TECHZONE™
前往频道在 Telegram
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
显示更多595
订阅者
无数据24 小时
无数据7 天
-1030 天
帖子存档
595
Apple Releases Urgent Updates to Patch Actively Exploited Zero-Day Vulnerabilities
https://thehackernews.com/2024/11/apple-releases-urgent-updates-to-patch.html
Apple has released security updates for iOS, iPadOS, macOS, visionOS, and its Safari web browser to address two zero-day flaws that have come under active exploitation in the wild.
The flaws are listed below -
CVE-2024-44308 - A vulnerability in JavaScriptCore that could lead to arbitrary code execution when processing malicious web content
CVE-2024-44309 - A cookie management vulnerability in
595
Oracle Warns of Agile PLM Vulnerability Currently Under Active Exploitation
https://thehackernews.com/2024/11/oracle-warns-of-agile-plm-vulnerability.html
Oracle is warning that a high-severity security flaw impacting the Agile Product Lifecycle Management (PLM) Framework has been exploited in the wild.
The vulnerability, tracked as CVE-2024-21287 (CVSS score: 7.5), could be exploited sans authentication to leak sensitive information.
"This vulnerability is remotely exploitable without authentication, i.e., it may be exploited over a network
595
Ngioweb Botnet Fuels NSOCKS Residential Proxy Network Exploiting IoT Devices
https://thehackernews.com/2024/11/ngioweb-botnet-fuels-nsocks-residential.html
The malware known as Ngioweb has been used to fuel a notorious residential proxy service called NSOCKS, as well as by other services such as VN5Socks and Shopsocks5, new findings from Lumen Technologies reveal.
"At least 80% of NSOCKS bots in our telemetry originate from the Ngioweb botnet, mainly utilizing small office/home office (SOHO) routers and IoT devices," the Black Lotus Labs team at
595
Hackers Hijack Unsecured Jupyter Notebooks to Stream Illegal Sports Broadcasts
https://thehackernews.com/2024/11/hackers-hijack-unsecured-jupyter.html
Malicious actors are exploiting misconfigured JupyterLab and Jupyter Notebooks to conduct stream ripping and enable sports piracy using live streaming capture tools.
The attacks involve the hijack of unauthenticated Jupyter Notebooks to establish initial access, and perform a series of actions designed to facilitate illegal live streaming of sports events, Aqua said in a report shared with The
595
Privileged Accounts, Hidden Threats: Why Privileged Access Security Must Be a Top Priority
https://thehackernews.com/2024/11/privileged-accounts-hidden-threats-why.html
Privileged accounts are well-known gateways for potential security threats. However, many organizations focus solely on managing privileged access—rather than securing the accounts and users entrusted with it. This emphasis is perhaps due to the persistent challenges of Privileged Access Management (PAM) deployments. Yet, as the threat landscape evolves, so must organizational priorities. To
595
New 'Helldown' Ransomware Variant Expands Attacks to VMware and Linux Systems
https://thehackernews.com/2024/11/new-helldown-ransomware-expands-attacks.html
Cybersecurity researchers have shed light on a Linux variant of a relatively new ransomware strain called Helldown, suggesting that the threat actors are broadening their attack focus.
"Helldown deploys Windows ransomware derived from the LockBit 3.0 code," Sekoia said in a report shared with The Hacker News. "Given the recent development of ransomware targeting ESX, it appears that the group
595
Chinese Hackers Exploit T-Mobile and Other U.S. Telecoms in Broader Espionage Campaign
https://thehackernews.com/2024/11/chinese-hackers-exploit-t-mobile-and.html
U.S. telecoms giant T-Mobile has confirmed that it was also among the companies that were targeted by Chinese threat actors to gain access to valuable information.
The adversaries, tracked as Salt Typhoon, breached the company as part of a "monthslong campaign" designed to harvest cellphone communications of "high-value intelligence targets." It's not clear what information was taken, if any,
595
CISA Alert: Active Exploitation of VMware vCenter and Kemp LoadMaster Flaws
https://thehackernews.com/2024/11/cisa-alert-active-exploitation-of.html
Now-patched security flaws impacting Progress Kemp LoadMaster and VMware vCenter Server have come under active exploitation in the wild, it has emerged.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added CVE-2024-1212 (CVSS score: 10.0), a maximum-severity security vulnerability in Progress Kemp LoadMaster to its Known Exploited Vulnerabilities (KEV) catalog. It was
595
New Stealthy BabbleLoader Malware Spotted Delivering WhiteSnake and Meduza Stealers
https://thehackernews.com/2024/11/new-stealthy-babbleloader-malware.html
Cybersecurity researchers have shed light on a new stealthy malware loader called BabbleLoader that has been observed in the wild delivering information stealer families such as WhiteSnake and Meduza.
