Altered Android apps on Google Play, like Wuta Camera (10M+ downloads), spread new Necro malware.
It can run malicious code, subscribe to paid services, and create device tunnels. Necro uses steganography to hide, evading detection.
https://thehackernews.com/2024/09/necro-android-malware-found-in-popular.html
It can run malicious code, subscribe to paid services, and create device tunnels. Necro uses steganography to hide, evading detection.
https://thehackernews.com/2024/09/necro-android-malware-found-in-popular.html
π₯23π€6π5β‘3π€―1
CISA just added a critical Ivanti vTM vulnerability (CVE-2024-7593) to its Known Exploited Vulnerabilities (KEV) list due to active exploitation.
With a CVSS score of 9.8, this vulnerability allows unauthenticated attackers to bypass admin controlsβcreating rogue admin users in your system.
Ivanti has released patches, but many affected systems remain exposed. U.S. federal agencies have until October 15 to fix the issue, but anyone using Ivanti needs to act now.
Read: https://thehackernews.com/2024/09/cisa-flags-critical-ivanti-vtm.html
With a CVSS score of 9.8, this vulnerability allows unauthenticated attackers to bypass admin controlsβcreating rogue admin users in your system.
Ivanti has released patches, but many affected systems remain exposed. U.S. federal agencies have until October 15 to fix the issue, but anyone using Ivanti needs to act now.
Read: https://thehackernews.com/2024/09/cisa-flags-critical-ivanti-vtm.html
β‘11π3π€3π2
π§π Hackers are exploiting legit email accounts in transport companies to deliver RATs like NetSupport & DanaBot, causing disruptions, data theft, and major financial damage if not addressed quickly.
Learn more: https://thehackernews.com/2024/09/transportation-companies-hit-by.html
Learn more: https://thehackernews.com/2024/09/transportation-companies-hit-by.html
π7π5π€―3π₯1
A vulnerability in the memory feature of OpenAI's ChatGPT app for macOS, dubbed "SpAIware," could hvae allowed attackers to embed #spyware, exposing user data across multiple conversations.
Learn more: https://thehackernews.com/2024/09/chatgpt-macos-flaw-couldve-enabled-long.html
Learn more: https://thehackernews.com/2024/09/chatgpt-macos-flaw-couldve-enabled-long.html
π15π₯9π3
Despite a decade of SOAR advancements, SOCs remain manual-heavy. Agentic AI is breaking new ground by automating the hardest SOC tasksβtriage and investigation.
Learn how it could reshape your cybersecurity strategy: https://thehackernews.com/2024/09/agentic-ai-in-socs-solution-to-soars.html
Learn how it could reshape your cybersecurity strategy: https://thehackernews.com/2024/09/agentic-ai-in-socs-solution-to-soars.html
π€6π4π₯3
π¨ New red team tool Splinter discovered by Palo Alto's Unit 42. Not as advanced as Cobalt Strike, but still a threat if misused. Built with Rust, it enables process injection & C2 communication.
Learn more: https://thehackernews.com/2024/09/cybersecurity-researchers-warn-of-new.html
Cyber pros, stay alert!
Learn more: https://thehackernews.com/2024/09/cybersecurity-researchers-warn-of-new.html
Cyber pros, stay alert!
π13β‘1
β‘ Phishing attacks are becoming harder to spot. Learn about key phishing indicators and discover effective ways to identify and mitigate these threats using advanced tools like ANYRUN.
Read: https://thehackernews.com/2024/09/expert-tips-on-how-to-spot-phishing-link.html
Read: https://thehackernews.com/2024/09/expert-tips-on-how-to-spot-phishing-link.html
π₯15π4π3β‘1π€1
π₯ Mozilla's new Firefox browser feature, Privacy Preserving Attribution (PPA), is under fire for enabling tracking π without user consent.
While it claims to protect privacy, watchdogs argue it violates EU's GDPR.
Learn more: https://thehackernews.com/2024/09/mozilla-faces-privacy-complaint-for.html
While it claims to protect privacy, watchdogs argue it violates EU's GDPR.
Learn more: https://thehackernews.com/2024/09/mozilla-faces-privacy-complaint-for.html
π€28π€―16β‘5π5π3π₯2π1
π Googleβs transition to Rust programming language has led to a staggering drop in memory safety vulnerabilities in Androidβfrom 76% to just 24% over six years!
Learn more: https://thehackernews.com/2024/09/googles-shift-to-rust-programming-cuts.html
Learn more: https://thehackernews.com/2024/09/googles-shift-to-rust-programming-cuts.html
π₯40π€13π6β‘3π1
β οΈ Beijing-sponsored Salt Typhoon, also known as GhostEmperor, has been caught infiltrating U.S. Internet Service Providers, potentially compromising Cisco routers.
Read: https://thehackernews.com/2024/09/chinese-hackers-infiltrate-us-internet.html
The campaign's goal: to establish long-term access for data exfiltration or worse.
Read: https://thehackernews.com/2024/09/chinese-hackers-infiltrate-us-internet.html
The campaign's goal: to establish long-term access for data exfiltration or worse.
π9π€9π€―8β‘2
π SloppyLemming hacker group is using cloud services to run espionage campaigns in South & East Asia, targeting gov, law enforcement, & energy sectors.
