π§ SOC Analyst burnout is surging, with 80.8% expecting stress to worsen. AI-driven triage and response can ease the burden, allowing analysts to focus on higher-value tasks.
Discover how AI can lighten the load for your team: https://thehackernews.com/2024/10/6-simple-steps-to-eliminate-soc-analyst.html
Discover how AI can lighten the load for your team: https://thehackernews.com/2024/10/6-simple-steps-to-eliminate-soc-analyst.html
π16π€8
A critical unpatched #vulnerability (CVE-2024-9441) in the Nice Linear eMerge E3 access controller has been uncovered, carrying a CVSS score of 9.8, with proof-of-concept exploits already circulating.
Learn more: https://thehackernews.com/2024/10/experts-warn-of-critical-unpatched.html
Learn more: https://thehackernews.com/2024/10/experts-warn-of-critical-unpatched.html
π4π4β‘1
π©βπ» OpenAI disrupts 20+ global deceptive operations exploiting AI models for advanced cyber activities like phishing, influence operations, and even election interference.
Learn more: https://thehackernews.com/2024/10/openai-blocks-20-global-malicious.html
Learn more: https://thehackernews.com/2024/10/openai-blocks-20-global-malicious.html
π₯9π6π5β‘2π€2
The digital landscape is shifting fastβare you ready to keep up with the latest threats? πβ‘
Join us on October 17 as we break down the key findings from the 2024 Kaseya Cybersecurity Survey! Get insights into:
π How AI is transforming cyberattacks
π₯ The challenges of user behavior
π‘οΈ How network penetration testing secure your network
π What companies are doing to prepare for 2025
π Date: October 17
β° Time: 1 PM EST / 10 AM PST
π Save Your Spot: https://thn.news/cyber-survey-2024
Donβt miss this session to stay one step ahead in cybersecurity!
Join us on October 17 as we break down the key findings from the 2024 Kaseya Cybersecurity Survey! Get insights into:
π How AI is transforming cyberattacks
π₯ The challenges of user behavior
π‘οΈ How network penetration testing secure your network
π What companies are doing to prepare for 2025
π Date: October 17
β° Time: 1 PM EST / 10 AM PST
π Save Your Spot: https://thn.news/cyber-survey-2024
Donβt miss this session to stay one step ahead in cybersecurity!
Kaseya
Exclusive Findings From Kaseyaβs 2024 Cybersecurity Survey
Join us for an exclusive webinar where weβll unveil key findings from Kaseyaβs 2024 Cybersecurity Survey based on insights from over 1,000 IT pros worldwide.
π9π₯9β‘1
π Dutch police have dismantled Bohemia and Cannabia, the largest darkweb markets for illegal goods and cybercrime. Arrests in the Netherlands and Ireland, with β¬8M in seized cryptocurrency, prove dark web anonymity is fading.
Read: https://thehackernews.com/2024/10/bohemia-and-cannabia-dark-web-markets.html
Read: https://thehackernews.com/2024/10/bohemia-and-cannabia-dark-web-markets.html
π12π10π±9π₯3β‘2π€―1
π© A critical security flaw in GitLab (CVE-2024-9164) could allow attackers to run CI/CD pipelines on unauthorized branches.
Find details here: https://thehackernews.com/2024/10/new-critical-gitlab-vulnerability-could.html
Update your instance ASAP to avoid becoming the next victim.
Find details here: https://thehackernews.com/2024/10/new-critical-gitlab-vulnerability-could.html
Update your instance ASAP to avoid becoming the next victim.
π17π11π±8π₯4β‘1π€1
π»π Cybercriminals are leveling up! Phishing campaigns now exploit GitHub links, Telegram bots, and even QR codes to bypass security and deliver malware.
Read: https://thehackernews.com/2024/10/github-telegram-bots-and-qr-codes.html
Read: https://thehackernews.com/2024/10/github-telegram-bots-and-qr-codes.html
β‘20π₯9π€8π5π3
π₯ FBI created its own cryptocurrency token, NexFundAI, to bust widespread market manipulation. Several market makers are charged with wash trading and a pump-and-dump scheme.
Read: https://thehackernews.com/2024/10/fbi-creates-fake-cryptocurrency-to.html
Read: https://thehackernews.com/2024/10/fbi-creates-fake-cryptocurrency-to.html
π54π€―9β‘8π₯7π6π5π€5
Iranian threat actor OilRig is exploiting a Windows Kernel #vulnerability (CVE-2024-30088) to gain SYSTEM privileges, enabling backdoor deployment and data theft.
Learn how to protect your systems now https://thehackernews.com/2024/10/oilrig-exploits-windows-kernel-flaw-in.html
Learn how to protect your systems now https://thehackernews.com/2024/10/oilrig-exploits-windows-kernel-flaw-in.html
π28π₯10β‘8π€5π3π€―2π±1
Veeam Backup flaw targeted for ransomware attacksβCVE-2024-40711 exploited!
This flaw allows attackers to create local admin accounts, granting them full control to deploy ransomware like Akira and Fog.
Learn how to defend against active threats: https://thehackernews.com/2024/10/critical-veeam-vulnerability-exploited.html
This flaw allows attackers to create local admin accounts, granting them full control to deploy ransomware like Akira and Fog.
