TECHZONE™
前往频道在 Telegram
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
显示更多593
订阅者
-124 小时
-17 天
-730 天
帖子存档
593
Generative AI Security - Secure Your Business in a World Powered by LLMs
https://thehackernews.com/2024/03/generative-ai-security-secure-your.html
Did you know that 79% of organizations are already leveraging Generative AI technologies? Much like the internet defined the 90s and the cloud revolutionized the 2010s, we are now in the era of Large Language Models (LLMs) and Generative AI.
The potential of Generative AI is immense, yet it brings significant challenges, especially in security integration. Despite their powerful capabilities,
593
TeamCity Flaw Leads to Surge in Ransomware, Cryptomining, and RAT Attacks
https://thehackernews.com/2024/03/teamcity-flaw-leads-to-surge-in.html
Multiple threat actors are exploiting the recently disclosed security flaws in JetBrains TeamCity software to deploy ransomware, cryptocurrency miners, Cobalt Strike beacons, and a Golang-based remote access trojan called Spark RAT.
The attacks entail the exploitation of CVE-2024-27198 (CVSS score: 9.8) that enables an adversary to bypass authentication measures and gain administrative
593
New BunnyLoader Malware Variant Surfaces with Modular Attack Features
https://thehackernews.com/2024/03/new-bunnyloader-malware-variant.html
Cybersecurity researchers have discovered an updated variant of a stealer and malware loader called BunnyLoader that modularizes its various functions as well as allow it to evade detection.
"BunnyLoader is dynamically developing malware with the capability to steal information, credentials and cryptocurrency, as well as deliver additional malware to its victims," Palo Alto Networks
593
A prescription for privacy protection: Exercise caution when using a mobile health app
https://www.welivesecurity.com/en/privacy/prescription-privacy-protection-exercise-caution-mobile-health-app/
Given the unhealthy data-collection habits of some mHealth apps, you’re well advised to tread carefully when choosing with whom you share some of your most sensitive data
593
Ukraine Arrests Trio for Hijacking Over 100 Million Email and Instagram Accounts
https://thehackernews.com/2024/03/ukraine-arrests-trio-for-hijacking-over.html
The Cyber Police of Ukraine has arrested three individuals on suspicion of hijacking more than 100 million emails and Instagram accounts from users across the world.
The suspects, aged between 20 and 40, are said to be part of an organized criminal group living in different parts of the country. If convicted, they face up to 15 years in prison.
The accounts, authorities said, were
593
U.S. EPA Forms Task Force to Protect Water Systems from Cyberattacks
https://thehackernews.com/2024/03/us-epa-forms-task-force-to-protect.html
The U.S. Environmental Protection Agency (EPA) said it's forming a new "Water Sector Cybersecurity Task Force" to devise methods to counter the threats faced by the water sector in the country.
"In addition to considering the prevalent vulnerabilities of water systems to cyberattacks and the challenges experienced by some systems in adopting best practices, this Task Force in its deliberations
593
APIs Drive the Majority of Internet Traffic and Cybercriminals are Taking Advantage
https://thehackernews.com/2024/03/apis-drive-majority-of-internet-traffic.html
Application programming interfaces (APIs) are the connective tissue behind digital modernization, helping applications and databases exchange data more effectively. The State of API Security in 2024 Report from Imperva, a Thales company, found that the majority of internet traffic (71%) in 2023 was API calls. What’s more, a typical enterprise site saw an average of 1.5 billion API
593
From Deepfakes to Malware: AI's Expanding Role in Cyber Attacks
https://thehackernews.com/2024/03/from-deepfakes-to-malware-ais-expanding.html
Large language models (LLMs) powering artificial intelligence (AI) tools today could be exploited to develop self-augmenting malware capable of bypassing YARA rules.
"Generative AI can be used to evade string-based YARA rules by augmenting the source code of small malware variants, effectively lowering detection rates," Recorded Future said in a new report shared with The Hacker News.
593
Crafting and Communicating Your Cybersecurity Strategy for Board Buy-In
https://thehackernews.com/2024/03/crafting-and-communicating-your.html
In an era where digital transformation drives business across sectors, cybersecurity has transcended its traditional operational role to become a cornerstone of corporate strategy and risk management. This evolution demands a shift in how cybersecurity leaders—particularly Chief Information Security Officers (CISOs)—articulate the value and urgency of cybersecurity investments to their boards.&
593
Hackers Exploiting Popular Document Publishing Sites for Phishing Attacks
https://thehackernews.com/2024/03/hackers-exploiting-popular-document.html
Threat actors are leveraging digital document publishing (DDP) sites hosted on platforms like FlipSnack, Issuu, Marq, Publuu, RelayTo, and Simplebooklet for carrying out phishing, credential harvesting, and session token theft, once again underscoring how threat actors are repurposing legitimate services for malicious ends.
