TECHZONE™
前往频道在 Telegram
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
显示更多595
订阅者
无数据24 小时
无数据7 天
-1030 天
帖子存档
595
U.S. and Allies Warn of Iranian Cyberattacks on Critical Infrastructure in Year-Long Campaign
https://thehackernews.com/2024/10/us-and-allies-warn-of-iranian.html
Cybersecurity and intelligence agencies from Australia, Canada, and the U.S. have warned about a year-long campaign undertaken by Iranian cyber actors to infiltrate critical infrastructure organizations via brute-force attacks.
"Since October 2023, Iranian actors have used brute force and password spraying to compromise user accounts and obtain access to organizations in the healthcare and
595
Beware: Fake Google Meet Pages Deliver Infostealers in Ongoing ClickFix Campaign
https://thehackernews.com/2024/10/beware-fake-google-meet-pages-deliver.html
Threat actors are leveraging fake Google Meet web pages as part of an ongoing malware campaign dubbed ClickFix to deliver infostealers targeting Windows and macOS systems.
"This tactic involves displaying fake error messages in web browsers to deceive users into copying and executing a given malicious PowerShell code, finally infecting their systems," French cybersecurity company Sekoia said in
595
Microsoft Reveals macOS Vulnerability that Bypasses Privacy Controls in Safari Browser
https://thehackernews.com/2024/10/microsoft-reveals-macos-vulnerability.html
Microsoft has disclosed details about a now-patched security flaw in Apple's Transparency, Consent, and Control (TCC) framework in macOS that has likely come under exploitation to get around a user's privacy preferences and access data.
The shortcoming, codenamed HM Surf by the tech giant, is tracked as CVE-2024-44133. It was addressed by Apple as part of macOS Sequoia 15 by removing the
595
Protecting children from grooming | Unlocked 403 cybersecurity podcast (ep. 7)
https://www.welivesecurity.com/en/videos/protecting-children-grooming-unlocked-403-cybersecurity-podcast-ep-7/
“Hey, wanna chat?” This innocent phrase can take on a sinister meaning when it comes from an adult to a child online and even be the start of a predatory relationship
595
Russian RomCom Attacks Target Ukrainian Government with New SingleCamper RAT Variant
https://thehackernews.com/2024/10/russian-romcom-attacks-target-ukrainian.html
The Russian threat actor known as RomCom has been linked to a new wave of cyber attacks aimed at Ukrainian government agencies and unknown Polish entities since at least late 2023.
The intrusions are characterized by the use of a variant of the RomCom RAT dubbed SingleCamper (aka SnipBot or RomCom 5.0), said Cisco Talos, which is monitoring the activity cluster under the moniker UAT-5647.
"This
595
Researchers Uncover Cicada3301 Ransomware Operations and Its Affiliate Program
https://thehackernews.com/2024/10/cross-platform-cicada3301-ransomware.html
Cybersecurity researchers have gleaned additional insights into a nascent ransomware-as-a-service (RaaS) called Cicada3301 after successfully gaining access to the group's affiliate panel on the dark web.
Singapore-headquartered Group-IB said it contacted the threat actor behind the Cicada3301 persona on the RAMP cybercrime forum via the Tox messaging service after the latter put out an
595
SideWinder APT Strikes Middle East and Africa With Stealthy Multi-Stage Attack
https://thehackernews.com/2024/10/sidewinder-apt-strikes-middle-east-and.html
An advanced persistent threat (APT) actor with suspected ties to India has sprung forth with a flurry of attacks against high-profile entities and strategic infrastructures in the Middle East and Africa.
The activity has been attributed to a group tracked as SideWinder, which is also known as APT-C-17, Baby Elephant, Hardcore Nationalist, Leafperforator, Rattlesnake, Razor Tiger, and T-APT-04.
"
595
U.S. Charges Two Sudanese Brothers for Record 35,000 DDoS Attacks
https://thehackernews.com/2024/10/us-charges-two-sudanese-brothers-for.html
Federal prosecutors in the U.S. have charged two Sudanese brothers with running a distributed denial-of-service (DDoS) botnet for hire that conducted a record 35,000 DDoS attacks in a single year, including those that targeted Microsoft's services in June 2023.
The attacks, which were facilitated by Anonymous Sudan's "powerful DDoS tool," singled out critical infrastructure, corporate networks,
595
Critical Kubernetes Image Builder Vulnerability Exposes Nodes to Root Access Risk
https://thehackernews.com/2024/10/critical-kubernetes-image-builder.html
A critical security flaw has been disclosed in the Kubernetes Image Builder that, if successfully exploited, could be abused to gain root access under certain circumstances.
The vulnerability, tracked as CVE-2024-9486 (CVSS score: 9.8), has been addressed in version 0.1.38. The project maintainers acknowledged Nicolai Rybnikar for discovering and reporting the vulnerability.