Spear-phishing & credential harvesting are key attack methods.
Learn more: https://thehackernews.com/2024/09/cloudflare-warns-of-india-linked.html
Spear-phishing & credential harvesting are key attack methods.
Learn more: https://thehackernews.com/2024/09/cloudflare-warns-of-india-linked.html
β‘7π4π€4π₯2π€―2
π¨ SilentSelfie: Kurdish websites hit by prolonged watering hole attack, stealing sensitive data from journalists & activists.
Malicious APKs capture locations & files without persistence, making detection tougher.
Learn more: https://thehackernews.com/2024/09/watering-hole-attack-on-kurdish-sites.html
Malicious APKs capture locations & files without persistence, making detection tougher.
Learn more: https://thehackernews.com/2024/09/watering-hole-attack-on-kurdish-sites.html
π±10π5π4π€―4β‘3
β οΈ North Korea's Kimsuky group deploys new malwareβKLogEXE & FPSpyβenhancing their ability to infiltrate systems with advanced keylogging & file exfiltration.
Learn more: https://thehackernews.com/2024/09/n-korean-hackers-deploy-new-klogexe-and.html
Learn more: https://thehackernews.com/2024/09/n-korean-hackers-deploy-new-klogexe-and.html
π11π€―8π€2β‘1
β οΈ Kia vehicles had critical vulnerabilities allowing remote control with just a license plate!
Attackers could seize control in 30 seconds, accessing sensitive data and executing commands like unlocking the car.
Find details here: https://thehackernews.com/2024/09/hackers-could-have-remotely-controlled.html
Attackers could seize control in 30 seconds, accessing sensitive data and executing commands like unlocking the car.
Find details here: https://thehackernews.com/2024/09/hackers-could-have-remotely-controlled.html
π₯20π11π9π±3β‘2π1
CVSS alone isnβt enough! Security teams need a smarter way to prioritize vulnerabilities.
EPSS predicts exploitation risk within 30 days, helping teams focus on real threats.
Learn how this model can sharpen your risk mitigation strategies: https://thehackernews.com/2024/09/epss-vs-cvss-whats-best-approach-to.html
EPSS predicts exploitation risk within 30 days, helping teams focus on real threats.
Learn how this model can sharpen your risk mitigation strategies: https://thehackernews.com/2024/09/epss-vs-cvss-whats-best-approach-to.html
π8π€―8π4π2π€1
A newly disclosed #vulnerability in NVIDIA Container Toolkit (CVSS 9.0) could allow attackers to escape containers and gain full access to the underlying host.
Find details here: https://thehackernews.com/2024/09/critical-nvidia-container-toolkit.html
Ensure you're running v1.16.2 to mitigate the risk.
Find details here: https://thehackernews.com/2024/09/critical-nvidia-container-toolkit.html
Ensure you're running v1.16.2 to mitigate the risk.
π€―16π6π3π2π€1
U.S. and Dutch authorities have sanctioned two cryptocurrency exchanges, Cryptex and PM2BTC, for facilitating the laundering of illicit funds linked to cybercrime, ransomware, and fraud shops.
Learn more: https://thehackernews.com/2024/09/us-sanctions-two-crypto-exchanges-for.html
Learn more: https://thehackernews.com/2024/09/us-sanctions-two-crypto-exchanges-for.html
π13π9π€―2
π§ Legacy SIEM systems are failing to keep up with the modern threat landscapeβtoo many alerts, not enough time.
Learn about a fresh approach to tackling legacy SIEM challenges in our upcoming β‘ webinar.
Save your spot now: https://thehackernews.com/2024/09/overloaded-with-siem-alerts-discover.html
Learn about a fresh approach to tackling legacy SIEM challenges in our upcoming β‘ webinar.
Save your spot now: https://thehackernews.com/2024/09/overloaded-with-siem-alerts-discover.html
π15π6
β οΈ HTML smuggling is delivering DCRat malware, bypassing traditional security controls by embedding malicious payloads in HTML files. This advanced technique poses a global threat to unsuspecting users.
Read: https://thehackernews.com/2024/09/new-html-smuggling-campaign-delivers.html
Read: https://thehackernews.com/2024/09/new-html-smuggling-campaign-delivers.html
π€17π10
π Learn how weak credentials and over-privileged accounts are being exploited in the latest Storm-0501 #ransomware attacks targeting hybrid cloud infrastructures.
Read details here > https://thehackernews.com/2024/09/microsoft-identifies-storm-0501-as.html
Read details here > https://thehackernews.com/2024/09/microsoft-identifies-storm-0501-as.html
π13π€2
π¨ New CUPS vulnerabilities in Linux allow attackers to execute remote commands via print jobs! Affected systems include Debian, Fedora, RHEL.
Find details of CVE-2024-47176 here: https://thehackernews.com/2024/09/critical-linux-cups-printing-system.html
Disable βcups-browsedβ & block UDP port 631 until patches arrive.
Find details of CVE-2024-47176 here: https://thehackernews.com/2024/09/critical-linux-cups-printing-system.html
Disable βcups-browsedβ & block UDP port 631 until patches arrive.
π18π7π₯3β‘2π±2