TECHZONE™
前往频道在 Telegram
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
显示更多595
订阅者
无数据24 小时
无数据7 天
-930 天
帖子存档
595
Singapore Police Arrest Six Hackers Linked to Global Cybercrime Syndicate
https://thehackernews.com/2024/09/singapore-police-arrest-six-for-alleged.html
The Singapore Police Force (SPF) has announced the arrest of five Chinese nationals and one Singaporean man for their alleged involvement in illicit cyber activities in the country.
The development comes after a group of about 160 law enforcement officials conducted a series of raids on September 9, 2024, simultaneously at several locations.
The six men, aged between 32 and 42, are suspected of
595
Why Is It So Challenging to Go Passwordless?
https://thehackernews.com/2024/09/why-is-it-so-challenging-to-go.html
Imagine a world where you never have to remember another password. Seems like a dream come true for both end users and IT teams, right? But as the old saying goes, "If it sounds too good to be true, it probably is."
If your organization is like many, you may be contemplating a move to passwordless authentication. But the reality is that a passwordless security approach comes with its own
595
Developers Beware: Lazarus Group Uses Fake Coding Tests to Spread Malware
https://thehackernews.com/2024/09/developers-beware-lazarus-group-uses.html
Cybersecurity researchers have uncovered a new set of malicious Python packages that target software developers under the guise of coding assessments.
"The new samples were tracked to GitHub projects that have been linked to previous, targeted attacks in which developers are lured using fake job interviews," ReversingLabs researcher Karlo Zanki said.
The activity has been assessed to be part of
595
Microsoft Issues Patches for 79 Flaws, Including 3 Actively Exploited Windows Flaws
https://thehackernews.com/2024/09/microsoft-issues-patches-for-79-flaws.html
Microsoft on Tuesday disclosed that three new security flaws impacting the Windows platform have come under active exploitation as part of its Patch Tuesday update for September 2024.
The monthly security release addresses a total of 79 vulnerabilities, of which seven are rated Critical, 71 are rated Important, and one is rated Moderate in severity. This is aside from 26 flaws that the tech
595
Ivanti Releases Urgent Security Updates for Endpoint Manager Vulnerabilities
https://thehackernews.com/2024/09/ivanti-releases-urgent-security-updates.html
Ivanti has released software updates to address multiple security flaws impacting Endpoint Manager (EPM), including 10 critical vulnerabilities that could result in remote code execution.
A brief description of the issues is as follows -
CVE-2024-29847 (CVSS score: 10.0) - A deserialization of untrusted data vulnerability that allows a remote unauthenticated attacker to achieve code execution.
595
CosmicBeetle steps up: Probation period at RansomHub
https://www.welivesecurity.com/en/eset-research/cosmicbeetle-steps-up-probation-period-ransomhub/
CosmicBeetle, after improving its own ransomware, tries its luck as a RansomHub affiliate
595
CosmicBeetle Deploys Custom ScRansom Ransomware, Partnering with RansomHub
https://thehackernews.com/2024/09/cosmicbeetle-deploys-custom-scransom.html
The threat actor known as CosmicBeetle has debuted a new custom ransomware strain called ScRansom in attacks targeting small- and medium-sized businesses (SMBs) in Europe, Asia, Africa, and South America, while also likely working as an affiliate for RansomHub.
"CosmicBeetle replaced its previously deployed ransomware, Scarab, with ScRansom, which is continually improved," ESET researcher Jakub
595
Experts Identify 3 Chinese-Linked Clusters Behind Cyberattacks in Southeast Asia
https://thehackernews.com/2024/09/experts-identify-3-chinese-linked.html
A trio of threat activity clusters linked to China has been observed compromising more government organizations in Southeast Asia as part of a renewed state-sponsored operation codenamed Crimson Palace, indicating an expansion in the scope of the espionage effort.
Cybersecurity firm Sophos, which has been monitoring the cyber offensive, said it comprises three intrusion sets tracked as Cluster
595
Shining a Light on Shadow Apps: The Invisible Gateway to SaaS Data Breaches
https://thehackernews.com/2024/09/shining-light-on-shadow-apps-invisible.html
Shadow apps, a segment of Shadow IT, are SaaS applications purchased without the knowledge of the security team. While these applications may be legitimate, they operate within the blind spots of the corporate security team and expose the company to attackers.
Shadow apps may include instances of software that the company is already using. For example, a dev team may onboard their own
595
New PIXHELL Attack Exploits Screen Noise to Exfiltrates Data from Air-Gapped Computers
https://thehackernews.com/2024/09/new-pixhell-attack-exploits-screen.html
A new side-channel attack dubbed PIXHELL could be abused to target air-gapped computers by breaching the "audio gap" and exfiltrating sensitive information by taking advantage of the noise generated by the pixels on the screen.
"Malware in the air-gap and audio-gap computers generates crafted pixel patterns that produce noise in the frequency range of 0 - 22 kHz," Dr. Mordechai Guri, the head of
595
Mustang Panda Deploys Advanced Malware to Spy on Asia-Pacific Governments
https://thehackernews.com/2024/09/mustang-panda-deploys-advanced-malware.html
The threat actor tracked as Mustang Panda has refined its malware arsenal to include new tools in order to facilitate data exfiltration and the deployment of next-stage payloads, according to new findings from Trend Micro.
