🔐 U.S. DoJ charges North Korean hacker Rim Jong Hyok for ransomware attacks on U.S. hospitals.

The attacks disrupted essential services & posed serious risks to patient care.

💰 $10M reward announced for tips leading to the arrest of Hyok.

https://thehackernews.com/2024/07/us-doj-indicts-north-korean-hacker-for.html

New insights on application security testing highlight 6 essential methods.

These methods, including DAST & SAST, help identify vulnerabilities early and throughout the application lifecycle.

Learn more: https://thehackernews.com/2024/07/6-types-of-applications-security.html

Cybersecurity expert Foster Nethercott highlights offensive AI’s potential as a major threat. Offensive AI can create novel malware capable of evading traditional security measures, posing significant risks.

His paper outlines key points: https://thehackernews.com/2024/07/offensive-ai-sine-qua-non-of.html

A new phishing-as-a-service platform from the GXC Team targets Spanish banks and other institutions with malicious Android apps and AI-powered voice calling tools.

Learn more: https://thehackernews.com/2024/07/spanish-hackers-bundle-phishing-kits.html

Beware of the "lr-utils-lib" PyPI package—it's a new threat to macOS users!

This package steals Google Cloud credentials, posing a serious risk to both individual developers and enterprises.

Read details: https://thehackernews.com/2024/07/malicious-pypi-package-targets-macos-to.html

French authorities and Europol launch "disinfection operation" against PlugX malware.

This operation aims to clean infected systems across multiple European countries, potentially affecting millions worldwide.

PlugX can persist on air-gapped networks and USB drives, posing a long-term risk.

Learn more: https://thehackernews.com/2024/07/french-authorities-launch-operation-to.html

Gh0st RAT malware is being delivered via the Gh0stGambit dropper, targeting Chinese-speaking Windows users through fake Chrome installers.

The malware can steal data, log keystrokes, and even enable remote access.

Read: https://thehackernews.com/2024/07/gh0st-rat-trojan-targets-chinese.html

The threat actor Stargazer Goblin has created a network of over 3,000 fake GitHub accounts to distribute malware, netting $100,000 in illicit profits.

Read details here: https://thehackernews.com/2024/07/stargazer-goblin-creates-3000-fake.html

Searchable encryption is emerging as a new gold standard in data security.

This breakthrough technology enables data to be encrypted while still being used, eliminating flaws during data processing.

Discover the power of searchable encryption: https://thehackernews.com/2024/07/how-searchable-encryption-changes-data.html

Acronis warns of a critical security flaw in its Cyber Infrastructure (ACI) product. This vulnerability, CVE-2023-45249, allows RCE due to default passwords, posing a high risk (CVSS score: 9.8)

Read: https://thehackernews.com/2024/07/critical-flaw-in-acronis-cyber.html

Ensure your ACI is up-to-date.

A vulnerability in VMware ESXi hypervisors has been exploited by ransomware groups to gain administrative access and deploy malware.

It allows attackers to escalate privileges easily, posing a severe risk to organizations using ESXi.

https://thehackernews.com/2024/07/vmware-esxi-flaw-exploited-by.html

Alert: A new phishing campaign, called OneDrive Pastejacking, uses an HTML file mimicking a Microsoft OneDrive error message to trick users into running a malicious PowerShell script.

Details here: https://thehackernews.com/2024/07/onedrive-phishing-scam-tricks-users.html

SideWinder, a nation-state threat actor, targets maritime facilities in the Indian Ocean and Mediterranean Sea.

This campaign could disrupt international maritime operations and compromise sensitive data.

Learn more: https://thehackernews.com/2024/07/new-sidewinder-cyber-attacks-target.html

Widespread phishing campaigns in Poland lead to the deployment of malware families like Agent Tesla and Formbook.

Attackers use compromised email accounts and company servers to spread malware and collect stolen data.

Read: https://thehackernews.com/2024/07/cybercriminals-target-polish-businesses.html

Cybersixgill’s "State of the Underground 2024" report reveals the latest trends in the dark web. Understanding these trends is crucial for anticipating and mitigating cyber threats.

The report covers compromised credit card trends, initial access trends, and ransomware tactics used by threat actors.

Read: https://thehackernews.com/2024/07/cyber-threat-intelligence-illuminating.html

New Mandrake Android spyware found in five Google Play Store apps, undetected for two years.

This spyware compromised over 32,000 devices across multiple countries, showcasing the evolving threat landscape.

Learn more: https://thehackernews.com/2024/07/new-mandrake-spyware-found-in-google.html

RMM tools are being weaponized by cybercriminals to infiltrate networks. As remote work increases, RMM tools, if exploited, can lead to severe data breaches and undetected malicious activities.

Ransomware-as-a-service groups often use legitimate IT tools to navigate networks stealthily and steal data.

Implementing robust application control policies can mitigate these risks significantly.

Read about it here: https://thehackernews.com/2024/07/the-power-and-peril-of-rmm-tools.html

Meta settles for $1.4 billion with Texas over illegal biometric data collection. The lawsuit accused Meta of capturing facial data without users' consent, violating Texas law.

Learn more: https://thehackernews.com/2024/07/meta-settles-for-14-billion-with-texas.html

Companies in Russia and Moldova have been targeted by a phishing campaign from the cyber espionage group XDSpy.

XDSpy uses sophisticated spear-phishing techniques to deploy malware, which can exfiltrate data and gather passwords.

Read: https://thehackernews.com/2024/07/cyber-espionage-group-xdspy-targets.html

🚨 A large-scale Android malware campaign targeting 600+ global brands and millions of users has been uncovered.

Over 107,000 malicious apps, mostly outside known repositories, are stealing SMS messages and OTPs for identity fraud.

Learn more: https://thehackernews.com/2024/07/cybercriminals-deploy-100k-malware.html