BabbleLoader is an "extremely evasive loader, packed with defensive mechanisms, that is designed to bypass antivirus and sandbox environments to deliver stealers into memory," Intezer security
595
The Problem of Permissions and Non-Human Identities - Why Remediating Credentials Takes Longer Than You Think
https://thehackernews.com/2024/11/the-problem-of-permissions-and-non-human-identities.html
According to research from GitGuardian and CyberArk, 79% of IT decision-makers reported having experienced a secrets leak, up from 75% in the previous year's report. At the same time, the number of leaked credentials has never been higher, with over 12.7 million hardcoded credentials in public GitHub repositories alone. One of the more troubling aspects of this report is that over 90% of valid
595
NSO Group Exploited WhatsApp to Install Pegasus Spyware Even After Meta's Lawsuit
https://thehackernews.com/2024/11/nso-group-exploited-whatsapp-to-install.html
Legal documents released as part of an ongoing legal tussle between Meta's WhatsApp and NSO Group have revealed that the Israeli spyware vendor used multiple exploits targeting the messaging app to deliver Pegasus, including one even after it was sued by Meta for doing so.
They also show that NSO Group repeatedly found ways to install the invasive surveillance tool on the target's devices as
595
Urgent: Critical WordPress Plugin Vulnerability Exposes Over 4 Million Sites
https://thehackernews.com/2024/11/urgent-critical-wordpress-plugin.html
A critical authentication bypass vulnerability has been disclosed in the Really Simple Security (formerly Really Simple SSL) plugin for WordPress that, if successfully exploited, could grant an attacker to remotely gain full administrative access to a susceptible site.
The vulnerability, tracked as CVE-2024-10924 (CVSS score: 9.8), impacts both free and premium versions of the plugin. The
595
PAN-OS Firewall Vulnerability Under Active Exploitation – IoCs Released
https://thehackernews.com/2024/11/pan-os-firewall-vulnerability-under.html
Palo Alto Networks has released new indicators of compromise (IoCs) a day after the network security vendor confirmed that a new zero-day vulnerability impacting its PAN-OS firewall management interface has been actively exploited in the wild.
To that end, the company said it observed malicious activity originating from below IP addresses and targeting PAN-OS management web interface IP
595
Warning: DEEPDATA Malware Exploiting Unpatched Fortinet Flaw to Steal VPN Credentials
https://thehackernews.com/2024/11/warning-deepdata-malware-exploiting.html
A threat actor known as BrazenBamboo has exploited an unresolved security flaw in Fortinet's FortiClient for Windows to extract VPN credentials as part of a modular framework called DEEPDATA.
Volexity, which disclosed the findings Friday, said it identified the zero-day exploitation of the credential disclosure vulnerability in July 2024, describing BrazenBamboo as the developer behind DEEPDATA,
595
Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations
https://thehackernews.com/2024/11/iranian-hackers-deploy-wezrat-malware.html
Cybersecurity researchers have shed light on a new remote access trojan and information stealer used by Iranian state-sponsored actors to conduct reconnaissance of compromised endpoints and execute malicious commands.
Cybersecurity company Check Point has codenamed the malware WezRat, stating it has been detected in the wild since at least September 1, 2023, based on artifacts uploaded to the
595
Researchers Warn of Privilege Escalation Risks in Google's Vertex AI ML Platform
https://thehackernews.com/2024/11/researchers-warn-of-privilege.html
Cybersecurity researchers have disclosed two security flaws in Google's Vertex machine learning (ML) platform that, if successfully exploited, could allow malicious actors to escalate privileges and exfiltrate models from the cloud.
"By exploiting custom job permissions, we were able to escalate our privileges and gain unauthorized access to all data services in the project," Palo Alto Networks
595
Master Certificate Management: Join This Webinar on Crypto Agility and Best Practices
https://thehackernews.com/2024/11/master-certificate-management-join-this.html
In the fast-paced digital world, trust is everything—but what happens when that trust is disrupted? Certificate revocations, though rare, can send shockwaves through your operations, impacting security, customer confidence, and business continuity. Are you prepared to act swiftly when the unexpected happens?
Join DigiCert’s exclusive webinar, "When Shift Happens: Are You Ready for Rapid
595
Vietnamese Hacker Group Deploys New PXA Stealer Targeting Europe and Asia
https://thehackernews.com/2024/11/vietnamese-hacker-group-deploys-new-pxa.html
A Vietnamese-speaking threat actor has been linked to an information-stealing campaign targeting government and education entities in Europe and Asia with a new Python-based malware called PXA Stealer.
The malware "targets victims' sensitive information, including credentials for various online accounts, VPN and FTP clients, financial information, browser cookies, and data from gaming software,"
595
How AI Is Transforming IAM and Identity Security
https://thehackernews.com/2024/11/how-ai-is-transforming-iam-and-identity.html
In recent years, artificial intelligence (AI) has begun revolutionizing Identity Access Management (IAM), reshaping how cybersecurity is approached in this crucial field. Leveraging AI in IAM is about tapping into its analytical capabilities to monitor access patterns and identify anomalies that could signal a potential security breach. The focus has expanded beyond merely managing human
595
High-Severity Flaw in PostgreSQL Allows Hackers to Exploit Environment Variables
https://thehackernews.com/2024/11/high-severity-flaw-in-postgresql-allows.html
Cybersecurity researchers have disclosed a high-severity security flaw in the PostgreSQL open-source database system that could allow unprivileged users to alter environment variables, and potentially lead to code execution or information disclosure.
The vulnerability, tracked as CVE-2024-10979, carries a CVSS score of 8.8.
Environment variables are user-defined values that can allow a program
现已上线!2025 年 Telegram 研究 — 年度关键洞察 
