TECHZONE™
الذهاب إلى القناة على Telegram
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
إظهار المزيد595
المشتركون
لا توجد بيانات24 ساعات
-17 أيام
-1030 أيام
أرشيف المشاركات
595
PrintNightmare Aftermath: Windows Print Spooler is Better. What's Next?
https://www.darkreading.com/endpoint-security/windows-print-spooler-security-improves-in-wake-of-printnightmare-scare
595
Researchers Uncover Lazarus Group Admin Layer for C2 Servers
https://www.darkreading.com/cyberattacks-data-breaches/researchers-uncover-lazarus-admin-layer-c2-servers
595
Unpatched Zyxel CPE Zero-Day Pummeled by Cyberattackers
https://www.darkreading.com/endpoint-security/unpatched-zyxel-cpe-zero-day-cyberattackers
595
Mirai Variant 'Aquabot' Exploits Mitel Device Flaws
https://www.darkreading.com/endpoint-security/mirai-variant-aquabot-exploits-mitel-phone-flaws
595
Lazarus Group Uses React-Based Admin Panel to Control Global Cyber Attacks
https://thehackernews.com/2025/01/lazarus-group-uses-react-based-admin.html
The North Korean threat actor known as the Lazarus Group has been observed leveraging a "web-based administrative platform" to oversee its command-and-control (C2) infrastructure, giving the adversary the ability to centrally supervise all aspects of their campaigns.
"Each C2 server hosted a web-based administrative platform, built with a React application and a Node.js API," SecurityScorecard's
595
AI in Cybersecurity: What's Effective and What’s Not – Insights from 200 Experts
https://thehackernews.com/2025/01/ai-in-cybersecurity-whats-effective-and.html
Curious about the buzz around AI in cybersecurity? Wonder if it's just a shiny new toy in the tech world or a serious game changer? Let's unpack this together in a not-to-be-missed webinar that goes beyond the hype to explore the real impact of AI on cybersecurity.
Join Ravid Circus, a seasoned pro in cybersecurity and AI, as we peel back the layers of AI in cybersecurity through a revealing
595
New SLAP & FLOP Attacks Expose Apple M-Series Chips to Speculative Execution Exploits
https://thehackernews.com/2025/01/new-slap-flop-attacks-expose-apple-m.html
A team of security researchers from Georgia Institute of Technology and Ruhr University Bochum has demonstrated two new side-channel attacks targeting Apple silicon that could be exploited to leak sensitive information from web browsers like Safari and Google Chrome.
The attacks have been codenamed Data Speculation Attacks via Load Address Prediction on Apple Silicon (SLAP) and Breaking the
595
The Old Ways of Vendor Risk Management Are No Longer Good Enough
https://www.darkreading.com/vulnerabilities-threats/old-ways-vendor-risk-management-no-longer-good-enough
595
7 Tips for Strategically Saying "No" in Cybersecurity
https://www.darkreading.com/cybersecurity-operations/7-tips-for-strategically-saying-no-in-cybersecurity
595
CrowdStrike Highlights Magnitude of Insider Risk
https://www.darkreading.com/insider-threats/crowdstrike-highlights-magnitude-of-insider-risk
595
How Interlock Ransomware Infects Healthcare Organizations
https://thehackernews.com/2025/01/how-interlock-ransomware-infects.html
Ransomware attacks have reached an unprecedented scale in the healthcare sector, exposing vulnerabilities that put millions at risk. Recently, UnitedHealth revealed that 190 million Americans had their personal and healthcare data stolen during the Change Healthcare ransomware attack, a figure that nearly doubles the previously disclosed total.
This breach shows just how deeply ransomware
595
Critical Cacti Security Flaw (CVE-2025-22604) Enables Remote Code Execution
https://thehackernews.com/2025/01/critical-cacti-security-flaw-cve-2025.html
A critical security flaw has been disclosed in the Cacti open-source network monitoring and fault management framework that could allow an authenticated attacker to achieve remote code execution on susceptible instances.
The flaw, tracked as CVE-2025-22604, carries a CVSS score of 9.1 out of a maximum of 10.0.
"Due to a flaw in the multi-line SNMP result parser, authenticated users can inject
595
UAC-0063 Expands Cyber Attacks to European Embassies Using Stolen Documents
https://thehackernews.com/2025/01/uac-0063-expands-cyber-attacks-to.html
The advanced persistent threat (APT) group known as UAC-0063 has been observed leveraging legitimate documents obtained by infiltrating one victim to attack another target with the goal of delivering a known malware dubbed HATVIBE.
"This research focuses on completing the picture of UAC-0063's operations, particularly documenting their expansion beyond their initial focus on Central Asia,
595
Broadcom Warns of High-Severity SQL Injection Flaw in VMware Avi Load Balancer
https://thehackernews.com/2025/01/broadcom-warns-of-high-severity-sql.html
Broadcom has alerted of a high-severity security flaw in VMware Avi Load Balancer that could be weaponized by malicious actors to gain entrenched database access.
The vulnerability, tracked as CVE-2025-22217 (CVSS score: 8.6), has been described as an unauthenticated blind SQL injection.
"A malicious user with network access may be able to use specially crafted SQL queries to gain database
595
Zyxel CPE Devices Face Active Exploitation Due to Unpatched CVE-2024-40891 Vulnerability
https://thehackernews.com/2025/01/zyxel-cpe-devices-face-active.html
Cybersecurity researchers are warning that a critical zero-day vulnerability impacting Zyxel CPE Series devices is seeing active exploitation attempts in the wild.
"Attackers can leverage this vulnerability to execute arbitrary commands on affected devices, leading to complete system compromise, data exfiltration, or network infiltration," GreyNoise researcher Glenn Thorpe said in an alert
595
Lynx Ransomware Group 'Industrializes' Cybercrime With Affiliates
https://www.darkreading.com/threat-intelligence/lynx-raas-group-industrializes-cybercrime-with-affiliate-operations
595
OAuth Flaw Exposed Millions of Airline Users to Account Takeovers
https://www.darkreading.com/application-security/oauth-flaw-exposed-millions-airline-users-account-takeovers
595
Phishing Campaign Baits Hook With Malicious Amazon PDFs
https://www.darkreading.com/cyberattacks-data-breaches/phishing-campaign-malicious-amazon-pdfs
595
Super Bowl LIX Could Be a Magnet for Cyberattacks
https://www.darkreading.com/endpoint-security/super-bowl-lix-magnet-cyberattacks
595
Cryptographic Agility's Legislative Possibilities & Business Benefits
https://www.darkreading.com/vulnerabilities-threats/cryptographic-agility-legislative-possibilities-benefits
متاح الآن! بحث تيليغرام 2025 — أهم رؤى العام 
