TECHZONE™
前往频道在 Telegram
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
显示更多595
订阅者
无数据24 小时
无数据7 天
-730 天
帖子存档
594
AI in HR: Is artificial intelligence changing how we hire employees forever?
https://www.welivesecurity.com/en/we-live-progress/ai-hr-artificial-intelligence-changing-hire-employees-forever/
Much digital ink has been spilled on artificial intelligence taking over jobs, but what about AI shaking up the hiring process in the meantime?
594
CISA Alerts Federal Agencies to Patch Actively Exploited Linux Kernel Flaw
https://thehackernews.com/2024/05/cisa-alerts-federal-agencies-to-patch.html
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a security flaw impacting the Linux kernel to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
Tracked as CVE-2024-1086 (CVSS score: 7.8), the high-severity issue relates to a use-after-free bug in the netfilter component that permits a local attacker to elevate privileges
594
FlyingYeti Exploits WinRAR Vulnerability to Deliver COOKBOX Malware in Ukraine
https://thehackernews.com/2024/05/flyingyeti-exploits-winrar.html
Cloudflare on Thursday said it took steps to disrupt a month-long phishing campaign orchestrated by a Russia-aligned threat actor called FlyingYeti targeting Ukraine.
"The FlyingYeti campaign capitalized on anxiety over the potential loss of access to housing and utilities by enticing targets to open malicious files via debt-themed lures," Cloudflare's threat intelligence team Cloudforce One
594
Cyber Espionage Alert: LilacSquid Targets IT, Energy, and Pharma Sectors
https://thehackernews.com/2024/05/cyber-espionage-alert-lilacsquid.html
A previously undocumented cyber espionage-focused threat actor named LilacSquid has been linked to targeted attacks spanning various sectors in the United States (U.S.), Europe, and Asia as part of a data theft campaign since at least 2021.
"The campaign is geared toward establishing long-term access to compromised victim organizations to enable LilacSquid to siphon data of interest to
594
RedTail Crypto-Mining Malware Exploiting Palo Alto Networks Firewall Vulnerability
https://thehackernews.com/2024/05/redtail-crypto-mining-malware.html
The threat actors behind the RedTail cryptocurrency mining malware have added a recently disclosed security flaw impacting Palo Alto Networks firewalls to its exploit arsenal.
The addition of the PAN-OS vulnerability to its toolkit has been complemented by updates to the malware, which now incorporates new anti-analysis techniques, according to findings from web infrastructure and security
594
Researchers Uncover Active Exploitation of WordPress Plugin Vulnerabilities
https://thehackernews.com/2024/05/researchers-uncover-active-exploitation.html
Cybersecurity researchers have warned that multiple high-severity security vulnerabilities in WordPress plugins are being actively exploited by threat actors to create rogue administrator accounts for follow-on exploitation.
"These vulnerabilities are found in various WordPress plugins and are prone to unauthenticated stored cross-site scripting (XSS) attacks due to inadequate input sanitization
594
How to Build Your Autonomous SOC Strategy
https://thehackernews.com/2024/05/how-to-build-your-autonomous-soc.html
Security leaders are in a tricky position trying to discern how much new AI-driven cybersecurity tools could actually benefit a security operations center (SOC). The hype about generative AI is still everywhere, but security teams have to live in reality. They face constantly incoming alerts from endpoint security platforms, SIEM tools, and phishing emails reported by internal users. Security
594
Europol Shuts Down 100+ Servers Linked to IcedID, TrickBot, and Other Malware
https://thehackernews.com/2024/05/europol-dismantles-100-servers-linked.html
Europol on Thursday said it shut down the infrastructure associated with several malware loader operations such as IcedID, SystemBC, PikaBot, SmokeLoader, Bumblebee, and TrickBot as part of a coordinated law enforcement effort codenamed Operation Endgame.
"The actions focused on disrupting criminal services through arresting High Value Targets, taking down the criminal infrastructures and
594
U.S. Dismantles World's Largest 911 S5 Botnet, with 19 Million Infected Devices
https://thehackernews.com/2024/05/us-dismantles-worlds-largest-911-s5.html
The U.S. Department of Justice (DoJ) on Wednesday said it dismantled what it described as "likely the world's largest botnet ever," which consisted of an army of 19 million infected devices that was leased to other threat actors to commit a wide array of offenses.
The botnet, which has a global footprint spanning more than 190 countries, functioned as a residential proxy service known as 911 S5.
594
Okta Warns of Credential Stuffing Attacks Targeting Customer Identity Cloud
https://thehackernews.com/2024/05/okta-warns-of-credential-stuffing.html
Okta is warning that a cross-origin authentication feature in Customer Identity Cloud (CIC) is susceptible to credential stuffing attacks orchestrated by threat actors.
