TECHZONE™
الذهاب إلى القناة على Telegram
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
إظهار المزيد595
المشتركون
لا توجد بيانات24 ساعات
لا توجد بيانات7 أيام
-730 أيام
أرشيف المشاركات
595
Warning: Markopolo's Scam Targeting Crypto Users via Fake Meeting Software
https://thehackernews.com/2024/06/warning-markopolos-scam-targeting.html
A threat actor who goes by alias markopolo has been identified as behind a large-scale cross-platform scam that targets digital currency users on social media with information stealer malware and carries out cryptocurrency theft.
The attack chains involve the use of a purported virtual meeting software named Vortax (and 23 other apps) that are used as a conduit to deliver Rhadamanthys, StealC,
595
Mailcow Mail Server Flaws Expose Servers to Remote Code Execution
https://thehackernews.com/2024/06/mailcow-mail-server-flaws-expose.html
Two security vulnerabilities have been disclosed in the Mailcow open-source mail server suite that could be exploited by malicious actors to achieve arbitrary code execution on susceptible instances.
Both shortcomings impact all versions of the software prior to version 2024-04, which was released on April 4, 2024. The issues were responsibly disclosed by SonarSource on March 22, 2024.
The flaws
595
Signal Foundation Warns Against EU's Plan to Scan Private Messages for CSAM
https://thehackernews.com/2024/06/signal-foundation-warns-against-eus.html
A controversial proposal put forth by the European Union to scan users' private messages for detection child sexual abuse material (CSAM) poses severe risks to end-to-end encryption (E2EE), warned Meredith Whittaker, president of the Signal Foundation, which maintains the privacy-focused messaging service of the same name.
"Mandating mass scanning of private communications fundamentally
595
Cybercriminals Exploit Free Software Lures to Deploy Hijack Loader and Vidar Stealer
https://thehackernews.com/2024/06/cybercriminals-exploit-free-software.html
Threat actors are luring unsuspecting users with free or pirated versions of commercial software to deliver a malware loader called Hijack Loader, which then deploys an information stealer known as Vidar Stealer.
"Adversaries had managed to trick users into downloading password-protected archive files containing trojanized copies of a Cisco Webex Meetings App (ptService.exe)," Trellix security
595
The Annual SaaS Security Report: 2025 CISO Plans and Priorities
https://thehackernews.com/2024/06/the-annual-saas-security-report-2025.html
Seventy percent of enterprises are prioritizing investment in SaaS security by establishing dedicated teams to secure SaaS applications, as part of a growing trend of maturity in this field of cybersecurity, according to a new survey released this month by the Cloud Security Alliance (CSA).
Despite economic instability and major job cuts in 2023, organizations drastically increased investment in
595
New Malware Targets Exposed Docker APIs for Cryptocurrency Mining
https://thehackernews.com/2024/06/new-malware-targets-exposed-docker-apis.html
Cybersecurity researchers have uncovered a new malware campaign that targets publicly exposed Docket API endpoints with the aim of delivering cryptocurrency miners and other payloads.
Included among the tools deployed is a remote access tool that's capable of downloading and executing more malicious programs as well as a utility to propagate the malware via SSH, cloud analytics platform Datadog
595
VMware Issues Patches for Cloud Foundation, vCenter Server, and vSphere ESXi
https://thehackernews.com/2024/06/vmware-issues-patches-for-cloud.html
VMware has released updates to address critical flaws impacting Cloud Foundation, vCenter Server, and vSphere ESXi that could be exploited to achieve privilege escalation and remote code execution.
The list of vulnerabilities is as follows -
CVE-2024-37079 & CVE-2024-37080 (CVSS scores: 9.8) - Multiple heap-overflow vulnerabilities in the implementation of the DCE/RPC protocol that could
595
Singapore Police Extradites Malaysians Linked to Android Malware Fraud
https://thehackernews.com/2024/06/singapore-police-extradites-malaysians.html
The Singapore Police Force (SPF) has announced the extradition of two men from Malaysia for their alleged involvement in a mobile malware campaign targeting citizens in the country since June 2023.
The unnamed individuals, aged 26 and 47, engaged in scams that tricked unsuspecting users into downloading malicious apps onto their Android devices via phishing campaigns with the aim of stealing
595
Preventative defense tactics in the real world
https://www.welivesecurity.com/en/business-security/preventative-defense-tactics-real-world/
Don’t get hacked in the first place – it costs far less than dealing with the aftermath of a successful attack
595
ASUS Patches Critical Authentication Bypass Flaw in Multiple Router Models
https://thehackernews.com/2024/06/asus-patches-critical-authentication.html
ASUS has shipped software updates to address a critical security flaw impacting its routers that could be exploited by malicious actors to bypass authentication.
Tracked as CVE-2024-3080, the vulnerability carries a CVSS score of 9.8 out of a maximum of 10.0.
