ch
Feedback
TECHZONE™

TECHZONE™

前往频道在 Telegram

TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news

显示更多
595
订阅者
-124 小时
无数据7
-930
帖子存档
Patchwork Hackers Target Bhutan with Advanced Brute Ratel C4 Tool https://thehackernews.com/2024/07/patchwork-hackers-target-bhutan-with.html The threat actor known as Patchwork has been linked to a cyber attack targeting entities with ties to Bhutan to deliver the Brute Ratel C4 framework and an updated version of a backdoor called PGoShell. The development marks the first time the adversary has been observed using the red teaming software, the Knownsec 404 Team said in an analysis published last week. The activity cluster, also

CrowdStrike Explains Friday Incident Crashing Millions of Windows Devices https://thehackernews.com/2024/07/crowdstrike-explains-friday-windows.html Cybersecurity firm CrowdStrike on Wednesday blamed an issue in its validation system for causing millions of Windows devices to crash as part of a widespread outage late last week. "On Friday, July 19, 2024 at 04:09 UTC, as part of regular operations, CrowdStrike released a content configuration update for the Windows sensor to gather telemetry on possible novel threat techniques," the company

Microsoft Defender Flaw Exploited to Deliver ACR, Lumma, and Meduza Stealers https://thehackernews.com/2024/07/microsoft-defender-flaw-exploited-to.html A now-patched security flaw in the Microsoft Defender SmartScreen has been exploited as part of a new campaign designed to deliver information stealers such as ACR Stealer, Lumma, and Meduza. Fortinet FortiGuard Labs said it detected the stealer campaign targeting Spain, Thailand, and the U.S. using booby-trapped files that exploit CVE-2024-21412 (CVSS score: 8.1). The high-severity

CISA Adds Twilio Authy and IE Flaws to Exploited Vulnerabilities List https://thehackernews.com/2024/07/cisa-adds-twilio-authy-and-ie-flaws-to.html The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two security flaws to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerabilities are listed below - CVE-2012-4792 (CVSS score: 9.3) - Microsoft Internet Explorer Use-After-Free Vulnerability CVE-2024-39891 (CVSS score: 5.3) - Twilio Authy Information Disclosure

Cursed tapes: Exploiting the EvilVideo vulnerability on Telegram for Android https://www.welivesecurity.com/en/eset-research/cursed-tapes-exploiting-evilvideo-vulnerability-telegram-android/ ESET researchers discovered a zero-day Telegram for Android exploit that allows sending malicious files disguised as videos

Ukrainian Institutions Targeted Using HATVIBE and CHERRYSPY Malware https://thehackernews.com/2024/07/ukrainian-institutions-targeted-using.html The Computer Emergency Response Team of Ukraine (CERT-UA) has alerted of a spear-phishing campaign targeting a scientific research institution in the country with malware known as HATVIBE and CHERRYSPY. The agency attributed the attack to a threat actor it tracks under the name UAC-0063, which was previously observed targeting various government entities to gather sensitive information using

Google Abandons Plan to Phase Out Third-Party Cookies in Chrome https://thehackernews.com/2024/07/google-abandons-plan-to-phase-out-third.html Google on Monday abandoned plans to phase out third-party tracking cookies in its Chrome web browser more than four years after it introduced the option as part of a larger set of a controversial proposal called the Privacy Sandbox. "Instead of deprecating third-party cookies, we would introduce a new experience in Chrome that lets people make an informed choice that applies across their web

Experts Uncover Chinese Cybercrime Network Behind Gambling and Human Trafficking https://thehackernews.com/2024/07/experts-uncover-chinese-cybercrime.html The relationship between various TDSs and DNS associated with Vigorish Viper and the final landing experience for the user A Chinese organized crime syndicate with links to money laundering and human trafficking across Southeast Asia has been using an advanced "technology suite" that runs the whole cybercrime supply chain spectrum to spearhead its operations. Infoblox is tracking the proprietor

PINEAPPLE and FLUXROOT Hacker Groups Abuse Google Cloud for Credential Phishing https://thehackernews.com/2024/07/pineapple-and-fluxroot-hacker-groups.html A Latin America (LATAM)-based financially motivated actor codenamed FLUXROOT has been observed leveraging Google Cloud serverless projects to orchestrate credential phishing activity, highlighting the abuse of the cloud computing model for malicious purposes. "Serverless architectures are attractive to developers and enterprises for their flexibility, cost effectiveness, and ease of use," Google

How to Set up an Automated SMS Analysis Service with AI in Tines https://thehackernews.com/2024/07/how-to-set-up-automated-sms-analysis.html The opportunities to use AI in workflow automation are many and varied, but one of the simplest ways to use AI to save time and enhance your organization’s security posture is by building an automated SMS analysis service. Workflow automation platform Tines provides a good example of how to do it. The vendor recently released their first native AI features, and security teams have already

