TECHZONE™
前往频道在 Telegram
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
显示更多595
订阅者
无数据24 小时
-17 天
-1030 天
帖子存档
595
The Cyber Savanna: A Rigged Race You Can't Win, but Must Run Anyway
https://www.darkreading.com/vulnerabilities-threats/cyber-savanna-rigged-race-you-cant-win-must-run-anyway
595
SparkCat Malware Uses OCR to Extract Crypto Wallet Recovery Phrases from Images
https://thehackernews.com/2025/02/sparkcat-malware-uses-ocr-to-extract.html
A new malware campaign dubbed SparkCat has leveraged a suit of bogus apps on both Apple's and Google's respective app stores to steal victims' mnemonic phrases associated with cryptocurrency wallets.
The attacks leverage an optical character recognition (OCR) model to exfiltrate select images containing wallet recovery phrases from photo libraries to a command-and-control (C2) server,
595
The Evolving Role of PAM in Cybersecurity Leadership Agendas for 2025
https://thehackernews.com/2025/02/the-evolving-role-of-pam-in.html
Privileged Access Management (PAM) has emerged as a cornerstone of modern cybersecurity strategies, shifting from a technical necessity to a critical pillar in leadership agendas. With the PAM market projected to reach $42.96 billion by 2037 (according to Research Nester), organizations invest heavily in PAM solutions.
Why is PAM climbing the ranks of leadership priorities? While Gartner
595
North Korean APT Kimsuky Uses forceCopy Malware to Steal Browser-Stored Credentials
https://thehackernews.com/2025/02/north-korean-apt-kimsuky-uses-lnk-files.html
The North Korea-linked nation-state hacking group known as Kimsuky has been observed conducting spear-phishing attacks to deliver an information stealer malware named forceCopy, according to new findings from the AhnLab Security Intelligence Center (ASEC).
The attacks commence with phishing emails containing a Windows shortcut (LNK) file that's disguised as a Microsoft Office or PDF document.
595
Top 3 Ransomware Threats Active in 2025
https://thehackernews.com/2025/02/top-3-ransomware-threats-active-in-2025.html
You arrive at the office, power up your system, and panic sets in. Every file is locked, and every system is frozen. A ransom demand flashes on your screen: "Pay $2 million in Bitcoin within 48 hours or lose everything."
And the worst part is that even after paying, there’s no guarantee you’ll get your data back. Many victims hand over the money, only to receive nothing in return, or worse, get
595
Cisco Patches Critical ISE Vulnerabilities Enabling Root CmdExec and PrivEsc
https://thehackernews.com/2025/02/cisco-patches-critical-ise.html
Cisco has released updates to address two critical security flaws Identity Services Engine (ISE) that could allow remote attackers to execute arbitrary commands and elevate privileges on susceptible devices.
The vulnerabilities are listed below -
CVE-2025-20124 (CVSS score: 9.9) - An insecure Java deserialization vulnerability in an API of Cisco ISE that could permit an authenticated, remote
595
Basket of Bank Trojans Defraud Citizens of East India
https://www.darkreading.com/cyberattacks-data-breaches/bank-trojans-defraud-citizens-east-india
595
Why Cybersecurity Needs Probability — Not Predictions
https://www.darkreading.com/cyberattacks-data-breaches/why-cybersecurity-needs-probability-not-predictions
595
Abandoned AWS Cloud Storage: A Major Cyberattack Vector
https://www.darkreading.com/remote-workforce/abandoned-aws-cloud-storage-cyberattack-vector
595
Attackers Target Education Sector, Hijack Microsoft Accounts
https://www.darkreading.com/cyberattacks-data-breaches/attackers-education-sector-hijack-microsoft-accounts
595
Cross-Platform JavaScript Stealer Targets Crypto Wallets in New Lazarus Group Campaign
https://thehackernews.com/2025/02/cross-platform-javascript-stealer.html
The North Korea-linked Lazarus Group has been linked to an active campaign that leverages fake LinkedIn job offers in the cryptocurrency and travel sectors to deliver malware capable of infecting Windows, macOS, and Linux operating systems.
