ar
Feedback
TECHZONE™

TECHZONE™

الذهاب إلى القناة على Telegram

TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news

إظهار المزيد
595
المشتركون
لا توجد بيانات24 ساعات
لا توجد بيانات7 أيام
-1030 أيام
أرشيف المشاركات
North Korean Hackers Target Crypto Firms with Hidden Risk Malware on macOS https://thehackernews.com/2024/11/north-korean-hackers-target-crypto.html A threat actor with ties to the Democratic People's Republic of Korea (DPRK) has been observed targeting cryptocurrency-related businesses with a multi-stage malware capable of infecting Apple macOS devices. Cybersecurity company SentinelOne, which dubbed the campaign Hidden Risk, attributed it with high confidence to BlueNoroff, which has been previously linked to malware families such as

A Hacker's Guide to Password Cracking https://thehackernews.com/2024/11/a-hackers-guide-to-password-cracking.html Defending your organization’s security is like fortifying a castle—you need to understand where attackers will strike and how they’ll try to breach your walls. And hackers are always searching for weaknesses, whether it’s a lax password policy or a forgotten backdoor. To build a stronger defense, you must think like a hacker and anticipate their moves. Read on to learn more about hackers'

5 Most Common Malware Techniques in 2024 https://thehackernews.com/2024/11/5-most-common-malware-techniques-in-2024.html Tactics, techniques, and procedures (TTPs) form the foundation of modern defense strategies. Unlike indicators of compromise (IOCs), TTPs are more stable, making them a reliable way to identify specific cyber threats. Here are some of the most commonly used techniques, according to ANY.RUN's Q3 2024 report on malware trends, complete with real-world examples. Disabling of Windows Event Logging

SteelFox and Rhadamanthys Malware Use Copyright Scams, Driver Exploits to Target Victims https://thehackernews.com/2024/11/steelfox-and-rhadamanthys-malware-use.html An ongoing phishing campaign is employing copyright infringement-related themes to trick victims into downloading a newer version of the Rhadamanthys information stealer since July 2024. Cybersecurity firm Check Point is tracking the large-scale campaign under the name CopyRh(ight)adamantys. Targeted regions include the United States, Europe, East Asia, and South America. "The campaign

Malicious PyPI Package ‘Fabrice’ Found Stealing AWS Keys from Thousands of Developers https://thehackernews.com/2024/11/malicious-pypi-package-fabrice-found.html Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) that has racked up thousands of downloads for over three years while stealthily exfiltrating developers' Amazon Web Services (AWS) credentials. The package in question is "fabrice," which typosquats a popular Python library known as "fabric," which is designed to execute shell commands remotely over

Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems https://thehackernews.com/2024/11/cisco-releases-patch-for-critical-urwb.html Cisco has released security updates to address a maximum severity security flaw impacting Ultra-Reliable Wireless Backhaul (URWB) Access Points that could permit unauthenticated, remote attackers to run commands with elevated privileges. Tracked as CVE-2024-20418 (CVS score: 10.0), the vulnerability has been described as stemming from a lack of input validation to the web-based management

Canada Orders TikTok to Shut Down Canadian Operations Over Security Concerns https://thehackernews.com/2024/11/canada-orders-tiktok-to-shut-down.html The Canadian government on Wednesday ordered ByteDance-owned TikTok to dissolve its operations in the country, citing national security risks, but stopped short of instituting a ban on the popular video-sharing platform. "The decision was based on the information and evidence collected over the course of the review and on the advice of Canada's security and intelligence community and other

VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware https://thehackernews.com/2024/11/veildrive-attack-exploits-microsoft.html An ongoing threat campaign dubbed VEILDrive has been observed taking advantage of legitimate services from Microsoft, including Teams, SharePoint, Quick Assist, and OneDrive, as part of its modus operandi. "Leveraging Microsoft SaaS services — including Teams, SharePoint, Quick Assist, and OneDrive — the attacker exploited the trusted infrastructures of previously compromised organizations to

New Winos 4.0 Malware Infects Gamers Through Malicious Game Optimization Apps https://thehackernews.com/2024/11/new-winos-40-malware-infects-gamers.html Cybersecurity researchers are warning that a command-and-control (C&C) framework called Winos is being distributed within gaming-related applications like installation tools, speed boosters, and optimization utilities. "Winos 4.0 is an advanced malicious framework that offers comprehensive functionality, a stable architecture, and efficient control over numerous online endpoints to execute

9 Steps to Get CTEM on Your 2025 Budgetary Radar https://thehackernews.com/2024/11/9-steps-to-get-ctem-on-your-2025.html Budget season is upon us, and everyone in your organization is vying for their slice of the pie. Every year, every department has a pet project that they present as absolutely essential to profitability, business continuity, and quite possibly the future of humanity itself. And no doubt that some of these actually may be mission critical. But as cybersecurity professionals, we understand that

