A new attack vector in GitHub Actions, dubbed ArtiPACKED, has been discovered, exposing repositories to potential takeovers and compromising cloud environments.

Learn more: https://thehackernews.com/2024/08/github-vulnerability-artipacked-exposes.html

A newly identified threat actor, Actor240524, is targeting Azerbaijani and Israeli diplomats in a sophisticated phishing campaign, aiming to steal sensitive diplomatic data.

Learn more: https://thehackernews.com/2024/08/new-cyber-threat-targets-azerbaijan-and.html

⚠️ RansomHub-linked cybercriminals have a new weapon—EDRKillShifter, a tool designed to neutralize your endpoint protection.

With a focus on exploiting vulnerable drivers, this tool can escalate privileges & execute payloads stealthily.

Read: https://thehackernews.com/2024/08/ransomhub-group-deploys-new-edr-killing.html

New threat actor COLDWASTREL emerges!

Russian-linked hackers target Eastern European NGOs, media, and U.S. think tanks in sophisticated spear-phishing campaigns.

Read: https://thehackernews.com/2024/08/russian-linked-hackers-target-eastern.html

SolarWinds has released critical patches for a security flaw in its Web Help Desk software, rated 9.8/10 on the CVSS scale.

This vulnerability allows potential remote code execution, posing severe risks to businesses relying on the software.

Read: https://thehackernews.com/2024/08/solarwinds-releases-patch-for-critical.html

A pre-installed app on Google Pixel devices could expose users to potential cyberattacks due to insecure code execution.

With over 3 dozen permissions, the app has access to sensitive data & system-level functions, posing a significant risk.

https://thehackernews.com/2024/08/google-pixel-devices-shipped-with.html

🚨 Cybersecurity alert for macOS users: Banshee Stealer targets browsers, crypto wallets, and more!

This malware is designed to bypass defenses, steal sensitive information, and exfiltrate data from your system.

Read: https://thehackernews.com/2024/08/new-banshee-stealer-targets-100-browser.html

Discover how Identity Threat Detection & Response (ITDR) solutions safeguard both human and non-human identities across across multi-environment cloud services, enhancing security against sophisticated identity-based attacks.

Read Guide: https://thehackernews.com/2024/08/identity-threat-detection-and-response.html

A new wave of attacks using ValleyRAT malware is spreading, primarily targeting Chinese-speaking communities.

Its ability to execute code directly in memory, leaving minimal traces, makes it incredibly hard to detect.

Learn more at The Hacker News : https://thehackernews.com/2024/08/multi-stage-valleyrat-targets-chinese.html

A new cyber campaign, dubbed "Tusk," is leveraging fake websites to distribute the DanaBot and StealC malware.

These malware campaigns are particularly dangerous as they impersonate trusted brands, leading users to unwittingly download harmful software.

Read: https://thehackernews.com/2024/08/russian-hackers-using-fake-brand-sites.html

94% of CISOs are concerned AI adoption will add pressure to their teams.

How are they navigating the integration of AI into cybersecurity and the impact on their organizations?

Get the latest research report from Tines to learn how leading CISOs are thinking about AI in their organizations, and how they’re separating AI's true potential from the noise.

Download the full report from Tines to learn more: https://thn.news/tines-ciso-ai

A 27-year-old Russian has been sentenced to more than three years in prison for selling stolen financial information on the dark web.

He sold over 297,300 login credentials, resulting in $1.2 million in fraudulent transactions.

https://thehackernews.com/2024/08/russian-hacker-jailed-3-years-for.html

#infosec #cybersecurity

A major extortion campaign exploited exposed .env files, compromising credentials and extracting 90,000 sensitive variables from 230 million targets, leading to data breaches and ransom demands.

Read: https://thehackernews.com/2024/08/attackers-exploit-public-env-files-to.html

Ensure your environment variables are secure.

OpenAI uncovers and blocks Iranian covert operation using ChatGPT to generate content targeting US presidential election and global events.

Learn more: https://thehackernews.com/2024/08/openai-blocks-iranian-influence.html

SaaS applications can harbor hidden security gaps that may lead to serious breaches, putting sensitive data and compliance at risk.

Learn how to identify & mitigate these risks with effective due diligence and innovative assessment tools.

https://thehackernews.com/2024/08/the-hidden-security-gaps-in-your-saas.html

Cybersecurity experts uncover new FIN7 infrastructure in Russia and Estonia, revealing the threat actor's evolving network strategy and global reach.

Read: https://thehackernews.com/2024/08/researchers-uncover-new-infrastructure.html

Lazarus Group exploited a zero-day Windows vulnerability (CVE-2024-38193) to gain SYSTEM privileges.

This flaw, used with a rootkit called FudModule, posed a major threat and was hard to detect before being patched.

Read: https://thehackernews.com/2024/08/microsoft-patches-zero-day-flaw.html

🛑 Alert: A new wave of SMS phishing attacks is underway, powered by the Xeon Sender tool, which abuses legitimate SaaS APIs. These attacks are difficult to detect, as they use genuine credentials and services to send bulk phishing messages.



Learn more: https://thehackernews.com/2024/08/xeon-sender-tool-exploits-cloud-apis.html

Researchers report a surge in FakeBat malware infections from malvertising, targeting users searching for business software via trojanized MSIX installers.

Learn more: https://thehackernews.com/2024/08/cybercriminals-exploit-popular-software.html

Researchers have uncovered a new malware, UULoader, being used to deliver powerful threats like Gh0st RAT and Mimikatz.

With its focus on Chinese and Korean users, this malware could be part of a broader trend.

Read: https://thehackernews.com/2024/08/new-uuloader-malware-distributes-gh0st.html