🚨 🔐 Microsoft admits a validation issue in its code that enabled China-based hackers to forge authentication tokens, granting unauthorized access to Azure AD and Outlook[.]com accounts of over two dozen organizations.

Read: https://thehackernews.com/2023/07/microsoft-bug-allowed-hackers-to-breach.html

A new generative AI cybercrime tool called WormGPT is gaining popularity in underground forums. It enables cybercriminals to automate advanced phishing and BEC attacks, using personalized fake emails to increase success rates.

Read: https://thehackernews.com/2023/07/wormgpt-new-ai-tool-allows.html

⚠️ New report reveals the alarming activities of Gamaredon, a notorious Russian hacking crew. They exploit email and messaging platforms to compromise systems, exfiltrating files in a matter of minutes.

Read: https://thehackernews.com/2023/07/cert-ua-uncovers-gamaredons-rapid-data.html

Cybercriminals are leveraging exploits for CVE-2021-40444 and CVE-2022-30190 to execute code through malicious Word files. Once opened, LokiBot malware is downloaded, logging keystrokes, capturing screenshots, and stealing data.

Read: https://thehackernews.com/2023/07/cybercriminals-exploit-microsoft-word.html

🚨 Cyber attacks via infected USB drives have tripled in the first half of 2023. Learn more about the SOGU and SNOWYDRIVE campaigns targeting public and private sector entities worldwide.

Read: https://thehackernews.com/2023/07/malicious-usb-drives-targetinging.html

Heads up! Hackers are exploiting WebAPK technology to trick Android users into downloading fake banking apps that steal sensitive information.

Read details: https://thehackernews.com/2023/07/hackers-exploit-webapk-to-deceive.html

JumpCloud confirms that a nation-state actor was behind the recent security incident. The breach targeted a specific group of customers.

Learn more: https://thehackernews.com/2023/07/jumpcloud-blames-sophisticated-nation.html

Beware! A critical security flaw (CVE-2023-28121) in the WooCommerce Payments #WordPress plugin is currently being actively exploited by threat actors.

In addition to this, Rapid7 has also discovered ongoing exploitation of Adobe ColdFusion flaws (including CVE-2023-29298), resulting in web shell deployments.

Read details here: https://thehackernews.com/2023/07/cybercriminals-exploiting-woocommerce.html

Conor Brian Fitzpatrick, the owner of BreachForums, pleads guilty to charges related to operating a cybercrime forum and possessing child pornography—faces up to 40 years in jail and $750,000 in fines.

Read: https://thehackernews.com/2023/07/owner-of-breachforums-pleads-guilty-to.html

FIN8, notorious financially motivated hacker group, has adopted a revamped version of the Sardonic backdoor to deliver the BlackCat ransomware.

Learn more: https://thehackernews.com/2023/07/fin8-group-using-modified-sardonic.html

Attention VirusTotal users!

A database containing 5,600 customers' details has been exposed, including government agencies like the FBI, NSA, and more.

Learn more: https://thehackernews.com/2023/07/virustotal-data-leak-exposes-some.html

A sophisticated threat actor is targeting Pakistan government entities through a trojanized version of the E-Office application.

Read details: https://thehackernews.com/2023/07/pakistani-entities-targeted-in.html

ALERT: Critical security flaw in Citrix NetScaler ADC and Gateway being actively exploited! CVE-2023-3519 allows unauthenticated remote code execution.

Read: https://thehackernews.com/2023/07/zero-day-attacks-exploited-critical.html

🚨 U.S. government puts Cytrox and Intellexa, foreign commercial spyware vendors, on an economic blocklist for their potential misuse of surveillance tools.

Read details here: https://thehackernews.com/2023/07/us-government-blacklists-cytrox-and.html

🔒 Cybersecurity researchers have discovered a privilege escalation vulnerability, dubbed Bad Build, in Google Cloud. Attackers could tamper with app images and infect users, leading to supply chain attacks.

Read: https://thehackernews.com/2023/07/badbuild-flaw-in-google-cloud-build.html

APT41, a China-linked nation-state actor, has been linked to two newAndroid spyware strains, WyrmSpy and DragonEgg.

Read: https://thehackernews.com/2023/07/chinese-apt41-hackers-target-mobile.html

Dark web investigations rely on techniques like OSINT to uncover identities and track down cybercriminals.

Explore the various techniques used to identify the individuals behind these sites and personas.

Read: https://thehackernews.com/2023/07/exploring-dark-side-osint-tools-and.html

U.S. cybersecurity agencies issue recommendations to strengthen security in 5G network slicing. Find out how to ensure confidentiality, integrity, and availability of network services.

Read details: https://thehackernews.com/2023/07/cisa-and-nsa-issue-new-guidance-to.html

ColdFusion users, beware! Adobe has released new updates to fix a critical security flaw (CVE-2023-38205) that's actively being exploited in the wild.

Read: https://thehackernews.com/2023/07/adobe-rolls-out-new-patches-for.html

Make sure to update your installations to stay protected.

To address evolving nation-state cyber threats, Microsoft announces the inclusion of detailed logs of email access and more log data types for customers at no additional cost.

Read details: https://thehackernews.com/2023/07/microsoft-expands-cloud-logging-to.html