web Help Desk software, rated 9.8/10 on the CVSS scale.

This vulnerability allows potential remote code execution, posing severe risks to businesses relying on the software.

Read: https://thehackernews.com/2024/08/solarwinds-releases-patch-for-critical.html