TECHZONE™
الذهاب إلى القناة على Telegram
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
إظهار المزيد595
المشتركون
لا توجد بيانات24 ساعات
لا توجد بيانات7 أيام
-730 أيام
أرشيف المشاركات
594
Telerik Report Server Flaw Could Let Attackers Create Rogue Admin Accounts
https://thehackernews.com/2024/06/telerik-report-server-flaw-could-let.html
Progress Software has rolled out updates to address a critical security flaw impacting the Telerik Report Server that could be potentially exploited by a remote attacker to bypass authentication and create rogue administrator users.
The issue, tracked as CVE-2024-4358, carries a CVSS score of 9.8 out of a maximum of 10.0.
"In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or
594
The Next Generation of RBI (Remote Browser Isolation)
https://thehackernews.com/2024/06/the-next-generation-of-rbi-remote.html
The landscape of browser security has undergone significant changes over the past decade. While Browser Isolation was once considered the gold standard for protecting against browser exploits and malware downloads, it has become increasingly inadequate and insecure in today's SaaS-centric world.
The limitations of Browser Isolation, such as degraded browser performance and inability to tackle
594
Hackers Use MS Excel Macro to Launch Multi-Stage Malware Attack in Ukraine
https://thehackernews.com/2024/06/hackers-use-ms-excel-macro-to-launch.html
A new sophisticated cyber attack has been observed targeting endpoints geolocated to Ukraine with an aim to deploy Cobalt Strike and seize control of the compromised hosts.
The attack chain, per Fortinet FortiGuard Labs, involves a Microsoft Excel file that carries an embedded VBA macro to initiate the infection,
"The attacker uses a multi-stage malware strategy to deliver the notorious 'Cobalt
594
Snowflake Warns: Targeted Credential Theft Campaign Hits Cloud Customers
https://thehackernews.com/2024/06/snowflake-warns-targeted-credential.html
Cloud computing and analytics company Snowflake said a "limited number" of its customers have been singled out as part of a targeted campaign.
"We have not identified evidence suggesting this activity was caused by a vulnerability, misconfiguration, or breach of Snowflake’s platform," the company said in a joint statement along with CrowdStrike and Google-owned Mandiant.
"We have not identified
594
DarkGate Malware Replaces AutoIt with AutoHotkey in Latest Cyber Attacks
https://thehackernews.com/2024/06/darkgate-malware-replaces-autoit-with.html
Cyber attacks involving the DarkGate malware-as-a-service (MaaS) operation have shifted away from AutoIt scripts to an AutoHotkey mechanism to deliver the last stages, underscoring continued efforts on the part of the threat actors to continuously stay ahead of the detection curve.
The updates have been observed in version 6 of DarkGate released in March 2024 by its developer RastaFarEye, who
594
The murky world of password leaks – and how to check if you’ve been hit
https://www.welivesecurity.com/en/how-to/the-murky-world-of-password-leaks-and-how-to-check-if-youve-been-hit/
Password leaks are increasingly common and figuring out whether the keys to your own kingdom have been exposed might be tricky – unless you know where to look
594
Oracle WebLogic Server OS Command Injection Flaw Under Active Attack
https://thehackernews.com/2024/06/oracle-weblogic-server-os-command.html
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a security flaw impacting the Oracle WebLogic Server to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
Tracked as CVE-2017-3506 (CVSS score: 7.4), the issue concerns an operating system (OS) command injection vulnerability that could be exploited to obtain unauthorized
594
Researchers Uncover RAT-Dropping npm Package Targeting Gulp Users
https://thehackernews.com/2024/06/researchers-uncover-rat-dropping-npm.html
Cybersecurity researchers have uncovered a new suspicious package uploaded to the npm package registry that's designed to drop a remote access trojan (RAT) on compromised systems.
The package in question is glup-debugger-log, which targets users of the gulp toolkit by masquerading as a "logger for gulp and gulp plugins." It has been downloaded 175 times to date.
Software supply chain security
594
Authorities Ramp Up Efforts to Capture the Mastermind Behind Emotet
https://thehackernews.com/2024/06/authorities-ramp-up-efforts-to-capture.html
Law enforcement authorities behind Operation Endgame are seeking information related to an individual who goes by the name Odd and is allegedly the mastermind behind the Emotet malware.
Odd is also said to go by the nicknames Aron, C700, Cbd748, Ivanov Odd, Mors, Morse, Veron over the past few years, according to a video released by the agencies.
"Who is he working with? What is his
594
SASE Threat Report: 8 Key Findings for Enterprise Security
https://thehackernews.com/2024/06/sase-threat-report-8-key-findings-for.html
Threat actors are evolving, yet Cyber Threat Intelligence (CTI) remains confined to each isolated point solution. Organizations require a holistic analysis across external data, inbound and outbound threats and network activity. This will enable evaluating the true state of cybersecurity in the enterprise.
