TECHZONE™
الذهاب إلى القناة على Telegram
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
إظهار المزيد593
المشتركون
-124 ساعات
-27 أيام
-830 أيام
أرشيف المشاركات
593
Chinese Hackers Exploited FortiGate Flaw to Breach Dutch Military Network
https://thehackernews.com/2024/02/chinese-hackers-exploited-fortigate.html
Chinese state-backed hackers broke into a computer network that's used by the Dutch armed forces by targeting Fortinet FortiGate devices.
"This [computer network] was used for unclassified research and development (R&D)," the Dutch Military Intelligence and Security Service (MIVD) said in a statement. "Because this system was self-contained, it did not lead to any damage to the
593
Critical JetBrains TeamCity On-Premises Flaw Exposes Servers to Takeover - Patch Now
https://thehackernews.com/2024/02/critical-jetbrains-teamcity-on-premises.html
JetBrains is alerting customers of a critical security flaw in its TeamCity On-Premises continuous integration and continuous deployment (CI/CD) software that could be exploited by threat actors to take over susceptible instances.
The vulnerability, tracked as CVE-2024-23917, carries a CVSS rating of 9.8 out of 10, indicative of its severity.
"The vulnerability may enable an unauthenticated
593
Beware: Fake Facebook Job Ads Spreading 'Ov3r_Stealer' to Steal Crypto and Credentials
https://thehackernews.com/2024/02/beware-fake-facebook-job-ads-spreading.html
Threat actors are leveraging bogus Facebook job advertisements as a lure to trick prospective targets into installing a new Windows-based stealer malware codenamed Ov3r_Stealer.
"This malware is designed to steal credentials and crypto wallets and send those to a Telegram channel that the threat actor monitors," Trustwave SpiderLabs said in a report shared with The Hacker News.
Ov3r_Stealer
593
Experts Detail New Flaws in Azure HDInsight Spark, Kafka, and Hadoop Services
https://thehackernews.com/2024/02/high-severity-flaws-found-in-azure.html
Three new security vulnerabilities have been discovered in Azure HDInsight's Apache Hadoop, Kafka, and Spark services that could be exploited to achieve privilege escalation and a regular expression denial-of-service (ReDoS) condition.
"The new vulnerabilities affect any authenticated user of Azure HDInsight services such as Apache Ambari and Apache Oozie," Orca security
593
Could your Valentine be a scammer? How to avoid getting caught in a bad romance
https://www.welivesecurity.com/en/scams/online-dating-scams-avoid-getting-caught-bad-romance/
With Valentine’s Day almost upon us, here’s some timely advice on how to prevent scammers from stealing more than your heart
593
How a $10B Enterprise Customer Drastically Increased their SaaS Security Posture with 201% ROI by Using SSPM
https://thehackernews.com/2024/02/how-10b-enterprise-customer-drastically.html
SaaS applications are the darlings of the software world. They enable work from anywhere, facilitate collaboration, and offer a cost-effective alternative to owning the software outright. At the same time, the very features that make SaaS apps so embraced – access from anywhere and collaboration – can also be exploited by threat actors.
Recently, Adaptive Shield commissioned a Total Economic
593
Hackers Exploit Job Boards in APAC, Steal Data of Millions of Job Seekers
https://thehackernews.com/2024/02/hackers-exploit-job-boards-in-apac.html
Employment agencies and retail companies chiefly located in the Asia-Pacific (APAC) region have been targeted by a previously undocumented threat actor known as ResumeLooters since early 2023 with the goal of stealing sensitive data.
Singapore-headquartered Group-IB said the hacking crew's activities are geared towards job search platforms and the theft of resumes, with as many as 65
593
Recent SSRF Flaw in Ivanti VPN Products Undergoes Mass Exploitation
https://thehackernews.com/2024/02/recently-disclosed-ssrf-flaw-in-ivanti.html
A recently disclosed server-side request forgery (SSRF) vulnerability impacting Ivanti Connect Secure and Policy Secure products has come under mass exploitation.
The Shadowserver Foundation said it observed exploitation attempts originating from more than 170 unique IP addresses that aim to establish a reverse shell, among others.
The attacks exploit CVE-2024-21893 (CVSS
593
U.S. Imposes Visa Restrictions on those Involved in Illegal Spyware Surveillance
https://thehackernews.com/2024/02/us-imposes-visa-restrictions-on-those.html
The U.S. State Department said it's implementing a new policy that imposes visa restrictions on individuals who are linked to the illegal use of commercial spyware to surveil civil society members.
"The misuse of commercial spyware threatens privacy and freedoms of expression, peaceful assembly, and association," Secretary of State Antony Blinken said. "Such targeting has been
593
Belarusian National Linked to BTC-e Faces 25 Years for $4 Billion Crypto Money Laundering
https://thehackernews.com/2024/02/belarusian-national-linked-to-btc-e.html
A 42-year-old Belarusian and Cypriot national with alleged connections to the now-defunct cryptocurrency exchange BTC-e is facing charges related to money laundering and operating an unlicensed money services business.
