New vulnerabilities are disclosed hourly, new exploits for old vulnerabilities are publicly released and threat actors are updating their techniques continuously.

Knowing where and how to prioritize your security resources to achieve the greatest impact with the least time invested is critical.

Join Intruder’s webinar on June 12, 2024, to learn how to get started: https://thn.news/exposure-management-lessons

Can’t make it? Register for the webinar and a copy will be sent.

Cybercriminals are exploiting vulnerabilities in Docker and ThinkPHP to deploy cryptominers and web shells.

Learn more about these cyberattacks - https://thehackernews.com/2024/06/commando-cat-cryptojacking-attacks.html

Secure your installations and update your applications to prevent attacks.

🔒 Alert: CERT-UA warns of cyber-attacks on Ukraine's defense forces using the SPECTR malware in SickSync espionage campaign.

Learn more about the tactics used by the Vermin group: https://thehackernews.com/2024/06/spectr-malware-targets-ukraine-defense.html

🔒 FBI has 7,000+ decryption keys for LockBit ransomware to help victims recover their data for free. If you're a victim, don't pay the ransom.

🔧 Here's how to unlock your data: https://thehackernews.com/2024/06/fbi-distributes-7000-lockbit-ransomware.html

Growing concerns over responsible 🤖 AI use:

✓ Google guides Android devs
✓ Meta faces EU privacy complaints
✓ Microsoft's Recall feature raises security red flags

Learn about the potential risks & how they could impact you: https://thehackernews.com/2024/06/the-ai-debate-googles-guidelines-metas.html

Traditional SCA tools often miss critical vulnerabilities and create alert fatigue. Learn how to protect your software supply chain from emerging threats.

🔗 Download the guide for more insights: https://thehackernews.com/2024/06/cyber-landscape-is-evolving-so-should.html

🚨 LightSpy, a malware framework, now targets macOS alongside iOS, Android, and Windows. It uses 10 plugins to gather extensive data from infected devices.

Learn more: https://thehackernews.com/2024/06/lightspy-spywares-macos-variant-found.html

Ransomware, DDoS, data breaches – 2023 was a tough year for cybersecurity.

The good news? Many of these attacks could have been prevented with better basic practices.

Learn more at our upcoming webinar: https://thehackernews.com/2024/06/ultimate-cyber-hygiene-guide-learn-how.html

SAVE YOUR SPOT NOW!

Big news from Microsoft!

They’ve disabled the AI-powered Recall feature by default after backlash over #privacy concerns.

Recall now includes enhanced security like Windows Hello biometric scanning and encrypted databases.

Learn more: https://thehackernews.com/2024/06/microsoft-revamps-controversial-ai.html

🛑 Attention Developers and SysAdmins!

A new PHP flaw (CVE-2024-4577) affects all of its Windows versions, enabling remote code execution via CGI argument injection.

Learn more: https://thehackernews.com/2024/06/new-php-vulnerability-exposes-windows.html

Patch is available—update to PHP 8.3.8, 8.2.20, or 8.1.29 immediately.

🚨 Threat Alert: Sticky Werewolf Targets Russian and Belarusian Entities.

Phishing attacks expand beyond government organizations to pharmaceutical, research, and aviation sectors.

Learn more about the latest campaign: https://thehackernews.com/2024/06/sticky-werewolf-expands-cyber-attack.html

Google takes down 1,320 YouTube channels and 1,177 Blogger blogs linked to Chinese influence operation.

Find out more about the coordinated campaign targeting U.S. foreign affairs: https://thehackernews.com/2024/06/google-takes-down-influence-campaigns.html

🔐 Researchers have uncovered a vulnerability in Azure Service Tags that could allow attackers to bypass firewall rules. Microsoft has issued guidance on this issue.

Discover how to safeguard your cloud assets: https://thehackernews.com/2024/06/azure-service-tags-vulnerability.html

💪 Cybersecurity education doesn't stop after certification.

Learn how earning CPE credits through workshops, courses, and conferences can open doors to promotions and higher-paying opportunities.

Read the full article now: https://thehackernews.com/2024/06/cybersecurity-cpes-unraveling-what-why.html

A new phishing attack distributing More_eggs malware is targeting recruiters by posing as job applicants on LinkedIn.

Learn how these sophisticated social engineering tactics work and protect your organization.

🔗 Read more: https://thehackernews.com/2024/06/moreeggs-malware-disguised-as-resumes.html

Attention developers!

Arm reveals a serious security flaw in Mali GPU Kernel Drivers, impacting versions r34p0 to r40p0. This vulnerability is already being exploited.

Read: https://thehackernews.com/2024/06/arm-warns-of-actively-exploited-zero.html

🚨 New Alert: 165 Snowflake customers' data potentially exposed in a large-scale cyber campaign by UNC5537. This financially motivated threat actor is systematically compromising instances using stolen credentials.

Read: https://thehackernews.com/2024/06/snowflake-breach-exposes-165-customers.html

🛡️ Researchers have identified an updated version of ValleyRAT with new commands for capturing screenshots, process filtering, and more.

Learn how this multi-stage malware evades detection and threatens sensitive data.

Read: https://thehackernews.com/2024/06/china-linked-valleyrat-malware.html

🔥 Meet "Apple Intelligence" – the new generative AI features in iOS 18, iPadOS 18, and macOS Sequoia.

Apple is integrating OpenAI's ChatGPT into Siri and systemwide Writing Tools, with strong privacy protections.

Find details here: https://thehackernews.com/2024/06/apple-integrates-openais-chatgpt-into.html

Over 1,200 organizations were found vulnerable to these top 10 pentest findings.

Is your company one of them? Find out now and take action to secure your network.

🔗 Read the full article: https://thehackernews.com/2024/06/top-10-critical-pentest-findings-2024.html