MSPs & MSSPs: How to Increase Engagement with Your Cybersecurity Clients Through vCISO Reporting https://thehackernews.com/2024/07/msps-mssps-how-to-increase-engagement.html As a vCISO, you are responsible for your client's cybersecurity strategy and risk governance. This incorporates multiple disciplines, from research to execution to reporting. Recently, we published a comprehensive playbook for vCISOs, “Your First 100 Days as a vCISO – 5 Steps to Success”, which covers all the phases entailed in launching a successful vCISO engagement, along with recommended

SocGholish Malware Exploits BOINC Project for Covert Cyberattacks https://thehackernews.com/2024/07/socgholish-malware-exploits-boinc.html The JavaScript downloader malware known as SocGholish (aka FakeUpdates) is being used to deliver a remote access trojan called AsyncRAT as well as a legitimate open-source project called BOINC. BOINC, short for Berkeley Open Infrastructure Network Computing Client, is an open-source "volunteer computing" platform maintained by the University of California with an aim to carry out "large-scale

How adware exposed victims to kernel-level threats – Week in Security with Tony Anscombe https://www.welivesecurity.com/en/videos/adware-kernel-level-threats-week-security-tony-anscombe/ A purported ad blocker marketed as a security solution hides kernel-level malware that inadvertently exposes victims to even more dangerous threats

New Linux Variant of Play Ransomware Targeting VMWare ESXi Systems https://thehackernews.com/2024/07/new-linux-variant-of-play-ransomware.html Cybersecurity researchers have discovered a new Linux variant of a ransomware strain known as Play (aka Balloonfly and PlayCrypt) that's designed to target VMWare ESXi environments. "This development suggests that the group could be broadening its attacks across the Linux platform, leading to an expanded victim pool and more successful ransom negotiations," Trend Micro researchers said in a

Cybercriminals Exploit CrowdStrike Update Mishap to Distribute Remcos RAT Malware https://thehackernews.com/2024/07/cybercriminals-exploit-crowdstrike.html Cybersecurity firm CrowdStrike, which is facing the heat for causing worldwide IT disruptions by pushing out a flawed update to Windows devices, is now warning that threat actors are exploiting the situation to distribute Remcos RAT to its customers in Latin America under the guise of a providing a hotfix. The attack chains involve distributing a ZIP archive file named "crowdstrike-hotfix.zip,"

Beyond the blue screen of death: Why software updates matter https://www.welivesecurity.com/en/cybersecurity/beyond-blue-screen-death-software-updates/ The widespread IT outages triggered by a faulty CrowdStrike update have put software updates in the spotlight. Here’s why you shouldn’t dread them.

The complexities of cybersecurity update processes https://www.welivesecurity.com/en/cybersecurity/complexities-cybersecurity-update-processes/ If a software update process fails, it can lead to catastrophic consequences, as seen today with widespread blue screens of death blamed on a bad update by CrowdStrike

17-Year-Old Linked to Scattered Spider Cybercrime Syndicate Arrested in U.K. https://thehackernews.com/2024/07/17-year-old-linked-to-scattered-spider.html Law enforcement officials in the U.K. have arrested a 17-year-old boy from Walsall who is suspected to be a member of the notorious Scattered Spider cybercrime syndicate. The arrest was made "in connection with a global cyber online crime group which has been targeting large organizations with ransomware and gaining access to computer networks," West Midlands police said. "The arrest is part of

Faulty CrowdStrike Update Crashes Windows Systems, Impacting Businesses Worldwide https://thehackernews.com/2024/07/faulty-crowdstrike-update-crashes.html Businesses across the world have been hit by widespread disruptions to their Windows workstations stemming from a faulty update pushed out by cybersecurity company CrowdStrike. "CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts," the company's CEO George Kurtz said in a statement. "Mac and Linux hosts are not impacted. This is

Two Russian Nationals Plead Guilty in LockBit Ransomware Attacks https://thehackernews.com/2024/07/two-russian-nationals-plead-guilty-in.html Two Russian nationals have pleaded guilty in a U.S. court for their participation as affiliates in the LockBit ransomware scheme and helping facilitate ransomware attacks across the world. The defendants include Ruslan Magomedovich Astamirov, 21, of Chechen Republic, and Mikhail Vasiliev, 34, a dual Canadian and Russian national of Bradford, Ontario. Astamirov was arrested in Arizona by U.S. law

TECHZONE™ - Telegram 频道 @techzoner 的统计与分析