"Certain ASUS router models have authentication bypass vulnerability, allowing unauthenticated remote attackers to log in the device,"
595
China-Linked Hackers Infiltrate East Asian Firm for 3 Years Using F5 Devices
https://thehackernews.com/2024/06/china-linked-hackers-infiltrate-east.html
A suspected China-nexus cyber espionage actor has been attributed as behind a prolonged attack against an unnamed organization located in East Asia for a period of about three years, with the adversary establishing persistence using legacy F5 BIG-IP appliances and using it as an internal command-and-control (C&C) for defense evasion purposes.
Cybersecurity company Sygnia, which responded to
595
What is DevSecOps and Why is it Essential for Secure Software Delivery?
https://thehackernews.com/2024/06/what-is-devsecops-and-why-is-it.html
Traditional application security practices are not effective in the modern DevOps world. When security scans are run only at the end of the software delivery lifecycle (either right before or after a service is deployed), the ensuing process of compiling and fixing vulnerabilities creates massive overhead for developers. The overhead that degrades velocity and puts production deadlines at risk.
595
Hackers Exploit Legitimate Websites to Deliver BadSpace Windows Backdoor
https://thehackernews.com/2024/06/hackers-exploit-legitimate-websites-to.html
Legitimate-but-compromised websites are being used as a conduit to deliver a Windows backdoor dubbed BadSpace under the guise of fake browser updates.
"The threat actor employs a multi-stage attack chain involving an infected website, a command-and-control (C2) server, in some cases a fake browser update, and a JScript downloader to deploy a backdoor into the victim's system," German
595
NiceRAT Malware Targets South Korean Users via Cracked Software
https://thehackernews.com/2024/06/nicerat-malware-targets-south-korean.html
Threat actors have been observed deploying a malware called NiceRAT to co-opt infected devices into a botnet.
The attacks, which target South Korean users, are designed to propagate the malware under the guise of cracked software, such as Microsoft Windows, or tools that purport to offer license verification for Microsoft Office.
"Due to the nature of crack programs, information sharing amongst
595
U.K. Hacker Linked to Notorious Scattered Spider Group Arrested in Spain
https://thehackernews.com/2024/06/uk-hacker-linked-to-notorious-scattered.html
Law enforcement authorities have allegedly arrested a key member of the notorious cybercrime group called Scattered Spider.
The individual, a 22-year-old man from the United Kingdom, was arrested this week in the Spanish city of Palma de Mallorca as he attempted to board a flight to Italy. The move is said to be a joint effort between the U.S. Federal Bureau of Investigation (FBI) and the
595
Grandoreiro Banking Trojan Hits Brazil as Smishing Scams Surge in Pakistan
https://thehackernews.com/2024/06/grandoreiro-banking-trojan-hits-brazil.html
Pakistan has become the latest target of a threat actor called the Smishing Triad, marking the first expansion of its footprint beyond the E.U., Saudi Arabia, the U.A.E., and the U.S.
"The group's latest tactic involves sending malicious messages on behalf of Pakistan Post to customers of mobile carriers via iMessage and SMS," Resecurity said in a report published earlier this week. "The goal is
595
Pakistani Hackers Use DISGOMOJI Malware in Indian Government Cyber Attacks
https://thehackernews.com/2024/06/pakistani-hackers-use-disgomoji-malware.html
A suspected Pakistan-based threat actor has been linked to a cyber espionage campaign targeting Indian government entities in 2024.
Cybersecurity company Volexity is tracking the activity under the moniker UTA0137, noting the adversary's exclusive use of a malware called DISGOMOJI that's written in Golang and is designed to infect Linux systems.
"It is a modified version of the public project
595
Meta Halts AI Training on EU User Data Amid Privacy Concerns
https://thehackernews.com/2024/06/meta-halts-ai-training-on-eu-user-data.html
Meta on Friday said it's delaying its efforts to train the company's large language models (LLMs) using public content shared by adult users on Facebook and Instagram in the European Union following a request from the Irish Data Protection Commission (DPC).
The company expressed disappointment at having to put its AI plans on pause, stating it had taken into account feedback from regulators and
595
How Arid Viper spies on Android users in the Middle East – Week in security with Tony Anscombe
https://www.welivesecurity.com/en/videos/arid-viper-spies-android-users-middle-east-week-security-tony-anscombe/
The spyware, called AridSpy by ESET, is distributed through websites that pose as various messaging apps, a job search app, and a Palestinian Civil Registry app
595
ESET Research Podcast: APT Activity Report Q4 2023–Q1 2024
https://www.welivesecurity.com/en/podcasts/eset-research-podcast-apt-activity-report-q4-2023-q1-2024/
The I-SOON data leak confirms that this contractor is involved in cyberespionage for China, while Iran-aligned groups step up aggressive tactics following the Hamas-led attack on Israel in 2023
