Big news from Microsoft!

They’ve disabled the AI-powered Recall feature by default after backlash over #privacy concerns.

Recall now includes enhanced security like Windows Hello biometric scanning and encrypted databases.

Learn more: https://thehackernews.com/2024/06/microsoft-revamps-controversial-ai.html

🛑 Attention Developers and SysAdmins!

A new PHP flaw (CVE-2024-4577) affects all of its Windows versions, enabling remote code execution via CGI argument injection.

Learn more: https://thehackernews.com/2024/06/new-php-vulnerability-exposes-windows.html

Patch is available—update to PHP 8.3.8, 8.2.20, or 8.1.29 immediately.

🚨 Threat Alert: Sticky Werewolf Targets Russian and Belarusian Entities.

Phishing attacks expand beyond government organizations to pharmaceutical, research, and aviation sectors.

Learn more about the latest campaign: https://thehackernews.com/2024/06/sticky-werewolf-expands-cyber-attack.html

Google takes down 1,320 YouTube channels and 1,177 Blogger blogs linked to Chinese influence operation.

Find out more about the coordinated campaign targeting U.S. foreign affairs: https://thehackernews.com/2024/06/google-takes-down-influence-campaigns.html

🔐 Researchers have uncovered a vulnerability in Azure Service Tags that could allow attackers to bypass firewall rules. Microsoft has issued guidance on this issue.

Discover how to safeguard your cloud assets: https://thehackernews.com/2024/06/azure-service-tags-vulnerability.html

💪 Cybersecurity education doesn't stop after certification.

Learn how earning CPE credits through workshops, courses, and conferences can open doors to promotions and higher-paying opportunities.

Read the full article now: https://thehackernews.com/2024/06/cybersecurity-cpes-unraveling-what-why.html

A new phishing attack distributing More_eggs malware is targeting recruiters by posing as job applicants on LinkedIn.

Learn how these sophisticated social engineering tactics work and protect your organization.

🔗 Read more: https://thehackernews.com/2024/06/moreeggs-malware-disguised-as-resumes.html

Attention developers!

Arm reveals a serious security flaw in Mali GPU Kernel Drivers, impacting versions r34p0 to r40p0. This vulnerability is already being exploited.

Read: https://thehackernews.com/2024/06/arm-warns-of-actively-exploited-zero.html

🚨 New Alert: 165 Snowflake customers' data potentially exposed in a large-scale cyber campaign by UNC5537. This financially motivated threat actor is systematically compromising instances using stolen credentials.

Read: https://thehackernews.com/2024/06/snowflake-breach-exposes-165-customers.html

🛡️ Researchers have identified an updated version of ValleyRAT with new commands for capturing screenshots, process filtering, and more.

Learn how this multi-stage malware evades detection and threatens sensitive data.

Read: https://thehackernews.com/2024/06/china-linked-valleyrat-malware.html

🔥 Meet "Apple Intelligence" – the new generative AI features in iOS 18, iPadOS 18, and macOS Sequoia.

Apple is integrating OpenAI's ChatGPT into Siri and systemwide Writing Tools, with strong privacy protections.

Find details here: https://thehackernews.com/2024/06/apple-integrates-openais-chatgpt-into.html

Over 1,200 organizations were found vulnerable to these top 10 pentest findings.

Is your company one of them? Find out now and take action to secure your network.

🔗 Read the full article: https://thehackernews.com/2024/06/top-10-critical-pentest-findings-2024.html

🚨 Cyberattacks are the 1 threat to businesses. Recent study shows that phishing, identity security & ransomware are top concerns for CISOs.

Last quarter, the first individual #ransomware loss exceeded a billion dollars.

Learn more: https://thehackernews.com/expert-insights/2024/06/the-democratization-of-cyberattacks-how.html

🌍 Researchers have uncovered SecShow, a Chinese actor conducting global DNS probes. Operating from CERNET, these probes exploit open DNS resolvers for potential malicious activities.

🔗 Learn more: https://thehackernews.com/2024/06/chinese-actor-secshow-conducts-massive.html

Your business, attack surface and the threat landscape are not static - they are constantly changing.

Knowing where and how to prioritize your security resources to achieve the greatest impact with the least time invested is critical.

📅 Join Intruder’s webinar (June 12, 2024) to learn why exposure management is the way forward: https://thn.news/exposure-management-class

Can’t make it? Register for the webinar and a copy will be sent.

🌐 MSPs, are you ready to meet the soaring demand for cybersecurity services? Cynet’s All-in-One Cybersecurity Platform is your solution.

With a full suite of capabilities and 24/7 expert support, provide full breach protection with ease.

Learn more: https://thehackernews.com/2024/06/how-cynet-makes-msps-rich-their-clients.html

Microsoft has released updates addressing 51 security flaws for June 2024, including one Critical and 50 Important vulnerabilities.

Learn more: https://thehackernews.com/2024/06/microsoft-issues-patches-for-51-flaws.html

🚨 Warning - Chinese state-sponsored hackers exploited a Fortinet FortiGate vulnerability to infect 20,000 systems globally, targeting governments, organizations, and the defense industry.

Read about it here: https://thehackernews.com/2024/06/china-backed-hackers-exploit-fortinet.html

#cybersecurity

🛡️ Phishing campaigns target job-seekers with WARMCOOKIE backdoor, while another sophisticated attack exploits Windows search functionality to deliver malware.

Find Out More: https://thehackernews.com/2024/06/new-phishing-campaign-deploys.html

🚨 Alert: Black Basta ransomware group may have exploited a privilege escalation flaw (CVE-2024-26169) in the Microsoft Windows Error Reporting Service as a zero-day vulnerability.

Learn more: https://thehackernews.com/2024/06/black-basta-ransomware-may-have.html