Aliaksandr Klimenka, who was arrested in Latvia on December 21, 2023, was extradited to the U.S. If convicted, he faces a maximum penalty of 25 years in prison.
BTC-e, which had
593
Patchwork Using Romance Scam Lures to Infect Android Devices with VajraSpy Malware
https://thehackernews.com/2024/02/patchwork-using-romance-scam-lures-to.html
The threat actor known as Patchwork likely used romance scam lures to trap victims in Pakistan and India, and infect their Android devices with a remote access trojan called VajraSpy.
Slovak cybersecurity firm ESET said it uncovered 12 espionage apps, six of which were available for download from the official Google Play Store and were collectively downloaded more than 1,400 times between
593
Combined Security Practices Changing the Game for Risk Management
https://thehackernews.com/2024/02/combined-security-practices-changing.html
A significant challenge within cyber security at present is that there are a lot of risk management platforms available in the market, but only some deal with cyber risks in a very good way. The majority will shout alerts at the customer as and when they become apparent and cause great stress in the process. The issue being that by using a reactive, rather than proactive approach, many risks
593
Pegasus Spyware Targeted iPhones of Journalists and Activists in Jordan
https://thehackernews.com/2024/02/pegasus-spyware-targeted-iphones-of.html
The iPhones belonging to nearly three dozen journalists, activists, human rights lawyers, and civil society members in Jordan have been targeted with NSO Group's Pegasus spyware, according to joint findings from Access Now and the Citizen Lab.
Nine of the 35 individuals have been publicly confirmed as targeted, out of whom had their devices compromised with the mercenary
593
New Mispadu Banking Trojan Exploiting Windows SmartScreen Flaw
https://thehackernews.com/2024/02/new-mispadu-banking-trojan-exploiting.html
The threat actors behind the Mispadu banking Trojan have become the latest to exploit a now-patched Windows SmartScreen security bypass flaw to compromise users in Mexico.
The attacks entail a new variant of the malware that was first observed in 2019, Palo Alto Networks Unit 42 said in a report published last week.
Propagated via phishing mails, Mispadu is a Delphi-based information stealer
593
Grandoreiro banking malware disrupted – Week in security with Tony Anscombe
https://www.welivesecurity.com/en/videos/grandoreiro-banking-malware-disrupted-week-in-security-with-tony-anscombe/
The banking trojan, which targeted mostly Brazil, Mexico and Spain, blocked the victim’s screen, logged keystrokes, simulated mouse and keyboard activity and displayed fake pop-up windows
593
U.S. Sanctions 6 Iranian Officials for Critical Infrastructure Cyber Attacks
https://thehackernews.com/2024/02/us-sanctions-6-iranian-officials-for.html
The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) announced sanctions against six officials associated with the Iranian intelligence agency for attacking critical infrastructure entities in the U.S. and other countries.
The officials include Hamid Reza Lashgarian, Mahdi Lashgarian, Hamid Homayunfal, Milad Mansuri, Mohammad Bagher Shirinkar, and Reza Mohammad Amin
593
Mastodon Vulnerability Allows Hackers to Hijack Any Decentralized Account
https://thehackernews.com/2024/02/mastodon-vulnerability-allows-hackers.html
The decentralized social network Mastodon has disclosed a critical security flaw that enables malicious actors to impersonate and take over any account.
"Due to insufficient origin validation in all Mastodon, attackers can impersonate and take over any remote account," the maintainers said in a terse advisory.
The vulnerability, tracked as CVE-2024-23832, has a severity rating of 9.4 out of
593
AnyDesk Hacked: Popular Remote Desktop Software Mandates Password Reset
https://thehackernews.com/2024/02/anydesk-hacked-popular-remote-desktop.html
Remote desktop software maker AnyDesk disclosed on Friday that it suffered a cyber attack that led to a compromise of its production systems.
The German company said the incident, which it discovered following a security audit, is not a ransomware attack and that it has notified relevant authorities.
"We have revoked all security-related certificates and systems have been remediated or replaced
593
VajraSpy: A Patchwork of espionage apps
https://www.welivesecurity.com/en/eset-research/vajraspy-patchwork-espionage-apps/
ESET researchers discovered several Android apps carrying VajraSpy, a RAT used by the Patchwork APT group
593
Russian APT28 Hackers Targeting High-Value Orgs with NTLM Relay Attacks
https://thehackernews.com/2024/02/russian-apt28-hackers-targeting-high.html
Russian state-sponsored actors have staged NT LAN Manager (NTLM) v2 hash relay attacks through various methods from April 2022 to November 2023, targeting high-value targets worldwide.
The attacks, attributed to an "aggressive" hacking crew called APT28, have set their eyes on organizations dealing with foreign affairs, energy, defense, and transportation, as well as those involved with
