ch
Feedback
TECHZONE™

TECHZONE™

前往频道在 Telegram

TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news

显示更多
595
订阅者
无数据24 小时
-17
-1030
帖子存档
Secret Blizzard Deploys Kazuar Backdoor in Ukraine Using Amadey Malware-as-a-Service https://thehackernews.com/2024/12/secret-blizzard-deploys-kazuar-backdoor.html The Russian nation-state actor tracked as Secret Blizzard has been observed leveraging malware associated with other threat actors to deploy a known backdoor called Kazuar on target devices located in Ukraine. The new findings come from the Microsoft threat intelligence team, which said it observed the adversary leveraging the Amadey bot malware to download custom malware onto "specifically

Researchers Uncover Espionage Tactics of China-Based APT Groups in Southeast Asia https://thehackernews.com/2024/12/researchers-uncover-espionage-tactics.html A suspected China-based threat actor has been linked to a series of cyber attacks targeting high-profile organizations in Southeast Asia since at least October 2023. The espionage campaign targeted organizations in various sectors spanning government ministries in two different countries, an air traffic control organization, a telecoms company, and a media outlet, the Symantec Threat Hunter Team

Microsoft Fixes 72 Flaws, Including Patch for Actively Exploited CLFS Vulnerability https://thehackernews.com/2024/12/microsoft-fixes-72-flaws-including.html Microsoft closed out its Patch Tuesday updates for 2024 with fixes for a total of 72 security flaws spanning its software portfolio, including one that it said has been exploited in the wild. Of the 72 flaws, 17 are rated Critical, 54 are rated Important, and one is rated Moderate in severity. Thirty-one of the vulnerabilities are remote code execution flaws, and 27 of them allow for the

U.S. Charges Chinese Hacker for Exploiting Zero-Day in 81,000 Sophos Firewalls https://thehackernews.com/2024/12/us-charges-chinese-hacker-for.html The U.S. government on Tuesday unsealed charges against a Chinese national for allegedly breaking into thousands of Sophos firewall devices globally in 2020. Guan Tianfeng (aka gbigmao and gxiaomao), who is said to have worked at Sichuan Silence Information Technology Company, Limited, has been charged with conspiracy to commit computer fraud and conspiracy to commit wire fraud. Guan has been

Ivanti Issues Critical Security Updates for CSA and Connect Secure Vulnerabilities https://thehackernews.com/2024/12/ivanti-issues-critical-security-updates.html Ivanti has released security updates to address multiple critical flaws in its Cloud Services Application (CSA) and Connect Secure products that could lead to privilege escalation and code execution. The list of vulnerabilities is as follows - CVE-2024-11639 (CVSS score: 10.0) - An authentication bypass vulnerability in the admin web console of Ivanti CSA before 5.0.3 that allows a remote

Cleo File Transfer Vulnerability Under Exploitation – Patch Pending, Mitigation Urged https://thehackernews.com/2024/12/cleo-file-transfer-vulnerability-under.html Users of Cleo-managed file transfer software are being urged to ensure that their instances are not exposed to the internet following reports of mass exploitation of a vulnerability affecting fully patched systems. Cybersecurity company Huntress said it discovered evidence of threat actors exploiting the issue en masse on December 3, 2024. The vulnerability, which impacts Cleo's LexiCom,

Fake Recruiters Distribute Banking Trojan via Malicious Apps in Phishing Scam https://thehackernews.com/2024/12/fake-recruiters-distribute-banking.html Cybersecurity researchers have shed light on a sophisticated mobile phishing (aka mishing) campaign that's designed to distribute an updated version of the Antidot banking trojan. "The attackers presented themselves as recruiters, luring unsuspecting victims with job offers," Zimperium zLabs Vishnu Pratapagiri researcher said in a new report. "As part of their fraudulent hiring process, the

The Future of Network Security: Automated Internal and External Pentesting https://thehackernews.com/2024/12/the-future-of-network-security.html In today’s rapidly evolving threat landscape, safeguarding your organization against cyberattacks is more critical than ever. Traditional penetration testing (pentesting), while effective, often falls short due to its high costs, resource requirements, and infrequent implementation. Automated internal and external network pentesting is a game-changing solution, empowering organizations to stay

Phone Phishing Gang Busted: Eight Arrested in Belgium and Netherlands https://thehackernews.com/2024/12/phone-phishing-gang-busted-eight.html Belgian and Dutch authorities have arrested eight suspects in connection with a "phone phishing" gang that primarily operated out of the Netherlands with an aim to steal victims' financial data and funds. As part of the international operation, law enforcement agencies carried out 17 searches in different locations in Belgium and the Netherlands, Europol said. In addition, large amounts of cash,