INTERPOL Disrupts Over 22,000 Malicious Servers in Global Crackdown on Cybercrime https://thehackernews.com/2024/11/interpols-operation-synergia-ii.html INTERPOL on Tuesday said it took down more than 22,000 malicious servers linked to various cyber threats as part of a global operation. Dubbed Operation Synergia II, the coordinated effort ran from April 1 to August 31, 2024, targeting phishing, ransomware, and information stealer infrastructure. "Of the approximately 30,000 suspicious IP addresses identified, 76 per cent were taken down and 59

South Korea Fines Meta $15.67M for Illegally Sharing Sensitive User Data with Advertisers https://thehackernews.com/2024/11/south-korea-fines-meta-1567m-for.html Meta has been fined 21.62 billion won ($15.67 million) by South Korea's data privacy watchdog for illegally collecting sensitive personal information from Facebook users, including data about their political views and sexual orientation, and sharing it with advertisers without their consent. The country's Personal Information Protection Commission (PIPC) said Meta gathered information such as

Google Cloud to Enforce Multi-Factor Authentication by 2025 for All Users https://thehackernews.com/2024/11/google-cloud-to-enforce-multi-factor.html Google's cloud division has announced that it will enforce mandatory multi-factor authentication (MFA) for all users by the end of 2025 as part of its efforts to improve account security. "We will be implementing mandatory MFA for Google Cloud in a phased approach that will roll out to all users worldwide during 2025," Mayank Upadhyay, vice president of engineering and distinguished engineer at

FBI Seeks Public Help to Identify Chinese Hackers Behind Global Cyber Intrusions https://thehackernews.com/2024/11/fbi-seeks-public-help-to-identify.html The U.S. Federal Bureau of Investigation (FBI) has sought assistance from the public in connection with an investigation involving the breach of edge devices and computer networks belonging to companies and government entities. "An Advanced Persistent Threat group allegedly created and deployed malware (CVE-2020-12271) as part of a widespread series of indiscriminate computer intrusions designed

New Android Banking Malware 'ToxicPanda' Targets Users with Fraudulent Money Transfers https://thehackernews.com/2024/11/new-android-banking-malware-toxicpanda.html Over 1,500 Android devices have been infected by a new strain of Android banking malware called ToxicPanda that allows threat actors to conduct fraudulent banking transactions. "ToxicPanda's main goal is to initiate money transfers from compromised devices via account takeover (ATO) using a well-known technique called on-device fraud (ODF)," Cleafy researchers Michele Roviello, Alessandro Strino

Leveraging Wazuh for Zero Trust security https://thehackernews.com/2024/11/leveraging-wazuh-for-zero-trust-security.html Zero Trust security changes how organizations handle security by doing away with implicit trust while continuously analyzing and validating access requests. Contrary to perimeter-based security, users within an environment are not automatically trusted upon gaining access. Zero Trust security encourages continuous monitoring of every device and user, which ensures sustained protection after

Synology Urges Patch for Critical Zero-Click RCE Flaw Affecting Millions of NAS Devices https://thehackernews.com/2024/11/synology-urges-patch-for-critical-zero.html Taiwanese network-attached storage (NAS) appliance maker Synology has addressed a critical security flaw impacting DiskStation and BeePhotos that could lead to remote code execution. Tracked as CVE-2024-10443 and dubbed RISK:STATION by Midnight Blue, the zero-day flaw was demonstrated at the Pwn2Own Ireland 2024 hacking contest by security researcher Rick de Jager. RISK:STATION is an "

Malware Campaign Uses Ethereum Smart Contracts to Control npm Typosquat Packages https://thehackernews.com/2024/11/malware-campaign-uses-ethereum-smart.html An ongoing campaign is targeting npm developers with hundreds of typosquat versions of their legitimate counterparts in an attempt to trick them into running cross-platform malware. The attack is notable for utilizing Ethereum smart contracts for command-and-control (C2) server address distribution, according to independent findings from Checkmarx, Phylum, and Socket published over the past few

Canadian Suspect Arrested Over Snowflake Data Breach and Extortion Attacks https://thehackernews.com/2024/11/canadian-suspect-arrested-over.html Canadian law enforcement authorities have arrested an individual who is suspected to have conducted a series of hacks stemming from the breach of cloud data warehousing platform Snowflake earlier this year. The individual in question, Alexander "Connor" Moucka (aka Judische and Waifu), was apprehended on October 30, 2024, on the basis of a provisional arrest warrant, following a request by the

Google Warns of Actively Exploited CVE-2024-43093 Vulnerability in Android System https://thehackernews.com/2024/11/google-warns-of-actively-exploited-cve.html Google has warned that a security flaw impacting its Android operating system has come under active exploitation in the wild. The vulnerability, tracked as CVE-2024-43093, has been described as a privilege escalation flaw in the Android Framework component that could result in unauthorized access to "Android/data," "Android/obb," and "Android/sandbox" directories and its sub-directories,