ar
Feedback
TECHZONE™

TECHZONE™

الذهاب إلى القناة على Telegram

TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news

إظهار المزيد
595
المشتركون
-124 ساعات
لا توجد بيانات7 أيام
-930 أيام
أرشيف المشاركات
Safeguard Personal and Corporate Identities with Identity Intelligence https://thehackernews.com/2024/07/safeguard-personal-and-corporate.html Learn about critical threats that can impact your organization and the bad actors behind them from Cybersixgill’s threat experts. Each story shines a light on underground activities, the threat actors involved, and why you should care, along with what you can do to mitigate risk.  In the current cyber threat landscape, the protection of personal and corporate identities has become vital.

Pro-Houthi Group Targets Yemen Aid Organizations with Android Spyware https://thehackernews.com/2024/07/pro-houthi-group-targets-yemen-aid.html A suspected pro-Houthi threat group targeted at least three humanitarian organizations in Yemen with Android spyware designed to harvest sensitive information. These attacks, attributed to an activity cluster codenamed OilAlpha, entail a new set of malicious mobile apps that come with their own supporting infrastructure, Recorded Future's Insikt Group said. Targets of the ongoing campaign

HotPage: Story of a signed, vulnerable, ad-injecting driver https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/ A study of a sophisticated Chinese browser injector that leaves more doors open!

Summary of "AI Leaders Spill Their Secrets" Webinar https://thehackernews.com/2024/07/summary-of-ai-leaders-spill-their.html Event Overview The "AI Leaders Spill Their Secrets" webinar, hosted by Sigma Computing, featured prominent AI experts sharing their experiences and strategies for success in the AI industry. The panel included Michael Ward from Sardine, Damon Bryan from Hyperfinity, and Stephen Hillian from Astronomer, moderated by Zalak Trivedi, Sigma Computing's Product Manager. Key Speakers and Their

APT41 Infiltrates Networks in Italy, Spain, Taiwan, Turkey, and the U.K. https://thehackernews.com/2024/07/apt41-infiltrates-networks-in-italy.html Several organizations operating within global shipping and logistics, media and entertainment, technology, and automotive sectors in Italy, Spain, Taiwan, Thailand, Turkey, and the U.K. have become the target of a "sustained campaign" by the prolific China-based APT41 hacking group. "APT41 successfully infiltrated and maintained prolonged, unauthorized access to numerous victims' networks since

SolarWinds Patches 11 Critical Flaws in Access Rights Manager Software https://thehackernews.com/2024/07/solarwinds-patches-11-critical-flaws-in.html SolarWinds has addressed a set of critical security flaws impacting its Access Rights Manager (ARM) software that could be exploited to access sensitive information or execute arbitrary code. Of the 11 vulnerabilities, seven are rated Critical in severity and carry a CVSS score of 9.6 out of 10.0. The remaining four weaknesses have been rated High in severity, with each of them having a CVSS

WazirX Cryptocurrency Exchange Loses $230 Million in Major Security Breach https://thehackernews.com/2024/07/wazirx-cryptocurrency-exchange-loses.html Indian cryptocurrency exchange WazirX has confirmed that it was the target of a security breach that led to the theft of $230 million in cryptocurrency assets. "A cyber attack occurred in one of our [multi-signature] wallets involving a loss of funds exceeding $230 million," the company said in a statement. "This wallet was operated utilizing the services of Liminal's digital asset custody and

Alert: HotPage Adware Disguised as Ad Blocker Installs Malicious Kernel Driver https://thehackernews.com/2024/07/alert-hotpage-adware-disguised-as-ad.html Cybersecurity researchers have shed light on an adware module that purports to block ads and malicious websites, while stealthily offloading a kernel driver component that grants attackers the ability to run arbitrary code with elevated permissions on Windows hosts. The malware, dubbed HotPage, gets its name from the eponymous installer ("HotPage.exe"), according to new findings from ESET. The

AppSec Webinar: How to Turn Developers into Security Champions https://thehackernews.com/2024/07/appsec-webinar-how-to-turn-developers.html Let's face it: AppSec and developers often feel like they're on opposing teams. You're battling endless vulnerabilities while they just want to ship code. Sound familiar? It's a common challenge, but there is a solution. Ever wish they proactively cared about security? The answer lies in a proven, but often overlooked, strategy: Security Champion Programs — a way to turn developers from

Automated Threats Pose Increasing Risk to the Travel Industry https://thehackernews.com/2024/07/automated-threats-pose-increasing-risk.html As the travel industry rebounds post-pandemic, it is increasingly targeted by automated threats, with the sector experiencing nearly 21% of all bot attack requests last year. That’s according to research from Imperva, a Thales company. In their 2024 Bad Bot Report, Imperva finds that bad bots accounted for 44.5% of the industry’s web traffic in 2023—a significant jump from 37.4% in 2022. 