Cato’s Cyber Threat Research Lab (Cato CTRL, see more details below) has recently released
594
Researcher Uncovers Flaws in Cox Modems, Potentially Impacting Millions
https://thehackernews.com/2024/06/researcher-uncovers-flaws-in-cox-modems.html
Now-patched authorization bypass issues impacting Cox modems that could have been abused as a starting point to gain unauthorized access to the devices and run malicious commands.
"This series of vulnerabilities demonstrated a way in which a fully external attacker with no prerequisites could've executed commands and modified the settings of millions of modems, accessed any business customer's
594
Andariel Hackers Target South Korean Institutes with New Dora RAT Malware
https://thehackernews.com/2024/06/andariel-hackers-target-south-korean.html
The North Korea-linked threat actor known as Andariel has been observed using a new Golang-based backdoor called Dora RAT in its attacks targeting educational institutes, manufacturing firms, and construction businesses in South Korea.
"Keylogger, Infostealer, and proxy tools on top of the backdoor were utilized for the attacks," the AhnLab Security Intelligence Center (ASEC) said in a report
594
Beware: Fake Browser Updates Deliver BitRAT and Lumma Stealer Malware
https://thehackernews.com/2024/06/beware-fake-browser-updates-deliver.html
Fake web browser updates are being used to deliver remote access trojans (RATs) and information stealer malware such as BitRAT and Lumma Stealer (aka LummaC2).
"Fake browser updates have been responsible for numerous malware infections, including those of the well-known SocGholish malware," cybersecurity firm eSentire said in a new report. "In April 2024, we observed FakeBat being distributed
594
AI Company Hugging Face Notifies Users of Suspected Unauthorized Access
https://thehackernews.com/2024/06/ai-company-hugging-face-notifies-users.html
Artificial Intelligence (AI) company Hugging Face on Friday disclosed that it detected unauthorized access to its Spaces platform earlier this week.
"We have suspicions that a subset of Spaces’ secrets could have been accessed without authorization," it said in an advisory.
Spaces offers a way for users to create, host, and share AI and machine learning (ML) applications. It also functions as a
594
What happens when facial recognition gets it wrong – Week in security with Tony Anscombe
https://www.welivesecurity.com/en/videos/what-happens-facial-recognition-gets-wrong-week-security-tony-anscombe/
A woman in London has been misidentified as a shoplifter by a facial recognition system amid fresh concerns over the technology's accuracy and reliability
594
Mysterious Cyber Attack Took Down 600,000+ Routers in the U.S.
https://thehackernews.com/2024/05/mysterious-cyber-attack-takes-down.html
More than 600,000 small office/home office (SOHO) routers are estimated to have been bricked and taken offline following a destructive cyber attack staged by unidentified cyber actors, disrupting users' access to the internet.
The mysterious event, which took place between October 25 and 27, 2023, and impacted a single internet service provider (ISP) in the U.S., has been codenamed Pumpkin
594
Microsoft Warns of Surge in Cyber Attacks Targeting Internet-Exposed OT Devices
https://thehackernews.com/2024/05/microsoft-warns-of-surge-in-cyber.html
Microsoft has emphasized the need for securing internet-exposed operational technology (OT) devices following a spate of cyber attacks targeting such environments since late 2023.
"These repeated attacks against OT devices emphasize the crucial need to improve the security posture of OT devices and prevent critical systems from becoming easy targets," the Microsoft Threat Intelligence team said.
594
Beyond Threat Detection – A Race to Digital Security
https://thehackernews.com/2024/05/beyond-threat-detection-race-to-digital.html
Digital content is a double-edged sword, providing vast benefits while simultaneously posing significant threats to organizations across the globe. The sharing of digital content has increased significantly in recent years, mainly via email, digital documents, and chat. In turn, this has created an expansive attack surface and has made ‘digital content’ the preferred carrier for cybercriminals
594
Russian Hackers Target Europe with HeadLace Malware and Credential Harvesting
https://thehackernews.com/2024/05/russian-hackers-target-europe-with.html
The Russian GRU-backed threat actor APT28 has been attributed as behind a series of campaigns targeting networks across Europe with the HeadLace malware and credential-harvesting web pages.
APT28, also known by the names BlueDelta, Fancy Bear, Forest Blizzard, FROZENLAKE, Iron Twilight, ITG05, Pawn Storm, Sednit, Sofacy, and TA422, is an advanced persistent threat (APT) group affiliated with
594
OpenAI, Meta, TikTok Disrupt Multiple AI-Powered Disinformation Campaigns
https://thehackernews.com/2024/05/openai-meta-tiktok-disrupt-multiple-ai.html
OpenAI on Thursday disclosed that it took steps to cut off five covert influence operations (IO) originating from China, Iran, Israel, and Russia that sought to abuse its artificial intelligence (AI) tools to manipulate public discourse or political outcomes online while obscuring their true identity.
These activities, which were detected over the past three months, used its AI models to
