ch
Feedback
TECHZONE™

TECHZONE™

前往频道在 Telegram

TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news

显示更多
595
订阅者
无数据24 小时
无数据7
-730
帖子存档
New Snake Keylogger Variant Leverages AutoIt Scripting to Evade Detection https://thehackernews.com/2025/02/new-snake-keylogger-variant-leverages.html A new variant of the Snake Keylogger malware is being used to actively target Windows users located in China, Turkey, Indonesia, Taiwan, and Spain. Fortinet FortiGuard Labs said the new version of the malware has been behind over 280 million blocked infection attempts worldwide since the start of the year. "Typically delivered through phishing emails containing malicious attachments or links,

The Ultimate MSP Guide to Structuring and Selling vCISO Services https://thehackernews.com/2025/02/the-ultimate-msp-guide-to-structuring.html The growing demand for cybersecurity and compliance services presents a great opportunity for Managed Service Providers (MSPs) and Managed Security Service Providers (MSSPs) to offer virtual Chief Information Security Officer (vCISO) services—delivering high-level cybersecurity leadership without the cost of a full-time hire. However, transitioning to vCISO services is not without its challenges

Trojanized Game Installers Deploy Cryptocurrency Miner in Large-Scale StaryDobry Attack https://thehackernews.com/2025/02/trojanized-game-installers-deploy.html Users who are on the lookout for popular games were lured into downloading trojanized installers that led to the deployment of a cryptocurrency miner on compromised Windows hosts. The large-scale activity has been codenamed StaryDobry by Russian cybersecurity company Kaspersky, which first detected it on December 31, 2024. It lasted for a month. Targets of the campaign include individuals and

CISA Adds Palo Alto Networks and SonicWall Flaws to Exploited Vulnerabilities List https://thehackernews.com/2025/02/cisa-adds-palo-alto-networks-and.html The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added two security flaws impacting Palo Alto Networks PAN-OS and SonicWall SonicOS SSLVPN to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The flaws are listed below - CVE-2025-0108 (CVSS score: 7.8) - An authentication bypass vulnerability in the Palo Alto Networks PAN-OS

Katharine Hayhoe: The most important climate equation | Starmus highlights https://www.welivesecurity.com/en/we-live-science/katharine-hayhoe-most-important-climate-equation-starmus-highlights/ The atmospheric scientist makes a compelling case for a head-to-heart-to-hands connection as a catalyst for climate action

Xerox Printer Vulnerabilities Enable Credential Capture https://www.darkreading.com/iot/xerox-printer-vulnerabilities-credential-capture

Microsoft: New Variant of macOS Threat XCSSET Spotted in the Wild https://www.darkreading.com/vulnerabilities-threats/microsoft-variant-macos-threat-xcsset

New OpenSSH Flaws Enable Man-in-the-Middle and DoS Attacks — Patch Now https://thehackernews.com/2025/02/new-openssh-flaws-enable-man-in-middle.html Two security vulnerabilities have been discovered in the OpenSSH secure networking utility suite that, if successfully exploited, could result in an active machine-in-the-middle (MitM) and a denial-of-service (DoS) attack, respectively, under certain conditions. The vulnerabilities, detailed by the Qualys Threat Research Unit (TRU), are listed below - CVE-2025-26465 - The OpenSSH client

Chinese Hackers Exploit MAVInject.exe to Evade Detection in Targeted Cyber Attacks https://thehackernews.com/2025/02/chinese-hackers-exploit-mavinjectexe-to.html The Chinese state-sponsored threat actor known as Mustang Panda has been observed employing a novel technique to evade detection and maintain control over infected systems. This involves the use of a legitimate Microsoft Windows utility called Microsoft Application Virtualization Injector (MAVInject.exe) to inject the threat actor's malicious payload into an external process, waitfor.exe,

New FrigidStealer Malware Targets macOS Users via Fake Browser Updates https://thehackernews.com/2025/02/new-frigidstealer-malware-targets-macos.html Cybersecurity researchers are alerting to a new campaign that leverages web injects to deliver a new Apple macOS malware known as FrigidStealer. The activity has been attributed to a previously undocumented threat actor known as TA2727, with the information stealers for other platforms such as Windows (Lumma Stealer or DeerStealer) and Android (Marcher). TA2727 is a "threat actor that uses fake

Debunking the AI Hype: Inside Real Hacker Tactics https://thehackernews.com/2025/02/debunking-ai-hype-inside-real-hacker.html Is AI really reshaping the cyber threat landscape, or is the constant drumbeat of hype drowning out actual, more tangible, real-world dangers? According to Picus Labs’ Red Report 2025 which analyzed over one million malware samples, there's been no significant surge, so far, in AI-driven attacks. Yes, adversaries are definitely continuing to innovate, and while AI will certainly start playing a

Juniper Session Smart Routers Vulnerability Could Let Attackers Bypass Authentication https://thehackernews.com/2025/02/juniper-session-smart-routers.html Juniper Networks has released security updates to address a critical security flaw impacting Session Smart Router, Session Smart Conductor, and WAN Assurance Router products that could be exploited to hijack control of susceptible devices. Tracked as CVE-2025-21589, the vulnerability carries a CVSS v3.1 score of 9.8 and a CVS v4 score of 9.3. "An Authentication Bypass Using an Alternate Path or

Winnti APT41 Targets Japanese Firms in RevivalStone Cyber Espionage Campaign https://thehackernews.com/2025/02/winnti-apt41-targets-japanese-firms-in.html The China-linked threat actor known as Winnti has been attributed to a new campaign dubbed RevivalStone that targeted Japanese companies in the manufacturing, materials, and energy sectors in March 2024. The activity, detailed by Japanese cybersecurity company LAC, overlaps with a threat cluster tracked by Trend Micro as Earth Freybug, which has been assessed to be a subset within the APT41

New Xerox Printer Flaws Could Let Attackers Capture Windows Active Directory Credentials https://thehackernews.com/2025/02/new-xerox-printer-flaws-could-let.html Security vulnerabilities have been disclosed in Xerox VersaLink C7025 Multifunction printers (MFPs) that could allow attackers to capture authentication credentials via pass-back attacks via Lightweight Directory Access Protocol (LDAP) and SMB/FTP services. "This pass-back style attack leverages a vulnerability that allows a malicious actor to alter the MFP's configuration and cause the MFP

Cybercriminals Exploit Onerror Event in Image Tags to Deploy Payment Skimmers https://thehackernews.com/2025/02/cybercriminals-exploit-onerror-event-in.html Cybersecurity researchers have flagged a credit card stealing malware campaign that has been observed targeting e-commerce sites running Magento by disguising the malicious content within image tags in HTML code in order to stay under the radar. MageCart is the name given to a malware that's capable of stealing sensitive payment information from online shopping sites. The attacks are known to