SAP AI Core Vulnerabilities Expose Customer Data to Cyber Attacks https://thehackernews.com/2024/07/sap-ai-core-vulnerabilities-expose.html Cybersecurity researchers have uncovered security shortcomings in SAP AI Core cloud-based platform for creating and deploying predictive artificial intelligence (AI) workflows that could be exploited to get hold of access tokens and customer data. The five vulnerabilities have been collectively dubbed SAPwned by cloud security firm Wiz. "The vulnerabilities we found could have allowed attackers

TAG-100: New Threat Actor Uses Open-Source Tools for Widespread Attacks https://thehackernews.com/2024/07/tag-100-new-threat-actor-uses-open.html Unknown threat actors have been observed leveraging open-source tools as part of a suspected cyber espionage campaign targeting global government and private sector organizations. Recorded Future's Insikt Group is tracking the activity under the temporary moniker TAG-100, noting that the adversary likely compromised organizations in at least ten countries across Africa, Asia, North America,

Meta Halts AI Use in Brazil Following Data Protection Authority's Ban https://thehackernews.com/2024/07/meta-halts-ai-use-in-brazil-following.html Meta has suspended the use of generative artificial intelligence (GenAI) in Brazil after the country's data protection authority issued a preliminary ban objecting to its new privacy policy. The development was first reported by news agency Reuters. The company said it has decided to suspend the tools while it is in talks with Brazil's National Data Protection Authority (ANPD) to address the

Cisco Warns of Critical Flaw Affecting On-Prem Smart Software Manager https://thehackernews.com/2024/07/cisco-warns-of-critical-flaw-affecting.html Cisco has released patches to address a maximum-severity security flaw impacting Smart Software Manager On-Prem (Cisco SSM On-Prem) that could enable a remote, unauthenticated attacker to change the password of any users, including those belonging to administrative users. The vulnerability, tracked as CVE-2024-20419, carries a CVSS score of 10.0. "This vulnerability is due to improper

North Korean Hackers Update BeaverTail Malware to Target MacOS Users https://thehackernews.com/2024/07/north-korean-hackers-update-beavertail.html Cybersecurity researchers have discovered an updated variant of a known stealer malware that attackers affiliated with the Democratic People's Republic of Korea (DPRK) have delivered as part of prior cyber espionage campaigns targeting job seekers. The artifact in question is an Apple macOS disk image (DMG) file named "MiroTalk.dmg" that mimics the legitimate video call service of the same name,

Small but mighty: Top 5 pocket-sized gadgets to boost your ethical hacking skills https://www.welivesecurity.com/en/cybersecurity/small-but-mighty-top-5-pocket-sized-gadgets-boost-ethical-hacking-skills/ These five formidable bits of kit that can assist cyber-defenders in spotting chinks in corporate armors and help hobbyist hackers deepen their understanding of cybersecurity

Navigating Insider Risks: Are your Employees Enabling External Threats? https://thehackernews.com/2024/07/navigating-insider-risks-are-your.html Attacks on your network are often meticulously planned operations launched by sophisticated threats. Sometimes your technical fortifications provide a formidable challenge, and the attack requires assistance from the inside to succeed. For example, in 2022, the FBI issued a warning1 that SIM swap attacks are growing: gain control of the phone and earn a gateway to email, bank accounts, stocks,

FIN7 Group Advertises Security-Bypassing Tool on Dark Web Forums https://thehackernews.com/2024/07/fin7-group-advertises-security.html The financially motivated threat actor known as FIN7 has been observed using multiple pseudonyms across several underground forums to likely advertise a tool known to be used by ransomware groups like Black Basta. "AvNeutralizer (aka AuKill), a highly specialized tool developed by FIN7 to tamper with security solutions, has been marketed in the criminal underground and used by multiple

China-linked APT17 Targets Italian Companies with 9002 RAT Malware https://thehackernews.com/2024/07/china-linked-apt17-targets-italian.html A China-linked threat actor called APT17 has been observed targeting Italian companies and government entities using a variant of a known malware referred to as 9002 RAT. The two targeted attacks took place on June 24 and July 2, 2024, Italian cybersecurity company TG Soft said in an analysis published last week. "The first campaign on June 24, 2024 used an Office document, while the second

Scattered Spider Adopts RansomHub and Qilin Ransomware for Cyber Attacks https://thehackernews.com/2024/07/scattered-spider-adopts-ransomhub-and.html The infamous cybercrime group known as Scattered Spider has incorporated ransomware strains such as RansomHub and Qilin into its arsenal, Microsoft has revealed. Scattered Spider is the designation given to a threat actor that's known for its sophisticated social engineering schemes to breach targets and establish persistence for follow-on exploitation and data theft. It also has a history of