Learn how to defend against active threats: https://thehackernews.com/2024/10/critical-veeam-vulnerability-exploited.html
π€―16π6π±6π1
π¨ Researchers warn of entry-point vulnerabilities in ecosystems like PyPI & npm, enabling software supply chain attacks.
Command-jacking lets attackers harvest sensitive data using counterfeit packages & system command hijacking.
Read: https://thehackernews.com/2024/10/supply-chain-attacks-exploit-entry.html
Command-jacking lets attackers harvest sensitive data using counterfeit packages & system command hijacking.
Read: https://thehackernews.com/2024/10/supply-chain-attacks-exploit-entry.html
π11π11
Nation-state attackers are exploiting Ivanti CSA vulnerabilities, including zero-days, to breach and patch networks, locking out competitors.
Is your CSA secure? Stay proactiveβread the report and tighten your patching strategy.
Read: https://thehackernews.com/2024/10/nation-state-attackers-exploiting.html
Is your CSA secure? Stay proactiveβread the report and tighten your patching strategy.
Read: https://thehackernews.com/2024/10/nation-state-attackers-exploiting.html
π14π13β‘3
π Jetpack WordPress plugin flaw, active since 2016, allows unauthorized access to user-submitted forms. Over 27M sites are at riskβupdate now to protect your users' data.
Read: https://thehackernews.com/2024/10/wordpress-plugin-jetpack-patches-major.html
Read: https://thehackernews.com/2024/10/wordpress-plugin-jetpack-patches-major.html
π9π€―4π±4π2π1
Last weekβs top threats include zero-day exploits, North Korean hackers, AI tools going rogue, and more.
Learn about GoldenJackal's breach of air-gapped systems, and the FBI's crypto sting.
Read: https://thehackernews.com/2024/10/thn-cybersecurity-recap-top-threats.html
Donβt miss outβstay secure and ready for the next wave!
Learn about GoldenJackal's breach of air-gapped systems, and the FBI's crypto sting.
Read: https://thehackernews.com/2024/10/thn-cybersecurity-recap-top-threats.html
Donβt miss outβstay secure and ready for the next wave!
π10π6
Cybersecurity researchers have uncovered a new malware campaign using Hijack Loader, signed with legitimate code-signing certificates, to bypass defenses and deploy information-stealing malware like Lumma.
Find details here: https://thehackernews.com/2024/10/researchers-uncover-hijack-loader.html
Find details here: https://thehackernews.com/2024/10/researchers-uncover-hijack-loader.html
π€7π5
China accuses the U.S. of fabricating the Volt Typhoon threat actor and deploying false flags and backdoors to conceal its own cyberattacks.
Details here: https://thehackernews.com/2024/10/china-accuses-us-of-fabricating-volt.html
Details here: https://thehackernews.com/2024/10/china-accuses-us-of-fabricating-volt.html
π13π€11π8π₯5β‘1
Mismanaged vulnerabilities in cloud environments are delaying incident responses and putting businesses at greater risk.
Discover how unified detection can close cloud security gaps and stop stealthy attacks before they unfold.
Read: https://thehackernews.com/2024/10/5-steps-to-boost-detection-and-response.html
Discover how unified detection can close cloud security gaps and stop stealthy attacks before they unfold.
Read: https://thehackernews.com/2024/10/5-steps-to-boost-detection-and-response.html
π9π€4π1
π₯ Industry-first report covering real-world attacks on GenAI, analyzing 2,000+ LLM apps. Including jailbreak methods, adversaries' objectives, and technical insights.
Download the Pillar Security's full report here: https://thn.news/genai-attacks
Download the Pillar Security's full report here: https://thn.news/genai-attacks
www.pillar.security
The State of Attacks on GenAI | Analysis of Real-World Attacks
Discover the industry-first report on real GenAI attacks seen in the wild. Gain exclusive insights into AI risks, adversary objectives, jailbreak techniques, and 2025 forecasts.
π10π8
North Korean hackers are now using a Linux variant of the notorious FASTCash malware to target ATMs by compromising payment switches in ATM cashout schemes.
Learn more: https://thehackernews.com/2024/10/new-linux-variant-of-fastcash-malware.html
Learn more: https://thehackernews.com/2024/10/new-linux-variant-of-fastcash-malware.html
π12π8π₯6β‘3π3
DarkVision RAT returns in a new campaign via PureCrypter, enabling attackers to steal passwords, record screens, and gain full remote access for just $60βmaking sophisticated breaches accessible even to non-technical cybercriminals.
Read: https://thehackernews.com/2024/10/new-malware-campaign-uses-purecrypter.html
Read: https://thehackernews.com/2024/10/new-malware-campaign-uses-purecrypter.html
π14β‘1
TrickMo Android trojan has upgradedβnow stealing unlock patterns and PINs by mimicking the lock screen!
With thousands of stolen credentials already exposed, itβs targeting banking data, corporate VPNs, social media, and healthcare apps.
https://thehackernews.com/2024/10/trickmo-banking-trojan-can-now-capture.html
With thousands of stolen credentials already exposed, itβs targeting banking data, corporate VPNs, social media, and healthcare apps.
https://thehackernews.com/2024/10/trickmo-banking-trojan-can-now-capture.html
π€―21