THN Cybersecurity Recap: Top Threats, Tools and News (Oct 14 – Oct 20)
Hi there! Here's your quick update on the latest in cybersecurity. Hackers are using new tricks to break into systems...
News
Chinese Nation-State Hackers APT41 Hit Gambling Sector for Financial Gain
The prolific Chinese nation-state actor known as APT41 (aka Brass Typhoon, Earth Baku, Wicked Panda, or Winnti) has been attributed...
Researchers Discover Severe Security Flaws in Major E2EE Cloud Storage Providers
Cybersecurity researchers have discovered severe cryptographic issues in various end-to-end encrypted (E2EE) cloud storage platforms that could be exploited to...
Social Media Accounts: The Weak Link in Organizational SaaS Security
Social media accounts help shape a brand's identity and reputation. These public forums engage directly with customers as they are...
Hackers Exploit Roundcube Webmail XSS Vulnerability to Steal Login Credentials
Unknown threat actors have been observed attempting to exploit a now-patched security flaw in the open-source Roundcube webmail software as...
Acronym Overdose – Navigating the Complex Data Security Landscape
In the modern enterprise, data security is often discussed using a complex lexicon of acronyms—DLP, DDR, DSPM, and many others....
Crypt Ghouls Targets Russian Firms with LockBit 3.0 and Babuk Ransomware Attacks
A nascent threat actor known as Crypt Ghouls has been linked to a set of cyber attacks targeting Russian businesses...
Microsoft Tops List of Most Imitated Brands in Phishing Attacks
In Q3 2024, Microsoft was identified as the leading impersonated brand in phishing attacks, highlighting ongoing cybersecurity challenges. According to...
Internet Archive Resumes Services After DDoS Attacks
Internet Archive has successfully resumed most of its services following a series of disruptive DDoS attacks that impacted its operations....
Instagram Implements New Measures Against Sextortion Scams
Instagram is taking proactive steps to enhance user safety by implementing new measures aimed at preventing sextortion scams on the...
macOS Vulnerability Exposes User Data: Microsoft Alert on HM Surf Threat
Microsoft has identified a significant macOS vulnerability known as HM Surf, potentially exposing sensitive user data to attackers. Microsoft has...
SEC X Account Hack: Man Arrested for Bitcoin Price Manipulation
In a significant development, a man has been arrested for his alleged role in the SEC X account hack that...
The Ultimate DSPM Guide: Webinar on Building a Strong Data Security Posture
Picture your company's data as a vast, complex jigsaw puzzle—scattered across clouds, devices, and networks. Some pieces are hidden, some...
North Korean IT Workers in Western Firms Now Demanding Ransom for Stolen Data
North Korean information technology (IT) workers who obtain employment under false identities in Western companies are not only stealing intellectual...
U.S. and Allies Warn of Iranian Cyberattacks on Critical Infrastructure in Year-Long Campaign
Cybersecurity and intelligence agencies from Australia, Canada, and the U.S. have warned about a year-long campaign undertaken by Iranian cyber...
Beware: Fake Google Meet Pages Deliver Infostealers in Ongoing ClickFix Campaign
Threat actors are leveraging fake Google Meet web pages as part of an ongoing malware campaign dubbed ClickFix to deliver...
Microsoft Reveals macOS Vulnerability that Bypasses Privacy Controls in Safari Browser
Microsoft has disclosed details about a now-patched security flaw in Apple's Transparency, Consent, and Control (TCC) framework in macOS that...
Nation States Linked to Two-Thirds of Attributable Malware Attacks
Recent data reveals that a staggering two-thirds of the attributable malware assaults on Netskope customers are linked to state-backed actors,...
CISA Seeks Feedback on Product Security Flaws Guidance for Organizations
The US Cybersecurity and Infrastructure Security Agency (CISA) is currently inviting feedback on its draft guidance regarding product security flaws....
NIS2 Deadline: Urgent Concerns Over Compliance Readiness
As the NIS2 Directive deadline looms, many organizations express doubts about their readiness to ensure compliance with new cybersecurity regulations....
Cicada3301 Ransomware: Targeting Critical Sectors in the US and UK
Cicada3301 ransomware has emerged as a formidable threat to businesses in crucial sectors within the US and UK since its...
US Charges Members of Anonymous Sudan in Major DDoS Cybercrime Network
US authorities have charged two Sudanese nationals associated with a prominent DDoS cybercrime network, Anonymous Sudan. US authorities have charged...
Iranian Hackers Intensify Attacks on Critical Infrastructure Using Brute Force Methods
A recent warning from intelligence and law enforcement agencies highlights the alarming trend of Iranian-backed cyber operations focusing on critical...
North Korea’s Fake IT Worker Schemes: New Tactics in Extortion
North Korea's fake IT worker schemes are evolving, as researchers uncover alarming new tactics aimed at extorting employers. Researchers from...