"We observed that the endpoints used to support the cross-origin authentication feature being attacked via credential stuffing for a number of our customers," the Identity and access management (IAM) services provider said.
The
594
ESET World 2024: Big on prevention, even bigger on AI
https://www.welivesecurity.com/en/cybersecurity/eset-world-2024-big-prevention-bigger-ai/
What is the state of artificial intelligence in 2024 and how can AI level up your cybersecurity game? These hot topics and pressing questions surrounding AI were front and center at the annual conference.
594
Cybercriminals Abuse StackOverflow to Promote Malicious Python Package
https://thehackernews.com/2024/05/cybercriminals-abuse-stackoverflow-to.html
Cybersecurity researchers have warned of a new malicious Python package that has been discovered in the Python Package Index (PyPI) repository to facilitate cryptocurrency theft as part of a broader campaign.
The package in question is pytoileur, which has been downloaded 316 times as of writing. Interestingly, the package author, who goes by the name PhilipsPY, has uploaded a new version of the
594
Check Point Warns of Zero-Day Attacks on its VPN Gateway Products
https://thehackernews.com/2024/05/check-point-warns-of-zero-day-attacks.html
Check Point is warning of a zero-day vulnerability in its Network Security gateway products that threat actors have exploited in the wild.
Tracked as CVE-2024-24919, the issue impacts CloudGuard Network, Quantum Maestro, Quantum Scalable Chassis, Quantum Security Gateways, and Quantum Spark appliances.
"The vulnerability potentially allows an attacker to read certain information on
594
Brazilian Banks Targeted by New AllaKore RAT Variant Called AllaSenha
https://thehackernews.com/2024/05/brazilian-banks-targeted-by-new.html
Brazilian banking institutions are the target of a new campaign that distributes a custom variant of the Windows-based AllaKore remote access trojan (RAT) called AllaSenha.
The malware is "specifically aimed at stealing credentials that are required to access Brazilian bank accounts, [and] leverages Azure cloud as command-and-control (C2) infrastructure," French cybersecurity company HarfangLab
594
U.S. Sentences 31-Year-Old to 10 Years for Laundering $4.5M in Email Scams
https://thehackernews.com/2024/05/us-sentences-31-year-old-to-10-years.html
The U.S. Department of Justice (DoJ) has sentenced a 31-year-old man to 10 years in prison for laundering more than $4.5 million through business email compromise (BEC) schemes and romance scams.
Malachi Mullings, 31, of Sandy Springs, Georgia pleaded guilty to the money laundering offenses in January 2023.
According to court documents, Mullings is said to have opened 20 bank accounts in the
594
New Research Warns About Weak Offboarding Management and Insider Risks
https://thehackernews.com/2024/05/new-research-warns-about-weak.html
A recent study by Wing Security found that 63% of businesses may have former employees with access to organizational data, and that automating SaaS Security can help mitigate offboarding risks.
Employee offboarding is typically seen as a routine administrative task, but it can pose substantial security risks, if not handled correctly. Failing to quickly and thoroughly remove access for
594
Microsoft Uncovers 'Moonstone Sleet' — New North Korean Hacker Group
https://thehackernews.com/2024/05/microsoft-uncovers-moonstone-sleet-new.html
A never-before-seen North Korean threat actor codenamed Moonstone Sleet has been attributed as behind cyber attacks targeting individuals and organizations in the software and information technology, education, and defense industrial base sectors with ransomware and bespoke malware previously associated with the infamous Lazarus Group.
"Moonstone Sleet is observed to set up fake companies and
594
BreachForums Returns Just Weeks After FBI Seizure - Honeypot or Blunder?
https://thehackernews.com/2024/05/breachforums-returns-just-weeks-after.html
The online criminal bazaar BreachForums has been resurrected merely two weeks after a U.S.-led coordinated law enforcement action dismantled and seized control of its infrastructure.
Cybersecurity researchers and dark web trackers Brett Callow, Dark Web Informer, and FalconFeeds revealed the site's online return at breachforums[.]st – one of the dismantled sites – by a user named ShinyHunters,
594
Beyond the buzz: Understanding AI and its role in cybersecurity
https://www.welivesecurity.com/en/cybersecurity/beyond-buzz-understanding-ai-role-cybersecurity/
A new white paper from ESET uncovers the risks and opportunities of artificial intelligence for cyber-defenders
594
Indian National Pleads Guilty to $37 Million Cryptocurrency Theft Scheme
https://thehackernews.com/2024/05/indian-national-pleads-guilty-to-37.html
An Indian national has pleaded guilty in the U.S. over charges of stealing more than $37 million by setting up a website that impersonated the Coinbase cryptocurrency exchange platform.
Chirag Tomar, 30, pleaded guilty to wire fraud conspiracy, which carries a maximum sentence of 20 years in prison and a $250,000 fine. He was arrested on December 20, 2023, upon entering the country.
"Tomar and
