💡 With new vulnerabilities emerging daily, pentest checklists are essential for cybersecurity teams. Each asset—web apps, networks, APIs—requires a tailored checklist for its specific threats.

Read: https://thehackernews.com/2024/10/guide-ultimate-pentest-checklist-for.html

Have you updated your pentesting protocols recently?

⚠️ CISA has added a critical zero-day vulnerability (CVE-2024-9537) affecting ScienceLogic SL1 to its KEV catalog.

This flaw, with a staggering CVSS score of 9.3, allows for remote code execution.

Read 👉 https://thehackernews.com/2024/10/cisa-adds-sciencelogic-sl1.html

Apply the latest patches.

VMware has released updates for CVE-2024-38812, a critical #vulnerability in vCenter Server.

With a CVSS score of 9.8, this heap-overflow flaw could allow remote code execution, fundamentally jeopardizing organizational security.

Read: https://thehackernews.com/2024/10/vmware-releases-vcenter-server-update.html

🚀 Join FREE webinar on threat investigations from Anyrun.

🗓️ Wed, Oct 23, 2 PM GMT

Register now ➡️ https://thn.news/threat-investigations-ti-lookup

🔍 Learn how to discover in-depth threat context, enrich your investigations with #IOCs, and search through #TI database with 40+ parameters.

🚨 Researchers warn about Ethereum key-stealing npm packages!

The identified packages, including ethers-mew and ethers-web3, allow attackers to gain SSH access by modifying the authorized keys file, making them particularly dangerous.

Read: https://thehackernews.com/2024/10/malicious-npm-packages-target.html

⚠️ Two malware families, Bumblebee and Latrodectus, have resurfaced, leveraging advanced phishing campaigns after setbacks from Operation Endgame.

Learn more: https://thehackernews.com/2024/10/bumblebee-and-latrodectus-malware.html

Learn how bad actors exploit Docker remote API servers to deploy crypto miners and discover essential security practices for your organization.

Learn more: https://thehackernews.com/2024/10/cybercriminals-exploiting-docker-api.html

A new #vulnerability in Styra's Open Policy Agent (CVE-2024-8260) could expose NTLM credentials to attackers.

Attackers can exploit it to relay authentication, reinforcing the need for stringent input validation across all applications.

Read: https://thehackernews.com/2024/10/security-flaw-in-styras-opa-exposes.html

A new phishing campaign targets Russian-speaking users with advanced RATs using Gophish.

The attack uses both Maldoc and HTML-based infections, requiring user interaction—an important reminder for professionals to train teams on recognizing phishing attempts.

https://thehackernews.com/2024/10/gophish-framework-used-in-phishing.html

🔐 Discover the risks of unmanaged service accounts in Active Directory and how to effectively monitor them for enhanced security.

Learn more about monitoring service accounts and safeguarding your network 👉 https://thehackernews.com/2024/10/a-comprehensive-guide-to-finding.html

Cybercriminals are using new #ransomware disguised as LockBit to pressure victims, while embedding AWS credentials for data exfiltration—highlighting the evolving tactics of threat actors.

Learn more: https://thehackernews.com/2024/10/ransomware-gangs-use-lockbits-fame-to.html

⚠️ Researchers unveil "Deceptive Delight," a new jailbreak method for large language models (LLMs) that cleverly sneaks harmful instructions into conversations.

Find details here: https://thehackernews.com/2024/10/researchers-reveal-deceptive-delight.html

⚠️ A high-severity flaw in #Microsoft SharePoint (CVE-2024-38094) has been added to CISA's Known Exploited Vulnerabilities catalog.

Proof-of-concept (PoC) scripts are already public, making exploitation more accessible.

Learn more: https://thehackernews.com/2024/10/cisa-warns-of-active-exploitation-of.html

Identity security is evolving from mere access management to a strategic business necessity.

Explore the critical state of identity security post-breach, highlighting risks and strategic insights for cybersecurity professionals.

Read: https://thehackernews.com/2024/10/permiso-state-of-identity-security-2024.html

⚠️ New variants of Grandoreiro banking malware are evolving, targeting 1,700 financial institutions in 45 countries, and employing tactics like mouse tracking and CAPTCHA barriers, despite law enforcement efforts.

Read: https://thehackernews.com/2024/10/new-grandoreiro-banking-malware.html

🚨 Fortinet confirms a critical vulnerability (CVE-2024-47575 / CVSS 9.8) affecting FortiManager is being actively exploited!

It could allow unauthorized remote access, potentially compromising sensitive data & configurations.

https://thehackernews.com/2024/10/fortinet-warns-of-critical.html

Don't wait—patch now.

North Korea's Lazarus Group exploits a zero-day #vulnerability (CVE-2024-4947) in Google Chrome to target the #cryptocurrency sector.

Exploitation strategy involved social media manipulation and fake game promotions.

Learn more: https://thehackernews.com/2024/10/lazarus-group-exploits-google-chrome.html

Cisco has patched CVE-2024-20481, a #vulnerability affecting its ASA and Firepower devices that could lead to a denial-of-service (DoS) for Remote Access VPNs.

Learn more: https://thehackernews.com/2024/10/cisco-issues-urgent-fix-for-asa-and-ftd.html

Researchers identified a #vulnerability in AWS CDK that may lead to account takeover, with over 1% of users at risk from predictable S3 bucket names.

The solution: update your CDK version and customize bucket names.

Read: https://thehackernews.com/2024/10/aws-cloud-development-kit-vulnerability.html

Generative AI is revolutionizing phishing attacks, posing new challenges for #cybersecurity professionals.

Discover how to combat this evolving threat.

Read → https://thehackernews.com/2024/10/why-phishing-resistant-mfa-is-no-longer.html