The cybersecurity firm, which is monitoring the activity cluster under the name Earth Preta, said it observed "the propagation of PUBLOAD via a variant of the worm HIUPAN."
595
New RAMBO Attack Uses RAM Radio Signals to Steal Data from Air-Gapped Networks
https://thehackernews.com/2024/09/new-rambo-attack-uses-ram-radio-signals.html
A novel side-channel attack has been found to leverage radio signals emanated by a device's random access memory (RAM) as a data exfiltration mechanism, posing a threat to air-gapped networks.
The technique has been codenamed RAMBO by Dr. Mordechai Guri, the head of the Offensive Cyber Research Lab in the Department of Software and Information Systems Engineering at the Ben Gurion University of
595
One More Tool Will Do It? Reflecting on the CrowdStrike Fallout
https://thehackernews.com/2024/09/one-more-tool-will-do-it-reflecting-on.html
The proliferation of cybersecurity tools has created an illusion of security. Organizations often believe that by deploying a firewall, antivirus software, intrusion detection systems, identity threat detection and response, and other tools, they are adequately protected. However, this approach not only fails to address the fundamental issue of the attack surface but also introduces dangerous
595
Blind Eagle Targets Colombian Insurance Sector with Customized Quasar RAT
https://thehackernews.com/2024/09/blind-eagle-targets-colombian-insurance.html
The Colombian insurance sector is the target of a threat actor tracked as Blind Eagle with the end goal of delivering a customized version of a known commodity remote access trojan (RAT) known as Quasar RAT since June 2024.
"Attacks have originated with phishing emails impersonating the Colombian tax authority," Zscaler ThreatLabz researcher Gaetano Pellegrino said in a new analysis published
595
Chinese Hackers Exploit Visual Studio Code in Southeast Asian Cyberattacks
https://thehackernews.com/2024/09/chinese-hackers-exploit-visual-studio.html
The China-linked advanced persistent threat (APT) group known as Mustang Panda has been observed weaponizing Visual Studio Code software as part of espionage operations targeting government entities in Southeast Asia.
"This threat actor used Visual Studio Code's embedded reverse shell feature to gain a foothold in target networks," Palo Alto Networks Unit 42 researcher Tom Fakterman said in a
595
Webinar: How to Protect Your Company from GenAI Data Leakage Without Losing It’s Productivity Benefits
https://thehackernews.com/2024/09/webinar-how-to-protect-your-company.html
GenAI has become a table stakes tool for employees, due to the productivity gains and innovative capabilities it offers. Developers use it to write code, finance teams use it to analyze reports, and sales teams create customer emails and assets. Yet, these capabilities are exactly the ones that introduce serious security risks.
Register to our upcoming webinar to learn how to prevent GenAI data
595
Wing Security SaaS Pulse: Continuous Security & Actionable Insights — For Free
https://thehackernews.com/2024/09/wing-security-saas-pulse-continuous.html
Designed to be more than a one-time assessment— Wing Security’s SaaS Pulse provides organizations with actionable insights and continuous oversight into their SaaS security posture—and it’s free!
Introducing SaaS Pulse: Free Continuous SaaS Risk Management
Just like waiting for a medical issue to become critical before seeing a doctor, organizations can’t afford to overlook the constantly
595
Progress Software Issues Patch for Vulnerability in LoadMaster and MT Hypervisor
https://thehackernews.com/2024/09/progress-software-issues-patch-for.html
Progress Software has released security updates for a maximum-severity flaw in LoadMaster and Multi-Tenant (MT) hypervisor that could result in the execution of arbitrary operating system commands.
Tracked as CVE-2024-7591 (CVSS score: 10.0), the vulnerability has been described as an improper input validation bug that results in OS command injection.
"It is possible for unauthenticated, remote
595
New Android SpyAgent Malware Uses OCR to Steal Crypto Wallet Recovery Keys
https://thehackernews.com/2024/09/new-android-spyagent-malware-uses-ocr.html
Android device users in South Korea have emerged as a target of a new mobile malware campaign that delivers a new type of threat dubbed SpyAgent.
The malware "targets mnemonic keys by scanning for images on your device that might contain them," McAfee Labs researcher SangRyol Ryu said in an analysis, adding the targeting footprint has broadened in scope to include the U.K.
The campaign makes use
595
TIDRONE Espionage Group Targets Taiwan Drone Makers in Cyber Campaign
https://thehackernews.com/2024/09/tidrone-espionage-group-targets-taiwan.html
A previously undocumented threat actor with likely ties to Chinese-speaking groups has predominantly singled out drone manufacturers in Taiwan as part of a cyber attack campaign that commenced in 2024.
Trend Micro is tracking the adversary under the moniker TIDRONE, stating the activity is espionage-driven given the focus on military-related industry chains.
The exact initial access vector used
现已上线!2025 年 Telegram 研究 — 年度关键洞察 