"A security issue
595
Hackers Abuse EDRSilencer Tool to Bypass Security and Hide Malicious Activity
https://thehackernews.com/2024/10/hackers-abuse-edrsilencer-tool-to.html
Threat actors are attempting to abuse the open-source EDRSilencer tool as part of efforts to tamper endpoint detection and response (EDR) solutions and hide malicious activity.
Trend Micro said it detected "threat actors attempting to integrate EDRSilencer in their attacks, repurposing it as a means of evading detection."
EDRSilencer, inspired by the NightHawk FireBlock tool from MDSec, is
595
FIDO Alliance Drafts New Protocol to Simplify Passkey Transfers Across Different Platforms
https://thehackernews.com/2024/10/fido-alliance-drafts-new-protocol-to.html
The FIDO Alliance said it's working to make passkeys and other credentials more easier to export across different providers and improve credential provider interoperability, as more than 12 billion online accounts become accessible with the passwordless sign-in method.
To that end, the alliance said it has published a draft for a new set of specifications for secure credential exchange,
595
From Misuse to Abuse: AI Risks and Attacks
https://thehackernews.com/2024/10/from-misuse-to-abuse-ai-risks-and.html
AI from the attacker’s perspective: See how cybercriminals are leveraging AI and exploiting its vulnerabilities to compromise systems, users, and even other AI applications
Cybercriminals and AI: The Reality vs. Hype
“AI will not replace humans in the near future. But humans who know how to use AI are going to replace those humans who don't know how to use AI,” says Etay Maor, Chief Security
595
North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware
https://thehackernews.com/2024/10/north-korean-scarcruft-exploits-windows.html
The North Korean threat actor known as ScarCruft has been linked to the zero-day exploitation of a now-patched security flaw in Windows to infect devices with malware known as RokRAT.
The vulnerability in question is CVE-2024-38178 (CVSS score: 7.5), a memory corruption bug in the Scripting Engine that could result in remote code execution when using the Edge browser in Internet Explorer Mode.
595
5 Techniques for Collecting Cyber Threat Intelligence
https://thehackernews.com/2024/10/5-techniques-for-collecting-cyber.html
To defend your organization against cyber threats, you need a clear picture of the current threat landscape. This means constantly expanding your knowledge about new and ongoing threats.
There are many techniques analysts can use to collect crucial cyber threat intelligence. Let’s consider five that can greatly improve your threat investigations.
Pivoting on С2 IP addresses to pinpoint malware
595
Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack
https://thehackernews.com/2024/10/astaroth-banking-malware-resurfaces-in.html
A new spear-phishing campaign targeting Brazil has been found delivering a banking malware called Astaroth (aka Guildma) by making use of obfuscated JavaScript to slip past security guardrails.
"The spear-phishing campaign's impact has targeted various industries, with manufacturing companies, retail firms, and government agencies being the most affected," Trend Micro said in a new analysis.
"
595
Quishing attacks are targeting electric car owners: Here’s how to slam on the brakes
https://www.welivesecurity.com/en/scams/quishing-attacks-targeting-electric-car-owners-slam-on-brakes/
Ever alert to fresh money-making opportunities, fraudsters are blending physical and digital threats to steal drivers’ payment details
595
GitHub Patches Critical Flaw in Enterprise Server Allowing Unauthorized Instance Access
https://thehackernews.com/2024/10/github-patches-critical-flaw-in.html
GitHub has released security updates for Enterprise Server (GHES) to address multiple issues, including a critical bug that could allow unauthorized access to an instance.
The vulnerability, tracked as CVE-2024-9487, carries a CVS score of 9.5 out of a maximum of 10.0
"An attacker could bypass SAML single sign-on (SSO) authentication with the optional encrypted assertions feature, allowing
595
CISA Warns of Active Exploitation in SolarWinds Help Desk Software Vulnerability
https://thehackernews.com/2024/10/cisa-warns-of-active-exploitation-in.html
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting SolarWinds Web Help Desk (WHD) software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
Tracked as CVE-2024-28987 (CVSS score: 9.1), the vulnerability relates to a case of hard-coded credentials that could be abused to gain
595
Aspiring digital defender? Explore cybersecurity internships, scholarships and apprenticeships
https://www.welivesecurity.com/en/cybersecurity/aspiring-digital-defender-explore-cybersecurity-internships-scholarships-apprenticeships/
The world needs more cybersecurity professionals – here are three great ways to give you an ‘in’ to the ever-growing and rewarding security industry
595
TrickMo Banking Trojan Can Now Capture Android PINs and Unlock Patterns
https://thehackernews.com/2024/10/trickmo-banking-trojan-can-now-capture.html
New variants of an Android banking trojan called TrickMo have been found to harbor previously undocumented features to steal a device's unlock pattern or PIN.
"This new addition enables the threat actor to operate on the device even while it is locked," Zimperium security researcher Aazim Yaswant said in an analysis published last week.
First spotted in the wild in 2019, TrickMo is so named for
现已上线!2025 年 Telegram 研究 — 年度关键洞察 
