North Korean state actors linked to the RGB have been identified in the JumpCloud hack! An OPSEC mistake exposed their IP address.

Find details here: https://thehackernews.com/2023/07/north-korean-nation-state-actors.html

The new report also uncovers the use of malicious Ruby scripts and payloads like FULLHOUSE.DOORED, STRATOFEAR, and TIEDYE.

🚨 Heads up, network admins!

MikroTik RouterOS vulnerability (CVE-2023-30799) exposes 500,000+ systems to potential exploitation!

Read: https://thehackernews.com/2023/07/critical-mikrotik-routeros.html

Upgrade to RouterOS 6.49.8 or 7.x ASAP!

🚨 Security Alert: A new malware family called Realst is targeting Apple macOS systems, including macOS 14 Sonoma! Written in Rust programming language, it empties cryptocurrency wallets & steals passwords.

Find details here: https://thehackernews.com/2023/07/rust-based-realst-infostealer-targeting.html

FraudGPT, the latest cybercrime AI tool, is being sold on dark web marketplaces and Telegram channels. It is claimed that it can create undetectable malware and craft convincing phishing emails.

Read: https://thehackernews.com/2023/07/new-ai-tool-fraudgpt-emerges-tailored.html

🚨 ALERT: Fenix, a Mexico-based cybercrime group, is targeting taxpayers in Mexico and Chile by cloning official tax portals to steal sensitive data.

Read: https://thehackernews.com/2023/07/fenix-cybercrime-group-poses-as-tax.html

Decoy Dog, a powerful malware, outperforms the Pupy RAT, featuring previously unknown capabilities. It can maintain communication with compromised machines and evade detection for extended periods.

Read details: https://thehackernews.com/2023/07/decoy-dog-new-breed-of-malware-posing.html

🚨 Info stealing malware on the rise! Learn the modus operandi, tactics, propagation methods of info stealers in this latest whitepaper.

Read: https://thehackernews.com/2023/07/the-alarming-rise-of-infostealers-how.html

🔒 U.S. Securities and Exchange Commission (SEC) just approved new rules mandating publicly traded companies to disclose cyberattacks with "material" impact on their finances within 4 days of identification.

Read: https://thehackernews.com/2023/07/new-sec-rules-require-us-companies-to.html

Group-IB co-founder & CEO Ilya Sachkov gets 14 years in prison over accusations of providing classified info to foreign intelligence.

Read: https://thehackernews.com/2023/07/group-ib-co-founder-sentenced-to-14.html

Beware of the new campaign targeting Apache Tomcat Servers.

Researchers detected 800+ attacks, with 96% linked to the Mirai botnet. Threat actors exploit weak security to deliver malware & crypto miners.

Read: https://thehackernews.com/2023/07/hackers-target-apache-tomcat-servers.html

Researchers warn of Nitrogen, a malvertising campaign infecting enterprise networks via Google Search and Bing ads. Targets users seeking IT tools like AnyDesk, Cisco AnyConnect VPN, and WinSCP.

Read details: https://thehackernews.com/2023/07/new-malvertising-campaign-distributing.html#cybersecurity

Measure, Improve, and Automate! Unlock the true potential of shift-left and learn how it empowers your teams, aligns goals, measures progress, and democratizes security knowledge.

Read: https://thehackernews.com/2023/07/the-4-keys-to-building-cloud-security.html

🚨 Heads up, Ubuntu users!

Researchers have discovered high-severity Linux flaws in the Ubuntu kernel, affecting 40% of users!

Learn about GameOver(lay) vulnerabilities CVE-2023-32629 and CVE-2023-2640: https://thehackernews.com/2023/07/gameoverlay-two-severe-linux.html

Beware the IDOR Flaw!

Cybersecurity agencies in Australia and the U.S. have issued a joint advisory warning about IDOR security flaws in web apps that can lead to data breaches.

Learn more about it here: https://thehackernews.com/2023/07/cybersecurity-agencies-warn-against.html

Over 5,000 instances are vulnerable to potential attacks!

Metabase users, pay attention! An "extremely severe" flaw [CVE-2023-38646] has been discovered in the popular BI & data visualization software.

Find details here: https://thehackernews.com/2023/07/major-security-flaw-discovered-in.html

Russian hacker group BlueBravo strikes again!

New backdoor "GraphicalProton" used to target diplomatic entities in Eastern Europe.

Read details: https://thehackernews.com/2023/07/bluebravo-deploys-graphicalproton.html

Malicious actors are exploiting a legitimate Windows search feature to download arbitrary payloads and compromise systems with RATs like AsyncRAT and Remcos RAT.

Learn more about this novel attack technique: https://thehackernews.com/2023/07/hackers-abusing-windows-search-feature.html

Security Research team at Checkmarx found an attack scenario affecting major car manufacturers like Porsche.

Read on to learn how it could lead to data exfiltration: https://thehackernews.com/2023/07/a-data-exfiltration-attack-scenario.html

💻 Korean-speaking individuals are under attack by STARK#MULE. Hackers are using U.S. Military-themed document lures to spread malware and compromise systems.

Learn more: https://thehackernews.com/2023/07/starkmule-targets-koreans-with-us.html

New Threat Alert!

Latest findings reveal that the IcedID malware is getting even more dangerous with updates to its BackConnect module for post-compromise activity on hacked systems.

Learn more: https://thehackernews.com/2023/07/icedid-malware-adapts-and-expands.html

📢 Attention admins!

Ivanti discloses another flaw (CVE-2023-35081) in Endpoint Manager Mobile (EPMM) that is being exploited by malicious actors to gain sensitive info & execute OS commands.

Read: https://thehackernews.com/2023/07/ivanti-warns-of-another-endpoint.html

Update to the latest version now.