ch
Feedback
TECHZONE™

TECHZONE™

前往频道在 Telegram

TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news

显示更多
595
订阅者
无数据24 小时
无数据7
-1030
帖子存档
EPSS vs. CVSS: What’s the Best Approach to Vulnerability Prioritization? https://thehackernews.com/2024/09/epss-vs-cvss-whats-best-approach-to.html Many businesses rely on the Common Vulnerability Scoring System (CVSS) to assess the severity of vulnerabilities for prioritization. While these scores provide some insight into the potential impact of a vulnerability, they don’t factor in real-world threat data, such as the likelihood of exploitation. With new vulnerabilities discovered daily, teams don’t have the time - or the budget - to

Watering Hole Attack on Kurdish Sites Distributing Malicious APKs and Spyware https://thehackernews.com/2024/09/watering-hole-attack-on-kurdish-sites.html As many as 25 websites linked to the Kurdish minority have been compromised as part of a watering hole attack designed to harvest sensitive information for over a year and a half. French cybersecurity firm Sekoia, which disclosed details of the campaign dubbed SilentSelfie, described the intrusion set as long-running, with first signs of infection detected as far back as December 2022. The

Cloudflare Warns of India-Linked Hackers Targeting South and East Asian Entities https://thehackernews.com/2024/09/cloudflare-warns-of-india-linked.html An advanced threat actor with an India nexus has been observed using multiple cloud service providers to facilitate credential harvesting, malware delivery, and command-and-control (C2). Web infrastructure and security company Cloudflare is tracking the activity under the name SloppyLemming, which is also called Outrider Tiger and Fishing Elephant. "Between late 2022 to present, SloppyLemming

Chinese Hackers Infiltrate U.S. Internet Providers in Cyber Espionage Campaign https://thehackernews.com/2024/09/chinese-hackers-infiltrate-us-internet.html Nation-state threat actors backed by Beijing broke into a "handful" of U.S. internet service providers (ISPs) as part of a cyber espionage campaign orchestrated to glean sensitive information, The Wall Street Journal reported Wednesday. The activity has been attributed to a threat actor that Microsoft tracks as Salt Typhoon, which is also known as FamousSparrow and GhostEmperor. "Investigators

Google's Shift to Rust Programming Cuts Android Memory Vulnerabilities by 52% https://thehackernews.com/2024/09/googles-shift-to-rust-programming-cuts.html Google has revealed that its transition to memory-safe languages such as Rust as part of its secure-by-design approach has led to the percentage of memory-safe vulnerabilities discovered in Android dropping from 76% to 24% over a period of six years. The tech giant said focusing on Safe Coding for new features not only reduces the overall security risk of a codebase, but also makes the switch

Mozilla Faces Privacy Complaint for Enabling Tracking in Firefox Without User Consent https://thehackernews.com/2024/09/mozilla-faces-privacy-complaint-for.html Vienna-based privacy non-profit noyb (short for None Of Your Business) has filed a complaint with the Austrian data protection authority (DPA) against Firefox maker Mozilla for enabling a new feature called Privacy Preserving Attribution (PPA) without explicitly seeking users' consent. "Contrary to its reassuring name, this technology allows Firefox to track user behavior on websites," noyb said

Cybersecurity Researchers Warn of New Rust-Based Splinter Post-Exploitation Tool https://thehackernews.com/2024/09/cybersecurity-researchers-warn-of-new.html Cybersecurity researchers have flagged the discovery of a new post-exploitation red team tool called Splinter in the wild. Palo Alto Networks Unit 42 shared its findings after it discovered the program on several customers' systems. "It has a standard set of features commonly found in penetration testing tools and its developer created it using the Rust programming language," Unit 42's Dominik

Time to engage: How parents can help keep their children safe on Snapchat https://www.welivesecurity.com/en/kids-online/time-engage-how-parents-help-keep-children-safe-snapchat/ Here’s what parents should know about Snapchat and why you should take some time to ensure your children can stay safe when using the app

ChatGPT macOS Flaw Could've Enabled Long-Term Spyware via Memory Function https://thehackernews.com/2024/09/chatgpt-macos-flaw-couldve-enabled-long.html A now-patched security vulnerability in OpenAI's ChatGPT app for macOS could have made it possible for attackers to plant long-term persistent spyware into the artificial intelligence (AI) tool's memory. The technique, dubbed SpAIware, could be abused to facilitate "continuous data exfiltration of any information the user typed or responses received by ChatGPT, including any future chat sessions

Transportation Companies Hit by Cyberattacks Using Lumma Stealer and NetSupport Malware https://thehackernews.com/2024/09/transportation-companies-hit-by.html Transportation and logistics companies in North America are the target of a new phishing campaign that delivers a variety of information stealers and remote access trojans (RATs). The activity cluster, per Proofpoint, makes use of compromised legitimate email accounts belonging to transportation and shipping companies so as to inject malicious content into existing email conversations. As many