"Hosting phishing lures on DDP sites increases the likelihood
593
Suspected Russian Data-Wiping 'AcidPour' Malware Targeting Linux x86 Devices
https://thehackernews.com/2024/03/suspected-russian-data-wiping-acidpour.html
A new variant of a data wiping malware called AcidRain has been detected in the wild that's specifically designed for targeting Linux x86 devices.
The malware, dubbed AcidPour, is compiled for Linux x86 devices, SentinelOne's Juan Andres Guerrero-Saade said in a series of posts on X.
"The new variant [...] is an ELF binary compiled for x86 (not MIPS) and while it refers to similar devices/
593
New Phishing Attack Uses Clever Microsoft Office Trick to Deploy NetSupport RAT
https://thehackernews.com/2024/03/new-phishing-attack-uses-clever.html
A new phishing campaign is targeting U.S. organizations with the intent to deploy a remote access trojan called NetSupport RAT.
Israeli cybersecurity company Perception Point is tracking the activity under the moniker Operation PhantomBlu.
"The PhantomBlu operation introduces a nuanced exploitation method, diverging from NetSupport RAT’s typical delivery mechanism by leveraging OLE (Object
593
E-Root Marketplace Admin Sentenced to 42 Months for Selling 350K Stolen Credentials
https://thehackernews.com/2024/03/e-root-marketplace-admin-sentenced-to.html
A 31-year-old Moldovan national has been sentenced to 42 months in prison in the U.S. for operating an illicit marketplace called E-Root Marketplace that offered for sale hundreds of thousands of compromised credentials, the Department of Justice (DoJ) announced.
Sandu Boris Diaconu was charged with conspiracy to commit access device and computer fraud and possession of 15 or more unauthorized
593
New DEEP#GOSU Malware Campaign Targets Windows Users with Advanced Tactics
https://thehackernews.com/2024/03/new-deepgosu-malware-campaign-targets.html
A new elaborate attack campaign has been observed employing PowerShell and VBScript malware to infect Windows systems and harvest sensitive information.
Cybersecurity company Securonix, which dubbed the campaign DEEP#GOSU, said it's likely associated with the North Korean state-sponsored group tracked as Kimsuky.
"The malware payloads used in the DEEP#GOSU represent a
593
Fortra Patches Critical RCE Vulnerability in FileCatalyst Transfer Tool
https://thehackernews.com/2024/03/fortra-patches-critical-rce.html
Fortra has released details of a now-patched critical security flaw impacting its FileCatalyst file transfer solution that could allow unauthenticated attackers to gain remote code execution on susceptible servers.
Tracked as CVE-2024-25153, the shortcoming carries a CVSS score of 9.8 out of a maximum of 10.
"A directory traversal within the 'ftpservlet' of the FileCatalyst Workflow
593
Hackers Using Sneaky HTML Smuggling to Deliver Malware via Fake Google Sites
https://thehackernews.com/2024/03/hackers-using-sneaky-html-smuggling-to.html
Cybersecurity researchers have discovered a new malware campaign that leverages bogus Google Sites pages and HTML smuggling to distribute a commercial malware called AZORult in order to facilitate information theft.
"It uses an unorthodox HTML smuggling technique where the malicious payload is embedded in a separate JSON file hosted on an external website," Netskope Threat Labs
593
WordPress Admins Urged to Remove miniOrange Plugins Due to Critical Flaw
https://thehackernews.com/2024/03/wordpress-admins-urged-to-remove.html
WordPress users of miniOrange's Malware Scanner and Web Application Firewall plugins are being urged to delete them from their websites following the discovery of a critical security flaw.
The flaw, tracked as CVE-2024-2172, is rated 9.8 out of a maximum of 10 on the CVSS scoring system. It impacts the following versions of the two plugins -
Malware Scanner (versions <= 4.7.2)
Web
593
APT28 Hacker Group Targeting Europe, Americas, Asia in Widespread Phishing Scheme
https://thehackernews.com/2024/03/apt28-hacker-group-targeting-europe.html
The Russia-linked threat actor known as APT28 has been linked to multiple ongoing phishing campaigns that employ lure documents imitating government and non-governmental organizations (NGOs) in Europe, the South Caucasus, Central Asia, and North and South America.
"The uncovered lures include a mixture of internal and publicly available documents, as well as possible actor-generated
593
Healthcare still a prime target for cybercrime gangs – Week in security with Tony Anscombe
https://www.welivesecurity.com/en/videos/healthcare-target-cybercrime-week-security-tony-anscombe/
Healthcare organizations remain firmly in attackers' crosshairs, representing 20 percent of all victims of ransomware attacks among critical infrastructure entities in the US in 2023
593
Hackers Using Cracked Software on GitHub to Spread RisePro Info Stealer
https://thehackernews.com/2024/03/hackers-using-cracked-software-on.html
Cybersecurity researchers have found a number of GitHub repositories offering cracked software that are used to deliver an information stealer called RisePro.
The campaign, codenamed gitgub, includes 17 repositories associated with 11 different accounts, according to G DATA. The repositories in question have since been taken down by the Microsoft-owned subsidiary.
"The repositories look
