🚨 Kaspersky has officially pulled out of the U.S. market, unexpectedly replacing its antivirus software with UltraAV for some users. Many users have raised concerns about this unannounced transition.

Learn more: https://thehackernews.com/2024/09/kaspersky-exits-us-automatically.html

🚨 WEBINAR ALERT: Software Supply Chain Security 101 🚨

Join ReversingLabs on September 25th @ 12pm ET for a crash course on the technical tactics of software supply chain compromises and learn how to assess the risks posed by commercial software.

https://thn.news/supply-chain-security-101

🔥 Anyrun just released Safebrowsing — a new service that lets you quickly explore URLs in an isolated virtual browser.

🛡️ It notifies you about threats and has a friendly interface, perfect for users with any expertise level.

Give it a try, it's free👇 https://thn.news/malware-analysis-sandbox-1

The U.S. Department of Commerce is proposing a ban on connected vehicles with software and hardware from foreign adversaries like China and Russia.

The ban impacts VCS and ADS tech in vehicles and could take full effect by 2027-2030.

Read: https://thehackernews.com/2024/09/us-proposes-ban-on-connected-vehicles.html

⚠️ SaaS Data Leaks Are Rising! Attacks on platforms like Azure and Snowflake expose sensitive records.

Misconfigurations and weak passwords make you vulnerable. An SSPM can detect gaps, monitor permissions, and mitigate threats in real-time.

Explore: https://thehackernews.com/2024/09/the-sspm-justification-kit.html

Altered Android apps on Google Play, like Wuta Camera (10M+ downloads), spread new Necro malware.

It can run malicious code, subscribe to paid services, and create device tunnels. Necro uses steganography to hide, evading detection.

https://thehackernews.com/2024/09/necro-android-malware-found-in-popular.html

CISA just added a critical Ivanti vTM vulnerability (CVE-2024-7593) to its Known Exploited Vulnerabilities (KEV) list due to active exploitation.

With a CVSS score of 9.8, this vulnerability allows unauthenticated attackers to bypass admin controls—creating rogue admin users in your system.

Ivanti has released patches, but many affected systems remain exposed. U.S. federal agencies have until October 15 to fix the issue, but anyone using Ivanti needs to act now.

Read: https://thehackernews.com/2024/09/cisa-flags-critical-ivanti-vtm.html

📧🔓 Hackers are exploiting legit email accounts in transport companies to deliver RATs like NetSupport & DanaBot, causing disruptions, data theft, and major financial damage if not addressed quickly.

Learn more: https://thehackernews.com/2024/09/transportation-companies-hit-by.html

A vulnerability in the memory feature of OpenAI's ChatGPT app for macOS, dubbed "SpAIware," could hvae allowed attackers to embed #spyware, exposing user data across multiple conversations.

Learn more: https://thehackernews.com/2024/09/chatgpt-macos-flaw-couldve-enabled-long.html

Despite a decade of SOAR advancements, SOCs remain manual-heavy. Agentic AI is breaking new ground by automating the hardest SOC tasks—triage and investigation.

Learn how it could reshape your cybersecurity strategy: https://thehackernews.com/2024/09/agentic-ai-in-socs-solution-to-soars.html

🚨 New red team tool Splinter discovered by Palo Alto's Unit 42. Not as advanced as Cobalt Strike, but still a threat if misused. Built with Rust, it enables process injection & C2 communication.

Learn more: https://thehackernews.com/2024/09/cybersecurity-researchers-warn-of-new.html

Cyber pros, stay alert!

⚡ Phishing attacks are becoming harder to spot. Learn about key phishing indicators and discover effective ways to identify and mitigate these threats using advanced tools like ANYRUN.

Read: https://thehackernews.com/2024/09/expert-tips-on-how-to-spot-phishing-link.html

🔥 Mozilla's new Firefox browser feature, Privacy Preserving Attribution (PPA), is under fire for enabling tracking 👀 without user consent.

While it claims to protect privacy, watchdogs argue it violates EU's GDPR.

Learn more: https://thehackernews.com/2024/09/mozilla-faces-privacy-complaint-for.html

🔐 Google’s transition to Rust programming language has led to a staggering drop in memory safety vulnerabilities in Android—from 76% to just 24% over six years!

Learn more: https://thehackernews.com/2024/09/googles-shift-to-rust-programming-cuts.html

⚠️ Beijing-sponsored Salt Typhoon, also known as GhostEmperor, has been caught infiltrating U.S. Internet Service Providers, potentially compromising Cisco routers.

Read: https://thehackernews.com/2024/09/chinese-hackers-infiltrate-us-internet.html

The campaign's goal: to establish long-term access for data exfiltration or worse.

🛑 SloppyLemming hacker group is using cloud services to run espionage campaigns in South & East Asia, targeting gov, law enforcement, & energy sectors.

Spear-phishing & credential harvesting are key attack methods.

Learn more: https://thehackernews.com/2024/09/cloudflare-warns-of-india-linked.html

🚨 SilentSelfie: Kurdish websites hit by prolonged watering hole attack, stealing sensitive data from journalists & activists.

Malicious APKs capture locations & files without persistence, making detection tougher.

Learn more: https://thehackernews.com/2024/09/watering-hole-attack-on-kurdish-sites.html

⚠️ North Korea's Kimsuky group deploys new malware—KLogEXE & FPSpy—enhancing their ability to infiltrate systems with advanced keylogging & file exfiltration.

Learn more: https://thehackernews.com/2024/09/n-korean-hackers-deploy-new-klogexe-and.html

⚠️ Kia vehicles had critical vulnerabilities allowing remote control with just a license plate!

Attackers could seize control in 30 seconds, accessing sensitive data and executing commands like unlocking the car.

Find details here: https://thehackernews.com/2024/09/hackers-could-have-remotely-controlled.html

CVSS alone isn’t enough! Security teams need a smarter way to prioritize vulnerabilities.

EPSS predicts exploitation risk within 30 days, helping teams focus on real threats.

Learn how this model can sharpen your risk mitigation strategies: https://thehackernews.com/2024/09/epss-vs-cvss-whats-best-approach-to.html

A newly disclosed #vulnerability in NVIDIA Container Toolkit (CVSS 9.0) could allow attackers to escape containers and gain full access to the underlying host.

Find details here: https://thehackernews.com/2024/09/critical-nvidia-container-toolkit.html

Ensure you're running v1.16.2 to mitigate the risk.