The Hacker News

⚠️ Attention website operators! Starting Nov 1, 2024, Google Chrome will block sites using Entrust certificates due to security issues. Read: https://thehackernews.com/2024/06/google-to-block-entrust-certificates-in.html Don't get caught off guard—switch to a trusted CA before it's too late.

🚨 Just when you thought your biggest online worry was autocorrect... Think again! North Korean Kimsuky group is using a new malicious Chrome extension, TRANSLATEXT, to steal sensitive info from South Korean academia. Details here: https://thehackernews.com/2024/06/kimsuky-using-translatext-chrome.html

GitLab releases security updates fixing 14 vulnerabilities, including critical CI/CD flaw CVE-2024-5655. Update now to ensure protection. Read: https://thehackernews.com/2024/06/gitlab-releases-patch-for-critical-cicd.html

Don't let your #SaaS become a trojan horse! Threat actors exploit misconfigured settings, dormant machine IDs, unauthorized access to breach networks. Extend Zero Trust to SaaS with posture management to lock it down. Learn more: https://thehackernews.com/2024/06/combatting-evolving-saas-kill-chain-how.html

From PowerShell scripts to mimicking legitimate apps, discover how the 8220 Gang exploits Oracle WebLogic Server vulnerabilities using fileless techniques for cryptocurrency mining. Read: https://thehackernews.com/2024/06/8220-gang-exploits-oracle-weblogic.html

🕵️‍♂️ Researchers unveil SnailLoad — a new side-channel attack exploiting network latency spy on users' web activity remotely, achieving up to 98% for video content and 63% for website visits. Read: https://thehackernews.com/2024/06/new-snailload-attack-exploits-network.html

Multiple critical vulnerabilities have been identified in Emerson Rosemount gas chromatographs that could be exploited to execute arbitrary commands, bypass authentication, and cause DoS conditions. Read: https://thehackernews.com/2024/06/researchers-warn-of-flaws-in-widely.html

Alert: TeamViewer detected an irregularity in its internal corporate IT environment. Investigations are ongoing to identify the attackers and the method of intrusion. Learn more: https://thehackernews.com/2024/06/teamviewer-detects-security-breach-in.html

🚨 Alert: Rust-based worm P2PInfect botnet has evolved to target misconfigured Redis servers with ransomware and cryptocurrency miners, showcasing new financial motivations and advanced evasion techniques. Learn more: https://thehackernews.com/2024/06/rust-based-p2pinfect-botnet-evolves.html

Ensuring data security remains crucial, which is why GigaOm recently released a new DSPM report highlighting industry leaders. Sentra has emerged as a leader and rapid innovator, receiving high scores for its data mapping, access intelligence, and on-premises capabilities. View the full report here 👇 https://thn.news/data-security-posture