ar
Feedback
TECHZONE™

TECHZONE™

الذهاب إلى القناة على Telegram

TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news

إظهار المزيد
595
المشتركون
لا توجد بيانات24 ساعات
لا توجد بيانات7 أيام
-730 أيام
أرشيف المشاركات
No room for error: Don’t get stung by these common Booking.com scams https://www.welivesecurity.com/en/scams/common-bookingcom-scams/ From sending phishing emails to posting fake listings, here’s how fraudsters hunt for victims while you’re booking your well-earned vacation

Global Police Operation Shuts Down 600 Cybercrime Servers Linked to Cobalt Strike https://thehackernews.com/2024/07/global-police-operation-shuts-down-600.html A coordinated law enforcement operation codenamed MORPHEUS has felled close to 600 servers that were used by cybercriminal groups and were part of an attack infrastructure associated with the Cobalt Strike.  The crackdown targeted older, unlicensed versions of the Cobalt Strike red teaming framework between June 24 and 28, according to Europol. Of the 690 IP addresses that were flagged to

Twilio's Authy App Breach Exposes Millions of Phone Numbers https://thehackernews.com/2024/07/twilios-authy-app-breach-exposes.html Cloud communications provider Twilio has revealed that unidentified threat actors took advantage of an unauthenticated endpoint in Authy to identify data associated with Authy accounts, including users' cell phone numbers. The company said it took steps to secure the endpoint to no longer accept unauthenticated requests. The development comes days after an online persona named ShinyHunters

The Emerging Role of AI in Open-Source Intelligence https://thehackernews.com/2024/07/the-emerging-role-of-ai-in-open-source.html Recently the Office of the Director of National Intelligence (ODNI) unveiled a new strategy for open-source intelligence (OSINT) and referred to OSINT as the “INT of first resort”. Public and private sector organizations are realizing the value that the discipline can provide but are also finding that the exponential growth of digital data in recent years has overwhelmed many traditional OSINT

Microsoft MSHTML Flaw Exploited to Deliver MerkSpy Spyware Tool https://thehackernews.com/2024/07/microsoft-mshtml-flaw-exploited-to.html Unknown threat actors have been observed exploiting a now-patched security flaw in Microsoft MSHTML to deliver a surveillance tool called MerkSpy as part of a campaign primarily targeting users in Canada, India, Poland, and the U.S. "MerkSpy is designed to clandestinely monitor user activities, capture sensitive information, and establish persistence on compromised systems," Fortinet FortiGuard

FakeBat Loader Malware Spreads Widely Through Drive-by Download Attacks https://thehackernews.com/2024/07/fakebat-loader-malware-spreads-widely.html The loader-as-a-service (LaaS) known as FakeBat has become one of the most widespread loader malware families distributed using the drive-by download technique this year, findings from Sekoia reveal. "FakeBat primarily aims to download and execute the next-stage payload, such as IcedID, Lumma, RedLine, SmokeLoader, SectopRAT, and Ursnif," the company said in a Tuesday analysis. Drive-by attacks

AI in the workplace: The good, the bad, and the algorithmic https://www.welivesecurity.com/en/we-live-progress/ai-workplace-good-bad-algorithmic/ While AI can liberate us from tedious tasks and even eliminate human error, it's crucial to remember its weaknesses and the unique capabilities that humans bring to the table

Israeli Entities Targeted by Cyberattack Using Donut and Sliver Frameworks https://thehackernews.com/2024/07/israeli-entities-targeted-by.html Cybersecurity researchers have discovered an attack campaign that targets various Israeli entities with publicly-available frameworks like Donut and Sliver. The campaign, believed to be highly targeted in nature, "leverage target-specific infrastructure and custom WordPress websites as a payload delivery mechanism, but affect a variety of entities across unrelated verticals, and rely on

South Korean ERP Vendor's Server Hacked to Spread Xctdoor Malware https://thehackernews.com/2024/07/south-korean-erp-vendors-server-hacked.html An unnamed South Korean enterprise resource planning (ERP) vendor's product update server has been found to be compromised to deliver a Go-based backdoor dubbed Xctdoor. The AhnLab Security Intelligence Center (ASEC), which identified the attack in May 2024, did not attribute it to a known threat actor or group, but noted that the tactics overlap with that of Andariel, a sub-cluster within the

How MFA Failures are Fueling a 500% Surge in Ransomware Losses https://thehackernews.com/2024/07/how-mfa-failures-are-fueling-500-surge.html The cybersecurity threat landscape has witnessed a dramatic and alarming rise in the average ransomware payment, an increase exceeding 500%. Sophos, a global leader in cybersecurity, revealed in its annual "State of Ransomware 2024" report that the average ransom payment has increased 500% in the last year with organizations that paid a ransom reporting an average payment of $2 million, up from

