Earth Lusca's KTLVdoor malware targets Windows & #Linux, enabling file manipulation and remote scanning via 50+ command-and-control servers, likely shared with other threat actors.

Learn more: https://thehackernews.com/2024/09/new-cross-platform-malware-ktlvdoor.html

Researchers found hackers using MacroPack, a red teaming tool, to deploy advanced #malware like Havoc and PhantomCore. This global threat shows how attackers use legitimate software to bypass detection.

Read: https://thehackernews.com/2024/09/malware-attackers-using-macropack-to.html

🚨 Mindblowing numbers alert! 🚨 According to recent research, 45% of employees still have access to their ex-employer’s data, and over 25% of companies have had their reputations damaged due to ex-employees misusing data after leaving the company 🤡

Want to make sure your organization doesn’t fall into this risky 1/3? Learn how to safeguard your data and create a bulletproof offboarding protocol in just 20 minutes! 💼

Join ex-Google expert Ben King and the Zenphi team in a free webinar on ‘Offboarding in Google Workspace’. Get hands-on tips for:

— Automating access revokes
— Securing accounts post-departure
— Preventing unauthorized access

📋 Bonus: Register for free and receive an Employees offboarding checklist!

💡This webinar will set you apart as a cybersecurity pro — don’t miss it : https://thn.news/offboarding-best-practices

DOJ seized 32 pro-Russian propaganda domains that mimicked news outlets to spread disinformation. The goal: reduce global support for Ukraine and influence elections in the U.S. and abroad.

Learn more: https://thehackernews.com/2024/09/us-seizes-32-pro-russian-propaganda.html

9 Ways to Uncover Shadow AI

Discover how to enforce AI security best practices with this sample report from Wiz.

Read: https://thn.news/ai-security-assessment

🔐 NIST released CSF 2.0!

It’s all about continuous improvement with proactive, ongoing cybersecurity. New guidance on emerging threats + a “Govern” function to integrate cybersecurity into enterprise risk.

Is your org ready? Learn more: https://thehackernews.com/2024/09/nist-cybersecurity-framework-csf-and.html

⚠️ Veeam has patched 18 security flaws, including 5 critical ones allowing remote code execution (e.g., CVE-2024-40711 with a 9.8 CVSS score). Update now to protect your data.

Learn more: https://thehackernews.com/2024/09/veeam-releases-security-updates-to-fix.html

Tropic Trooper is back, targeting government entities in the Middle East and Malaysia with new cyber tactics! Detected in June 2024, this group has shifted focus to human rights studies—escalating the risk.

Find details here: https://thehackernews.com/2024/09/chinese-speaking-hacker-group-targets.html

Telegram’s CEO, Pavel Durov, speaks out after his arrest in France, calling the charges misguided.

Read: https://thehackernews.com/2024/09/paul-durov-criticizes-outdated-laws.html

Apache OFBiz just patched a high-severity #vulnerability (CVE-2024-45195) that allowed unauthenticated remote code execution.

Read: https://thehackernews.com/2024/09/apache-ofbiz-update-fixes-high-severity.html

New LiteSpeed Cache flaw (CVE-2024-44000) risks unauthorized access to WordPress sites via exposed debug logs.

Read: https://thehackernews.com/2024/09/critical-security-flaw-found-in.html

Even old logs can be exploited. Update and purge now!

GitHub Actions users are vulnerable to typosquatting, where simple misspellings (e.g. "actons/checkout") can run malicious code, compromising software supply chains.

Read: https://thehackernews.com/2024/09/github-actions-vulnerable-to.html

Protect your code—double-check your CI/CD pipelines!

🚨 Alert: OSGeo GeoServer GeoTools (CVE-2024-36401) with a CVSS score of 9.8 is being exploited to deploy crypto miners, botnets, and the SideWalk backdoor. CISA has listed it as a KEV affecting IT and government sectors.

Read: https://thehackernews.com/2024/09/geoserver-vulnerability-targeted-by.html

Patch your systems NOW!

vCISO services are essential: 98% of MSPs/MSSPs will offer them as SMBs seek affordable, top-tier security to protect assets & ensure compliance. It's a revenue booster & positions providers as trusted leaders.

Read: https://thehackernews.com/2024/09/the-state-of-virtual-ciso-report.html

🔥 A SonicWall #vulnerability (CVE-2024-40766) is under active exploitation.

This critical flaw allows attackers to bypass access controls and potentially crash firewalls, compromising business operations. Don't wait.

https://thehackernews.com/2024/09/sonicwall-urges-users-to-patch-critical.html

Patch now or risk falling victim.

Two men were indicted for running WWH Club, a dark web marketplace with 350,000+ users selling stolen personal data and hacking services. Despite law enforcement, WWH Club remains active, underscoring the resilience of cybercrime.

Read: https://thehackernews.com/2024/09/fbi-cracks-down-on-dark-web-marketplace.html

North Korean hackers are targeting developers on #LinkedIn with fake job offers, using coding tests to infect macOS. Once inside, they steal credentials, access code, and drain crypto funds. Social engineering remains a serious cyber threat

Read: https://thehackernews.com/2024/09/north-korean-threat-actors-deploy.html

U.S. and allies link Russian hacking group Cadet Blizzard to GRU’s 161st Center.

Targets: NATO, EU critical infrastructure, aiming to sabotage and steal data with WhisperGate malware.

Learn more: https://thehackernews.com/2024/09/us-offers-10-million-for-info-on.html

🚨 A new cyber espionage threat, TIDRONE, is targeting drone manufacturers in Taiwan—potentially compromising military operations.

TIDRONE uses custom malware like CXCLNT and CLNTEND to exploit system vulnerabilities and steal sensitive data.

https://thehackernews.com/2024/09/tidrone-espionage-group-targets-taiwan.html

⚠️ Progress Software has released security updates for a critical vulnerability (CVE-2024-7591) in LoadMaster & Multi-Tenant hypervisors, allowing unauthenticated attackers to execute system commands.

https://thehackernews.com/2024/09/progress-software-issues-patch-for.html

Don’t risk your infrastructure. Update systems now!