Hackers Weaponize Visual Studio Code Remote Tunnels for Cyber Espionage https://thehackernews.com/2024/12/hackers-weaponize-visual-studio-code.html A suspected China-nexus cyber espionage group has been attributed to an attacks targeting large business-to-business IT service providers in Southern Europe as part of a campaign codenamed Operation Digital Eye. The intrusions took place from late June to mid-July 2024, cybersecurity companies SentinelOne SentinelLabs and Tinexta Cyber said in a joint report shared with The Hacker News, adding

Ongoing Phishing and Malware Campaigns in December 2024 https://thehackernews.com/2024/12/ongoing-phishing-and-malware-campaigns.html Cyber attackers never stop inventing new ways to compromise their targets. That's why organizations must stay updated on the latest threats.  Here's a quick rundown of the current malware and phishing attacks you need to know about to safeguard your infrastructure before they reach you. Zero-day Attack: Corrupted Malicious Files Evade Detection by Most Security Systems  The analyst

CERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security Force https://thehackernews.com/2024/12/cert-ua-warns-of-phishing-attacks.html The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new set of cyber attacks that it said were aimed at defense companies in the country as well as its security and defense forces. The phishing attacks have been attributed to a Russia-linked threat actor called UAC-0185 (aka UNC4221), which has been active since at least 2022. "The phishing emails mimicked official messages

Black Basta Ransomware Evolves with Email Bombing, QR Codes, and Social Engineering https://thehackernews.com/2024/12/black-basta-ransomware-evolves-with.html The threat actors linked to the Black Basta ransomware have been observed switching up their social engineering tactics, distributing a different set of payloads such as Zbot and DarkGate since early October 2024. "Users within the target environment will be email bombed by the threat actor, which is often achieved by signing up the user's email to numerous mailing lists simultaneously," Rapid7

⚡ THN Recap: Top Cybersecurity Threats, Tools and Tips (Dec 2 - 8) https://thehackernews.com/2024/12/thn-recap-top-cybersecurity-threats_9.html This week’s cyber world is like a big spy movie. Hackers are breaking into other hackers’ setups, sneaky malware is hiding in popular software, and AI-powered scams are tricking even the smartest of us. On the other side, the good guys are busting secret online markets and kicking out shady chat rooms, while big companies rush to fix new security holes before attackers can jump in. Want to

Researchers Uncover Prompt Injection Vulnerabilities in DeepSeek and Claude AI https://thehackernews.com/2024/12/researchers-uncover-prompt-injection.html Details have emerged about a now-patched security flaw in the DeepSeek artificial intelligence (AI) chatbot that, if successfully exploited, could permit a bad actor to take control of a victim's account by means of a prompt injection attack. Security researcher Johann Rehberger, who has chronicled many a prompt injection attack targeting various AI tools, found that providing the input "Print

Seven Bolt-Ons to Make Your Entra ID More Secure for Critical Sessions https://thehackernews.com/2024/12/seven-bolt-ons-to-make-your-entra-id.html Identity security is all the rage right now, and rightfully so. Securing identities that access an organization’s resources is a sound security model. But IDs have their limits, and there are many use cases when a business should add other layers of security to a strong identity. And this is what we at SSH Communications Security want to talk about today. Let’s look at seven ways to add

Socks5Systemz Botnet Powers Illegal Proxy Service with 85,000+ Hacked Devices https://thehackernews.com/2024/12/socks5systemz-botnet-powers-illegal.html A malicious botnet called Socks5Systemz is powering a proxy service called PROXY.AM, according to new findings from Bitsight. "Proxy malware and services enable other types of criminal activity adding uncontrolled layers of anonymity to the threat actors, so they can perform all kinds of malicious activity using chains of victim systems," the company's security research team said in an analysis

Ultralytics AI Library Compromised: Cryptocurrency Miner Found in PyPI Versions https://thehackernews.com/2024/12/ultralytics-ai-library-compromised.html In yet another software supply chain attack, it has come to light that two versions of a popular Python artificial intelligence (AI) library named ultralytics were compromised to deliver a cryptocurrency miner. The versions, 8.3.41 and 8.3.42, have since been removed from the Python Package Index (PyPI) repository. A subsequently released version has introduced a security fix that "ensures

Learn How Experts Secure Privileged Accounts—Proven PAS Strategies Webinar https://thehackernews.com/2024/12/learn-how-experts-secure-privileged.html Cybercriminals know that privileged accounts are the keys to your kingdom. One compromised account can lead to stolen data, disrupted operations, and massive business losses. Even top organizations struggle to secure privileged accounts. Why? Traditional Privileged Access Management (PAM) solutions often fall short, leaving: Blind spots that limit full visibility. Complex deployment processes.

Hackers Using Fake Video Conferencing Apps to Steal Web3 Professionals' Data https://thehackernews.com/2024/12/hackers-using-fake-video-conferencing.html Cybersecurity researchers have warned of a new scam campaign that leverages fake video conferencing apps to deliver an information stealer called Realst targeting people working in Web3 under the guise of fake business meetings. "The threat actors behind the malware have set up fake companies using AI to make them increase legitimacy," Cado Security researcher Tara Gould said. "The company