TECHZONE™
الذهاب إلى القناة على Telegram
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
إظهار المزيد595
المشتركون
-124 ساعات
لا توجد بيانات7 أيام
-930 أيام
أرشيف المشاركات
595
Patchwork Hackers Target Bhutan with Advanced Brute Ratel C4 Tool
https://thehackernews.com/2024/07/patchwork-hackers-target-bhutan-with.html
The threat actor known as Patchwork has been linked to a cyber attack targeting entities with ties to Bhutan to deliver the Brute Ratel C4 framework and an updated version of a backdoor called PGoShell.
The development marks the first time the adversary has been observed using the red teaming software, the Knownsec 404 Team said in an analysis published last week.
The activity cluster, also
595
CrowdStrike Explains Friday Incident Crashing Millions of Windows Devices
https://thehackernews.com/2024/07/crowdstrike-explains-friday-windows.html
Cybersecurity firm CrowdStrike on Wednesday blamed an issue in its validation system for causing millions of Windows devices to crash as part of a widespread outage late last week.
"On Friday, July 19, 2024 at 04:09 UTC, as part of regular operations, CrowdStrike released a content configuration update for the Windows sensor to gather telemetry on possible novel threat techniques," the company
595
Microsoft Defender Flaw Exploited to Deliver ACR, Lumma, and Meduza Stealers
https://thehackernews.com/2024/07/microsoft-defender-flaw-exploited-to.html
A now-patched security flaw in the Microsoft Defender SmartScreen has been exploited as part of a new campaign designed to deliver information stealers such as ACR Stealer, Lumma, and Meduza.
Fortinet FortiGuard Labs said it detected the stealer campaign targeting Spain, Thailand, and the U.S. using booby-trapped files that exploit CVE-2024-21412 (CVSS score: 8.1).
The high-severity
595
CISA Adds Twilio Authy and IE Flaws to Exploited Vulnerabilities List
https://thehackernews.com/2024/07/cisa-adds-twilio-authy-and-ie-flaws-to.html
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two security flaws to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The vulnerabilities are listed below -
CVE-2012-4792 (CVSS score: 9.3) - Microsoft Internet Explorer Use-After-Free Vulnerability
CVE-2024-39891 (CVSS score: 5.3) - Twilio Authy Information Disclosure
595
Cursed tapes: Exploiting the EvilVideo vulnerability on Telegram for Android
https://www.welivesecurity.com/en/eset-research/cursed-tapes-exploiting-evilvideo-vulnerability-telegram-android/
ESET researchers discovered a zero-day Telegram for Android exploit that allows sending malicious files disguised as videos
595
Ukrainian Institutions Targeted Using HATVIBE and CHERRYSPY Malware
https://thehackernews.com/2024/07/ukrainian-institutions-targeted-using.html
The Computer Emergency Response Team of Ukraine (CERT-UA) has alerted of a spear-phishing campaign targeting a scientific research institution in the country with malware known as HATVIBE and CHERRYSPY.
The agency attributed the attack to a threat actor it tracks under the name UAC-0063, which was previously observed targeting various government entities to gather sensitive information using
595
Google Abandons Plan to Phase Out Third-Party Cookies in Chrome
https://thehackernews.com/2024/07/google-abandons-plan-to-phase-out-third.html
Google on Monday abandoned plans to phase out third-party tracking cookies in its Chrome web browser more than four years after it introduced the option as part of a larger set of a controversial proposal called the Privacy Sandbox.
"Instead of deprecating third-party cookies, we would introduce a new experience in Chrome that lets people make an informed choice that applies across their web
595
Experts Uncover Chinese Cybercrime Network Behind Gambling and Human Trafficking
https://thehackernews.com/2024/07/experts-uncover-chinese-cybercrime.html
The relationship between various TDSs and DNS associated with Vigorish Viper and the final landing experience for the user
A Chinese organized crime syndicate with links to money laundering and human trafficking across Southeast Asia has been using an advanced "technology suite" that runs the whole cybercrime supply chain spectrum to spearhead its operations.
Infoblox is tracking the proprietor
595
PINEAPPLE and FLUXROOT Hacker Groups Abuse Google Cloud for Credential Phishing
https://thehackernews.com/2024/07/pineapple-and-fluxroot-hacker-groups.html
A Latin America (LATAM)-based financially motivated actor codenamed FLUXROOT has been observed leveraging Google Cloud serverless projects to orchestrate credential phishing activity, highlighting the abuse of the cloud computing model for malicious purposes.
"Serverless architectures are attractive to developers and enterprises for their flexibility, cost effectiveness, and ease of use," Google
595
How to Set up an Automated SMS Analysis Service with AI in Tines
https://thehackernews.com/2024/07/how-to-set-up-automated-sms-analysis.html
The opportunities to use AI in workflow automation are many and varied, but one of the simplest ways to use AI to save time and enhance your organization’s security posture is by building an automated SMS analysis service.
