⚠️ New report reveals the alarming activities of Gamaredon, a notorious Russian hacking crew. They exploit email and messaging platforms to compromise systems, exfiltrating files in a matter of minutes.

Read: https://thehackernews.com/2023/07/cert-ua-uncovers-gamaredons-rapid-data.html

Cybercriminals are leveraging exploits for CVE-2021-40444 and CVE-2022-30190 to execute code through malicious Word files. Once opened, LokiBot malware is downloaded, logging keystrokes, capturing screenshots, and stealing data.

Read: https://thehackernews.com/2023/07/cybercriminals-exploit-microsoft-word.html

🚨 Cyber attacks via infected USB drives have tripled in the first half of 2023. Learn more about the SOGU and SNOWYDRIVE campaigns targeting public and private sector entities worldwide.

Read: https://thehackernews.com/2023/07/malicious-usb-drives-targetinging.html

Heads up! Hackers are exploiting WebAPK technology to trick Android users into downloading fake banking apps that steal sensitive information.

Read details: https://thehackernews.com/2023/07/hackers-exploit-webapk-to-deceive.html

JumpCloud confirms that a nation-state actor was behind the recent security incident. The breach targeted a specific group of customers.

Learn more: https://thehackernews.com/2023/07/jumpcloud-blames-sophisticated-nation.html

Beware! A critical security flaw (CVE-2023-28121) in the WooCommerce Payments #WordPress plugin is currently being actively exploited by threat actors.

In addition to this, Rapid7 has also discovered ongoing exploitation of Adobe ColdFusion flaws (including CVE-2023-29298), resulting in web shell deployments.

Read details here: https://thehackernews.com/2023/07/cybercriminals-exploiting-woocommerce.html

Conor Brian Fitzpatrick, the owner of BreachForums, pleads guilty to charges related to operating a cybercrime forum and possessing child pornography—faces up to 40 years in jail and $750,000 in fines.

Read: https://thehackernews.com/2023/07/owner-of-breachforums-pleads-guilty-to.html

FIN8, notorious financially motivated hacker group, has adopted a revamped version of the Sardonic backdoor to deliver the BlackCat ransomware.

Learn more: https://thehackernews.com/2023/07/fin8-group-using-modified-sardonic.html

Attention VirusTotal users!

A database containing 5,600 customers' details has been exposed, including government agencies like the FBI, NSA, and more.

Learn more: https://thehackernews.com/2023/07/virustotal-data-leak-exposes-some.html

A sophisticated threat actor is targeting Pakistan government entities through a trojanized version of the E-Office application.

Read details: https://thehackernews.com/2023/07/pakistani-entities-targeted-in.html

ALERT: Critical security flaw in Citrix NetScaler ADC and Gateway being actively exploited! CVE-2023-3519 allows unauthenticated remote code execution.

Read: https://thehackernews.com/2023/07/zero-day-attacks-exploited-critical.html

🚨 U.S. government puts Cytrox and Intellexa, foreign commercial spyware vendors, on an economic blocklist for their potential misuse of surveillance tools.

Read details here: https://thehackernews.com/2023/07/us-government-blacklists-cytrox-and.html

🔒 Cybersecurity researchers have discovered a privilege escalation vulnerability, dubbed Bad Build, in Google Cloud. Attackers could tamper with app images and infect users, leading to supply chain attacks.

Read: https://thehackernews.com/2023/07/badbuild-flaw-in-google-cloud-build.html

APT41, a China-linked nation-state actor, has been linked to two newAndroid spyware strains, WyrmSpy and DragonEgg.

Read: https://thehackernews.com/2023/07/chinese-apt41-hackers-target-mobile.html

Dark web investigations rely on techniques like OSINT to uncover identities and track down cybercriminals.

Explore the various techniques used to identify the individuals behind these sites and personas.

Read: https://thehackernews.com/2023/07/exploring-dark-side-osint-tools-and.html

U.S. cybersecurity agencies issue recommendations to strengthen security in 5G network slicing. Find out how to ensure confidentiality, integrity, and availability of network services.

Read details: https://thehackernews.com/2023/07/cisa-and-nsa-issue-new-guidance-to.html

ColdFusion users, beware! Adobe has released new updates to fix a critical security flaw (CVE-2023-38205) that's actively being exploited in the wild.

Read: https://thehackernews.com/2023/07/adobe-rolls-out-new-patches-for.html

Make sure to update your installations to stay protected.

To address evolving nation-state cyber threats, Microsoft announces the inclusion of detailed logs of email access and more log data types for customers at no additional cost.

Read details: https://thehackernews.com/2023/07/microsoft-expands-cloud-logging-to.html

Cybersecurity researchers are warning about a new cloud-targeting, peer-to-peer worm called P2PInfect. It exploits vulnerable Redis instances running on Linux and Windows OS, making it highly scalable.

Read more: https://thehackernews.com/2023/07/new-p2pinfect-worm-targeting-redis.html

North Korean state-sponsored groups suspected in the recent supply chain attack on JumpCloud! They used the breach to target cryptocurrency firms, aiming to generate illegal revenues.

Learn more: https://thehackernews.com/2023/07/north-korean-state-sponsored-hackers.html

Multiple critical flaws in Apache OpenMeetings, a web conferencing solution, exposed admin accounts to control and malicious code execution.

✅ CVE-2023-28936
✅ CVE-2023-29032
✅ CVE-2023-29246

Read details: https://thehackernews.com/2023/07/apache-openmeetings-web-conferencing.html