CISA Flags Critical Ivanti vTM Vulnerability Amid Active Exploitation Concerns https://thehackernews.com/2024/09/cisa-flags-critical-ivanti-vtm.html The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting Ivanti Virtual Traffic Manager (vTM) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability in question is CVE-2024-7593 (CVSS score: 9.8), which could be exploited by a remote unauthenticated attacker to bypass the

Necro Android Malware Found in Popular Camera and Browser Apps on Play Store https://thehackernews.com/2024/09/necro-android-malware-found-in-popular.html Altered versions of legitimate Android apps associated with Spotify, WhatsApp, and Minecraft have been used to deliver a new version of a known malware loader called Necro. Kaspersky said some of the malicious apps have also been found on the Google Play Store. They have been cumulatively downloaded 11 million times. They include - Wuta Camera - Nice Shot Always (com.benqu.wuta) - 10+ million

Telegram Agrees to Share User Data With Authorities for Criminal Investigations https://thehackernews.com/2024/09/telegram-agrees-to-share-user-data-with.html In a major policy reversal, the popular messaging app Telegram has announced it will give users' IP addresses and phone numbers to authorities in response to valid legal requests in an attempt to rein in criminal activity on the platform. "We've made it clear that the IP addresses and phone numbers of those who violate our rules can be disclosed to relevant authorities in response to valid legal

THN Cybersecurity Recap: Last Week's Top Threats and Trends (September 16-22) https://thehackernews.com/2024/09/thn-cybersecurity-recap-last-weeks-top.html Hold on tight, folks, because last week's cybersecurity landscape was a rollercoaster! We witnessed everything from North Korean hackers dangling "dream jobs" to expose a new malware, to a surprising twist in the Apple vs. NSO Group saga. Even the seemingly mundane world of domain names and cloud configurations had its share of drama. Let's dive into the details and see what lessons we can glean

Why 'Never Expire' Passwords Can Be a Risky Decision https://thehackernews.com/2024/09/why-never-expire-passwords-can-be-risky.html Password resets can be frustrating for end users. Nobody likes being interrupted by the ‘time to change your password’ notification – and they like it even less when the new passwords they create are rejected by their organization’s password policy. IT teams share the pain, with resetting passwords via service desk tickets and support calls being an everyday burden. Despite this, it’s commonly

Critical Flaw in Microchip ASF Exposes IoT Devices to Remote Code Execution Risk https://thehackernews.com/2024/09/critical-flaw-in-microchip-asf-exposes.html A critical security flaw has been disclosed in the Microchip Advanced Software Framework (ASF) that, if successfully exploited, could lead to remote code execution. The vulnerability, tracked as CVE-2024-7490, carries a CVSS score of 9.5 out of a maximum of 10.0. It has been described as a stack-based overflow vulnerability in ASF's implementation of the tinydhcp server stemming from a lack of

Discord Introduces DAVE Protocol for End-to-End Encryption in Audio and Video Calls https://thehackernews.com/2024/09/discord-introduces-dave-protocol-for.html Popular social messaging platform Discord has announced that it's rolling out a new custom end-to-end encrypted (E2EE) protocol to secure audio and video calls. The protocol has been dubbed DAVE, short for Discord's audio and video end-to-end encryption ("E2EE A/V"). As part of the change introduced last week, voice and video in DMs, Group DMs, voice channels, and Go Live streams are expected to

New PondRAT Malware Hidden in Python Packages Targets Software Developers https://thehackernews.com/2024/09/new-pondrat-malware-hidden-in-python.html Threat actors with ties to North Korea have been observed using poisoned Python packages as a way to deliver a new malware called PondRAT as part of an ongoing campaign. PondRAT, according to new findings from Palo Alto Networks Unit 42, is assessed to be a lighter version of POOLRAT (aka SIMPLESEA), a known macOS backdoor that has been previously attributed to the Lazarus Group and deployed in

Chinese Hackers Exploit GeoServer Flaw to Target APAC Nations with EAGLEDOOR Malware https://thehackernews.com/2024/09/chinese-hackers-exploit-geoserver-flaw.html A suspected advanced persistent threat (APT) originating from China targeted a government organization in Taiwan, and possibly other countries in the Asia-Pacific (APAC) region, by exploiting a recently patched critical security flaw impacting OSGeo GeoServer GeoTools. The intrusion activity, which was detected by Trend Micro in July 2024, has been attributed to a threat actor dubbed Earth Baxia

FBI, CISA warning over false claims of hacked voter data – Week in security with Tony Anscombe https://www.welivesecurity.com/en/videos/false-claims-hacked-voter-data-week-security-tony-anscombe/ With just weeks to go before the US presidential election, the FBI and the CISA are warning about attempts to sow distrust in the electoral process