North Korean IT workers posing as contractors are now demanding ransoms from former employers after stealing proprietary data.

These workers avoid using company-issued laptops, rerouting them and leveraging personal devices to evade detection.

https://thehackernews.com/2024/10/north-korean-it-workers-in-western.html

With rising threats & regulations, companies are scrambling to secure their data. That’s where Data Security Posture Management (DSPM) helps.

Join our WEBINAR to see how DSPM works in real-world scenarios & secures every piece of the data puzzle.

https://thehackernews.com/2024/10/the-ultimate-dspm-guide-webinar-on.html

Get ahead of the cybersecurity curve by understanding key frameworks and acronyms like DDR, CASB, and NIST for comprehensive data security.

Read: https://thehackernews.com/2024/10/acronym-overdose-navigating-complex.html

A critical XSS vulnerability in Roundcube Webmail has been exploited to steal user credentials via phishing attacks.

Read: https://thehackernews.com/2024/10/hackers-exploit-roundcube-webmail-xss.html

Ensure your systems are updated to versions 1.5.7 or 1.6.7 to avoid these risks!

🔥 Researchers revealed severe vulnerabilities in major end-to-end encrypted (E2EE) cloud storage platforms, including Sync, pCloud, and Tresorit. These flaws could allow malicious servers to tamper with or access your sensitive data.

Read: https://thehackernews.com/2024/10/researchers-discover-severe-security.html

🔐 Weekly #Cybersecurity Recap!

Hackers are getting smarter, but so are we! From macOS flaws to TrickMo Android trojans, here's what you need to know to stay safe.

Catch all the critical updates in our latest newsletter: https://thehackernews.com/2024/10/thn-cybersecurity-recap-top-threats_21.html

⚠️APT41, a Chinese nation-state actor, has launched a sophisticated cyber attack against the gaming industry, stealthily gathering critical data like user passwords and network configurations over six months.

Learn more: https://thehackernews.com/2024/10/chinese-nation-state-hackers-apt41-hit.html

💡 With new vulnerabilities emerging daily, pentest checklists are essential for cybersecurity teams. Each asset—web apps, networks, APIs—requires a tailored checklist for its specific threats.

Read: https://thehackernews.com/2024/10/guide-ultimate-pentest-checklist-for.html

Have you updated your pentesting protocols recently?

⚠️ CISA has added a critical zero-day vulnerability (CVE-2024-9537) affecting ScienceLogic SL1 to its KEV catalog.

This flaw, with a staggering CVSS score of 9.3, allows for remote code execution.

Read 👉 https://thehackernews.com/2024/10/cisa-adds-sciencelogic-sl1.html

Apply the latest patches.

VMware has released updates for CVE-2024-38812, a critical #vulnerability in vCenter Server.

With a CVSS score of 9.8, this heap-overflow flaw could allow remote code execution, fundamentally jeopardizing organizational security.

Read: https://thehackernews.com/2024/10/vmware-releases-vcenter-server-update.html

🚀 Join FREE webinar on threat investigations from Anyrun.

🗓️ Wed, Oct 23, 2 PM GMT

Register now ➡️ https://thn.news/threat-investigations-ti-lookup

🔍 Learn how to discover in-depth threat context, enrich your investigations with #IOCs, and search through #TI database with 40+ parameters.

🚨 Researchers warn about Ethereum key-stealing npm packages!

The identified packages, including ethers-mew and ethers-web3, allow attackers to gain SSH access by modifying the authorized keys file, making them particularly dangerous.

Read: https://thehackernews.com/2024/10/malicious-npm-packages-target.html

⚠️ Two malware families, Bumblebee and Latrodectus, have resurfaced, leveraging advanced phishing campaigns after setbacks from Operation Endgame.

Learn more: https://thehackernews.com/2024/10/bumblebee-and-latrodectus-malware.html

Learn how bad actors exploit Docker remote API servers to deploy crypto miners and discover essential security practices for your organization.

Learn more: https://thehackernews.com/2024/10/cybercriminals-exploiting-docker-api.html

A new #vulnerability in Styra's Open Policy Agent (CVE-2024-8260) could expose NTLM credentials to attackers.

Attackers can exploit it to relay authentication, reinforcing the need for stringent input validation across all applications.

Read: https://thehackernews.com/2024/10/security-flaw-in-styras-opa-exposes.html

A new phishing campaign targets Russian-speaking users with advanced RATs using Gophish.

The attack uses both Maldoc and HTML-based infections, requiring user interaction—an important reminder for professionals to train teams on recognizing phishing attempts.

https://thehackernews.com/2024/10/gophish-framework-used-in-phishing.html

🔐 Discover the risks of unmanaged service accounts in Active Directory and how to effectively monitor them for enhanced security.

Learn more about monitoring service accounts and safeguarding your network 👉 https://thehackernews.com/2024/10/a-comprehensive-guide-to-finding.html

Cybercriminals are using new #ransomware disguised as LockBit to pressure victims, while embedding AWS credentials for data exfiltration—highlighting the evolving tactics of threat actors.

Learn more: https://thehackernews.com/2024/10/ransomware-gangs-use-lockbits-fame-to.html

⚠️ Researchers unveil "Deceptive Delight," a new jailbreak method for large language models (LLMs) that cleverly sneaks harmful instructions into conversations.

Find details here: https://thehackernews.com/2024/10/researchers-reveal-deceptive-delight.html

⚠️ A high-severity flaw in #Microsoft SharePoint (CVE-2024-38094) has been added to CISA's Known Exploited Vulnerabilities catalog.

Proof-of-concept (PoC) scripts are already public, making exploitation more accessible.

Learn more: https://thehackernews.com/2024/10/cisa-warns-of-active-exploitation-of.html