🚨 Researchers warn about Ethereum key-stealing npm packages!

The identified packages, including ethers-mew and ethers-web3, allow attackers to gain SSH access by modifying the authorized keys file, making them particularly dangerous.

Read: https://thehackernews.com/2024/10/malicious-npm-packages-target.html

⚠️ Two malware families, Bumblebee and Latrodectus, have resurfaced, leveraging advanced phishing campaigns after setbacks from Operation Endgame.

Learn more: https://thehackernews.com/2024/10/bumblebee-and-latrodectus-malware.html

Learn how bad actors exploit Docker remote API servers to deploy crypto miners and discover essential security practices for your organization.

Learn more: https://thehackernews.com/2024/10/cybercriminals-exploiting-docker-api.html

A new #vulnerability in Styra's Open Policy Agent (CVE-2024-8260) could expose NTLM credentials to attackers.

Attackers can exploit it to relay authentication, reinforcing the need for stringent input validation across all applications.

Read: https://thehackernews.com/2024/10/security-flaw-in-styras-opa-exposes.html

A new phishing campaign targets Russian-speaking users with advanced RATs using Gophish.

The attack uses both Maldoc and HTML-based infections, requiring user interaction—an important reminder for professionals to train teams on recognizing phishing attempts.

https://thehackernews.com/2024/10/gophish-framework-used-in-phishing.html

🔐 Discover the risks of unmanaged service accounts in Active Directory and how to effectively monitor them for enhanced security.

Learn more about monitoring service accounts and safeguarding your network 👉 https://thehackernews.com/2024/10/a-comprehensive-guide-to-finding.html

Cybercriminals are using new #ransomware disguised as LockBit to pressure victims, while embedding AWS credentials for data exfiltration—highlighting the evolving tactics of threat actors.

Learn more: https://thehackernews.com/2024/10/ransomware-gangs-use-lockbits-fame-to.html

⚠️ Researchers unveil "Deceptive Delight," a new jailbreak method for large language models (LLMs) that cleverly sneaks harmful instructions into conversations.

Find details here: https://thehackernews.com/2024/10/researchers-reveal-deceptive-delight.html

⚠️ A high-severity flaw in #Microsoft SharePoint (CVE-2024-38094) has been added to CISA's Known Exploited Vulnerabilities catalog.

Proof-of-concept (PoC) scripts are already public, making exploitation more accessible.

Learn more: https://thehackernews.com/2024/10/cisa-warns-of-active-exploitation-of.html

Identity security is evolving from mere access management to a strategic business necessity.

Explore the critical state of identity security post-breach, highlighting risks and strategic insights for cybersecurity professionals.

Read: https://thehackernews.com/2024/10/permiso-state-of-identity-security-2024.html

⚠️ New variants of Grandoreiro banking malware are evolving, targeting 1,700 financial institutions in 45 countries, and employing tactics like mouse tracking and CAPTCHA barriers, despite law enforcement efforts.

Read: https://thehackernews.com/2024/10/new-grandoreiro-banking-malware.html

🚨 Fortinet confirms a critical vulnerability (CVE-2024-47575 / CVSS 9.8) affecting FortiManager is being actively exploited!

It could allow unauthorized remote access, potentially compromising sensitive data & configurations.

https://thehackernews.com/2024/10/fortinet-warns-of-critical.html

Don't wait—patch now.

North Korea's Lazarus Group exploits a zero-day #vulnerability (CVE-2024-4947) in Google Chrome to target the #cryptocurrency sector.

Exploitation strategy involved social media manipulation and fake game promotions.

Learn more: https://thehackernews.com/2024/10/lazarus-group-exploits-google-chrome.html

Cisco has patched CVE-2024-20481, a #vulnerability affecting its ASA and Firepower devices that could lead to a denial-of-service (DoS) for Remote Access VPNs.

Learn more: https://thehackernews.com/2024/10/cisco-issues-urgent-fix-for-asa-and-ftd.html

Researchers identified a #vulnerability in AWS CDK that may lead to account takeover, with over 1% of users at risk from predictable S3 bucket names.

The solution: update your CDK version and customize bucket names.

Read: https://thehackernews.com/2024/10/aws-cloud-development-kit-vulnerability.html

Generative AI is revolutionizing phishing attacks, posing new challenges for #cybersecurity professionals.

Discover how to combat this evolving threat.

Read → https://thehackernews.com/2024/10/why-phishing-resistant-mfa-is-no-longer.html

A new advanced Qilin #ransomware variant, Qilin.B, features enhanced AES-256-CTR and RSA-4096 encryption, making recovery nearly impossible without the attackers' keys.

Read → https://thehackernews.com/2024/10/new-qilinb-ransomware-variant-emerges.html

⚖️ LinkedIn has been fined €310 million for breaching GDPR regulations concerning user #privacy.

DPC found #LinkedIn's processing lacked necessary user consent and transparency, which could set a precedent for other companies.

Read → https://thehackernews.com/2024/10/irish-watchdog-imposes-record-310.html

The SEC penalizes four companies—Avaya, Check Point, Mimecast, and Unisys—for misleading investors following the 2020 SolarWinds cyberattack.

Learn more: https://thehackernews.com/2024/10/sec-charges-4-companies-over-misleading.html

🔒 Apple has launched its Private Cloud Compute Virtual Research Environment (VRE) for security researchers to validate its #privacy and security claims.

It offers rewards between $50,000 and $1,000,000 for identifying flaws.

Read: https://thehackernews.com/2024/10/apple-opens-pcc-source-code-for.html

Attention: CVE-2024-41992 #vulnerability in Wi-Fi Test Suite could give attackers full control over Arcadyan routers. The flaw allows for command injection, enabling full administrative access.

Find details here → https://thehackernews.com/2024/10/researchers-discover-command-injection.html