According to cybersecurity company Bitdefender, the scam begins with a message sent on a professional social media network, enticing them with the promise of
595
Cybercriminals Use Go Resty and Node Fetch in 13 Million Password Spraying Attempts
https://thehackernews.com/2025/02/cybercriminals-use-axios-and-node-fetch.html
Cybercriminals are increasingly leveraging legitimate HTTP client tools to facilitate account takeover (ATO) attacks on Microsoft 365 environments.
Enterprise security company Proofpoint said it observed campaigns using HTTP clients Axios and Node Fetch to send HTTP requests and receive HTTP responses from web servers with the goal of conducting ATO attacks.
"Originally sourced from public
595
Silent Lynx Using PowerShell, Golang, and C++ Loaders in Multi-Stage Cyberattacks
https://thehackernews.com/2025/02/silent-lynx-using-powershell-golang-and.html
A previously undocumented threat actor known as Silent Lynx has been linked to cyber attacks targeting various entities in Kyrgyzstan and Turkmenistan.
"This threat group has previously targeted entities around Eastern Europe and Central Asian government think tanks involved in economic decision making and banking sector," Seqrite Labs researcher Subhajeet Singha said in a technical report
595
Nigeria Touts Cyber Success, Even as Cybercrime Rises in Africa
https://www.darkreading.com/cyber-risk/nigeria-touts-cyber-success-african-cybercrime-rises
595
How Are Modern Fraud Groups Using GenAI and Deepfakes?
https://www.darkreading.com/vulnerabilities-threats/how-are-modern-fraud-groups-using-gen-ai-and-deepfakes
595
Backline Tackles Enterprise Security Backlogs With AI
https://www.darkreading.com/vulnerabilities-threats/backline-tackles-enterprise-security-backlogs-with-ai
595
New Veeam Flaw Allows Arbitrary Code Execution via Man-in-the-Middle Attack
https://thehackernews.com/2025/02/new-veeam-flaw-allows-arbitrary-code.html
Veeam has released patches to address a critical security flaw impacting its Backup software that could allow an attacker to execute arbitrary code on susceptible systems.
The vulnerability, tracked as CVE-2025-23114, carries a CVSS score of 9.0 out of 10.0.
"A vulnerability within the Veeam Updater component that allows an attacker to utilize a Man-in-the-Middle attack to execute arbitrary code
595
Navigating the Future: Key IT Vulnerability Management Trends
https://thehackernews.com/2025/02/navigating-future-key-it-vulnerability.html
As the cybersecurity landscape continues to evolve, proactive vulnerability management has become a critical priority for managed service providers (MSPs) and IT teams. Recent trends indicate that organizations increasingly prioritize more frequent IT security vulnerability assessments to identify and address potential security flaws.
Staying informed on these trends can help MSPs and IT teams
595
AsyncRAT Campaign Uses Python Payloads and TryCloudflare Tunnels for Stealth Attacks
https://thehackernews.com/2025/02/asyncrat-campaign-uses-python-payloads.html
A malware campaign has been observed delivering a remote access trojan (RAT) named AsyncRAT by making use of Python payloads and TryCloudflare tunnels.
"AsyncRAT is a remote access trojan (RAT) that exploits the async/await pattern for efficient, asynchronous communication," Forcepoint X-Labs researcher Jyotika Singh said in an analysis.
"It allows attackers to control infected systems
595
CISA Adds Four Actively Exploited Vulnerabilities to KEV Catalog, Urges Fixes by Feb 25
https://thehackernews.com/2025/02/cisa-adds-four-actively-exploited.html
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added four security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild.
The list of vulnerabilities is as follows -
CVE-2024-45195 (CVSS score: 7.5/9.8) - A forced browsing vulnerability in Apache OFBiz that allows a remote attacker to obtain unauthorized
现已上线!2025 年 Telegram 研究 — 年度关键洞察 