Workflow automation platform Tines provides a good example of how to do it. The vendor recently released their first native AI features, and security teams have already
595
MSPs & MSSPs: How to Increase Engagement with Your Cybersecurity Clients Through vCISO Reporting
https://thehackernews.com/2024/07/msps-mssps-how-to-increase-engagement.html
As a vCISO, you are responsible for your client's cybersecurity strategy and risk governance. This incorporates multiple disciplines, from research to execution to reporting. Recently, we published a comprehensive playbook for vCISOs, “Your First 100 Days as a vCISO – 5 Steps to Success”, which covers all the phases entailed in launching a successful vCISO engagement, along with recommended
595
SocGholish Malware Exploits BOINC Project for Covert Cyberattacks
https://thehackernews.com/2024/07/socgholish-malware-exploits-boinc.html
The JavaScript downloader malware known as SocGholish (aka FakeUpdates) is being used to deliver a remote access trojan called AsyncRAT as well as a legitimate open-source project called BOINC.
BOINC, short for Berkeley Open Infrastructure Network Computing Client, is an open-source "volunteer computing" platform maintained by the University of California with an aim to carry out "large-scale
595
How adware exposed victims to kernel-level threats – Week in Security with Tony Anscombe
https://www.welivesecurity.com/en/videos/adware-kernel-level-threats-week-security-tony-anscombe/
A purported ad blocker marketed as a security solution hides kernel-level malware that inadvertently exposes victims to even more dangerous threats
595
New Linux Variant of Play Ransomware Targeting VMWare ESXi Systems
https://thehackernews.com/2024/07/new-linux-variant-of-play-ransomware.html
Cybersecurity researchers have discovered a new Linux variant of a ransomware strain known as Play (aka Balloonfly and PlayCrypt) that's designed to target VMWare ESXi environments.
"This development suggests that the group could be broadening its attacks across the Linux platform, leading to an expanded victim pool and more successful ransom negotiations," Trend Micro researchers said in a
595
Cybercriminals Exploit CrowdStrike Update Mishap to Distribute Remcos RAT Malware
https://thehackernews.com/2024/07/cybercriminals-exploit-crowdstrike.html
Cybersecurity firm CrowdStrike, which is facing the heat for causing worldwide IT disruptions by pushing out a flawed update to Windows devices, is now warning that threat actors are exploiting the situation to distribute Remcos RAT to its customers in Latin America under the guise of a providing a hotfix.
The attack chains involve distributing a ZIP archive file named "crowdstrike-hotfix.zip,"
595
Beyond the blue screen of death: Why software updates matter
https://www.welivesecurity.com/en/cybersecurity/beyond-blue-screen-death-software-updates/
The widespread IT outages triggered by a faulty CrowdStrike update have put software updates in the spotlight. Here’s why you shouldn’t dread them.
595
The complexities of cybersecurity update processes
https://www.welivesecurity.com/en/cybersecurity/complexities-cybersecurity-update-processes/
If a software update process fails, it can lead to catastrophic consequences, as seen today with widespread blue screens of death blamed on a bad update by CrowdStrike
595
17-Year-Old Linked to Scattered Spider Cybercrime Syndicate Arrested in U.K.
https://thehackernews.com/2024/07/17-year-old-linked-to-scattered-spider.html
Law enforcement officials in the U.K. have arrested a 17-year-old boy from Walsall who is suspected to be a member of the notorious Scattered Spider cybercrime syndicate.
The arrest was made "in connection with a global cyber online crime group which has been targeting large organizations with ransomware and gaining access to computer networks," West Midlands police said. "The arrest is part of
595
Faulty CrowdStrike Update Crashes Windows Systems, Impacting Businesses Worldwide
https://thehackernews.com/2024/07/faulty-crowdstrike-update-crashes.html
Businesses across the world have been hit by widespread disruptions to their Windows workstations stemming from a faulty update pushed out by cybersecurity company CrowdStrike.
"CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts," the company's CEO George Kurtz said in a statement. "Mac and Linux hosts are not impacted. This is
595
Two Russian Nationals Plead Guilty in LockBit Ransomware Attacks
https://thehackernews.com/2024/07/two-russian-nationals-plead-guilty-in.html
Two Russian nationals have pleaded guilty in a U.S. court for their participation as affiliates in the LockBit ransomware scheme and helping facilitate ransomware attacks across the world.
The defendants include Ruslan Magomedovich Astamirov, 21, of Chechen Republic, and Mikhail Vasiliev, 34, a dual Canadian and Russian national of Bradford, Ontario.
Astamirov was arrested in Arizona by U.S. law