New Intel CPU Vulnerability 'Indirector' Exposes Sensitive Data https://thehackernews.com/2024/07/new-intel-cpu-vulnerability-indirector.html Modern CPUs from Intel, including Raptor Lake and Alder Lake, have been found vulnerable to a new side-channel attack that could be exploited to leak sensitive information from the processors. The attack, codenamed Indirector by security researchers Luyi Li, Hosein Yavarzadeh, and Dean Tullsen, leverages shortcomings identified in Indirect Branch Predictor (IBP) and the Branch Target Buffer (BTB

Meta's 'Pay or Consent' Approach Faces E.U. Competition Rules Scrutiny https://thehackernews.com/2024/07/metas-pay-or-consent-approach-faces-eu.html Meta's decision to offer an ad-free subscription in the European Union (E.U.) has faced a new setback after regulators accused the social media behemoth of breaching the bloc's competition rules by forcing users to choose between seeing ads or paying to avoid them. The European Commission said the company's "pay or consent" advertising model is in contravention of the Digital Markets Act (DMA).

Chinese Hackers Exploiting Cisco Switches Zero-Day to Deliver Malware https://thehackernews.com/2024/07/chinese-hackers-exploiting-cisco.html A China-nexus cyber espionage group named Velvet Ant has been observed exploiting a zero-day flaw in Cisco NX-OS Software used in its switches to deliver malware. The vulnerability, tracked as CVE-2024-20399 (CVSS score: 6.0), concerns a case of command injection that allows an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system of an affected

Australian Man Charged for Fake Wi-Fi Scam on Domestic Flights https://thehackernews.com/2024/07/australian-man-charged-for-fake-wi-fi.html An Australian man has been charged with running a fake Wi-Fi access point during a domestic flight with an aim to steal user credentials and data. The unnamed 42-year-old "allegedly established fake free Wi-Fi access points, which mimicked legitimate networks, to capture personal data from unsuspecting victims who mistakenly connected to them," the Australian Federal Police (AFP) said in a press

Hijacked: How hacked YouTube channels spread scams and malware https://www.welivesecurity.com/en/scams/hijacked-hacked-youtube-channels-scams-malware/ Here’s how cybercriminals go after YouTube channels and use them as conduits for fraud – and what you should watch out for when watching videos on the platform

Critical Flaws in CocoaPods Expose iOS and macOS Apps to Supply Chain Attacks https://thehackernews.com/2024/07/critical-flaws-in-cocoapods-expose-ios.html A trio of security flaws has been uncovered in the CocoaPods dependency manager for Swift and Objective-C Cocoa projects that could be exploited to stage software supply chain attacks, putting downstream customers at severe risks. The vulnerabilities allow "any malicious actor to claim ownership over thousands of unclaimed pods and insert malicious code into many of the most popular iOS and

CapraRAT Spyware Disguised as Popular Apps Threatens Android Users https://thehackernews.com/2024/07/caprarat-spyware-disguised-as-popular.html The threat actor known as Transparent Tribe has continued to unleash malware-laced Android apps as part of a social engineering campaign to target individuals of interest. "These APKs continue the group's trend of embedding spyware into curated video browsing applications, with a new expansion targeting mobile gamers, weapons enthusiasts, and TikTok fans," SentinelOne security researcher Alex

Indian Software Firm's Products Hacked to Spread Data-Stealing Malware https://thehackernews.com/2024/07/indian-software-firms-products-hacked.html Installers for three different software products developed by an Indian company named Conceptworld have been trojanized to distribute information-stealing malware. The installers correspond to Notezilla, RecentX, and Copywhiz, according to cybersecurity firm Rapid7, which discovered the supply chain compromise on June 18, 2024. The issue has since been remediated by Conceptworld as of June 24

End-to-End Secrets Security: Making a Plan to Secure Your Machine Identities https://thehackernews.com/2024/07/end-to-end-secrets-security-making-plan.html At the heart of every application are secrets. Credentials that allow human-to-machine and machine-to-machine communication. Machine identities outnumber human identities by a factor of 45-to-1 and represent the majority of secrets we need to worry about. According to CyberArk's recent research, 93% of organizations had two or more identity-related breaches in the past year. It is clear that we

New OpenSSH Vulnerability Could Lead to RCE as Root on Linux Systems https://thehackernews.com/2024/07/new-openssh-vulnerability-could-lead-to.html OpenSSH maintainers have released security updates to contain a critical security flaw that could result in unauthenticated remote code execution with root privileges in glibc-based Linux systems. The vulnerability has been assigned the CVE identifier CVE-2024-6387. It resides in the OpenSSH server component, also known as sshd, which is designed to listen for connections from any of the client