ch
Feedback
TECHZONE™

TECHZONE™

前往频道在 Telegram

TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news

显示更多
593
订阅者
无数据24 小时
-27
-830
帖子存档
Case Study: The Cookie Privacy Monster in Big Global Retail https://thehackernews.com/2024/01/case-study-cookie-privacy-monster-in.html Explore how an advanced exposure management solution saved a major retail industry client from ending up on the naughty step due to a misconfiguration in its cookie management policy. This wasn’t anything malicious, but with modern web environments being so complex, mistakes can happen, and non-compliance fines can be just an oversight away.Download the full case study here. As a child,

Inferno Malware Masqueraded as Coinbase, Drained $87 Million from 137,000 Victims https://thehackernews.com/2024/01/inferno-malware-masqueraded-as-coinbase.html The operators behind the now-defunct Inferno Drainer created more than 16,000 unique malicious domains over a span of one year between 2022 and 2023. The scheme “leveraged high-quality phishing pages to lure unsuspecting users into connecting their cryptocurrency wallets with the attackers’ infrastructure that spoofed Web3 protocols to trick victims into authorizing

Hackers Weaponize Windows Flaw to Deploy Crypto-Siphoning Phemedrone Stealer https://thehackernews.com/2024/01/hackers-weaponize-windows-flaw-to.html Threat actors have been observed leveraging a now-patched security flaw in Microsoft Windows to deploy an open-source information stealer called Phemedrone Stealer. “Phemedrone targets web browsers and data from cryptocurrency wallets and messaging apps such as Telegram, Steam, and Discord,” Trend Micro researchers Peter Girnus, Aliakbar Zahravi, and Simon Zuckerbraun said. “It also

3 Ransomware Group Newcomers to Watch in 2024 https://thehackernews.com/2024/01/3-ransomware-group-newcomers-to-watch.html The ransomware industry surged in 2023 as it saw an alarming 55.5% increase in victims worldwide, reaching a staggering 4,368 cases.  Figure 1: Year over year victims per quarter The rollercoaster ride from explosive growth in 2021 to a momentary dip in 2022 was just a teaser—2023 roared back with the same fervor as 2021, propelling existing groups and ushering in a wave of formidable

Opera MyFlaw Bug Could Let Hackers Run ANY File on Your Mac or Windows https://thehackernews.com/2024/01/opera-myflaw-bug-could-let-hackers-run.html Cybersecurity researchers have disclosed a security flaw in the Opera web browser for Microsoft Windows and Apple macOS that could be exploited to execute any file on the underlying operating system. The remote code execution vulnerability has been codenamed MyFlaw by the Guardio Labs research team owing to the fact that it takes advantage of a feature called My Flow that makes it

High-Severity Flaws Uncovered in Bosch Thermostats and Smart Nutrunners https://thehackernews.com/2024/01/high-severity-flaws-uncovered-in-bosch.html Multiple security vulnerabilities have been disclosed in Bosch BCC100 thermostats and Rexroth NXA015S-36V-B smart nutrunners that, if successfully exploited, could allow attackers to execute arbitrary code on affected systems. Romanian cybersecurity firm Bitdefender, which discovered the flaw in Bosch BCC100 thermostats last August, said the issue could be weaponized by an attacker to

Balada Injector Infects Over 7,100 WordPress Sites Using Plugin Vulnerability https://thehackernews.com/2024/01/balada-injector-infects-over-7100.html Thousands of WordPress sites using a vulnerable version of the Popup Builder plugin have been compromised with a malware called Balada Injector. First documented by Doctor Web in January 2023, the campaign takes place in a series of periodic attack waves, weaponizing security flaws WordPress plugins to inject backdoor designed to redirect visitors of infected sites to bogus tech

DDoS Attacks on the Environmental Services Industry Surge by 61,839% in 2023 https://thehackernews.com/2024/01/ddos-attacks-on-environmental-services.html The environmental services industry witnessed an “unprecedented surge” in HTTP-based distributed denial-of-service (DDoS) attacks, accounting for half of all its HTTP traffic. This marks a 61,839% increase in DDoS attack traffic year-over-year, web infrastructure and security company Cloudflare said in its DDoS threat report for 2023 Q4 published last week. “This surge in cyber attacks coincided

New Findings Challenge Attribution in Denmark's Energy Sector Cyberattacks https://thehackernews.com/2024/01/new-findings-challenge-attribution-in.html The cyber attacks targeting the energy sector in Denmark last year may not have had the involvement of the Russia-linked Sandworm hacking group, new findings from Forescout show. The intrusions, which targeted around 22 Danish energy organizations in May 2023, occurred in two distinct waves, one which exploited a security flaw in Zyxel firewall (CVE-2023-28771) and a

Critical RCE Vulnerability Uncovered in Juniper SRX Firewalls and EX Switches https://thehackernews.com/2024/01/critical-rce-vulnerability-uncovered-in.html Juniper Networks has released updates to fix a critical remote code execution (RCE) vulnerability in its SRX Series firewalls and EX Series switches. The issue, tracked as CVE-2024-21591, is rated 9.8 on the CVSS scoring system. “An out-of-bounds write vulnerability in J-Web of Juniper Networks Junos OS SRX Series and EX Series allows an unauthenticated, network-based attacker to cause a

29-Year-Old Ukrainian Cryptojacking Kingpin Arrested for Exploiting Cloud Services https://thehackernews.com/2024/01/29-year-old-ukrainian-cryptojacking.html A 29-year-old Ukrainian national has been arrested in connection with running a “sophisticated cryptojacking scheme,” netting them over $2 million (€1.8 million) in illicit profits. The person was apprehended in Mykolaiv, Ukraine, on January 9 by the National Police of Ukraine with support from Europol and an unnamed cloud service provider following “months of intensive collaboration.” “A cloud

Lessons from SEC's X account hack – Week in security with Tony Anscombe https://www.welivesecurity.com/en/videos/lessons-sec-x-account-hack-week-security-tony-anscombe/ The cryptocurrency rollercoaster never fails to provide a thrilling ride – this week it was a drama surrounding the hack of SEC's X account right ahead of the much-anticipated decision about Bitcoin ETFs

Nation-State Actors Weaponize Ivanti VPN Zero-Days, Deploying 5 Malware Families https://thehackernews.com/2024/01/nation-state-actors-weaponize-ivanti.html As many as five different malware families were deployed by suspected nation-state actors as part of post-exploitation activities leveraging two zero-day vulnerabilities in Ivanti Connect Secure (ICS) VPN appliances since early December 2023. "These families allow the threat actors to circumvent authentication and provide backdoor access to these devices," Mandiant said in an

Medusa Ransomware on the Rise: From Data Leaks to Multi-Extortion https://thehackernews.com/2024/01/medusa-ransomware-on-rise-from-data.html The threat actors associated with the Medusa ransomware have ramped up their activities following the debut of a dedicated data leak site on the dark web in February 2023 to publish sensitive data of victims who are unwilling to agree to their demands. “As part of their multi-extortion strategy, this group will provide victims with multiple options when their data is posted on their

Applying the Tyson Principle to Cybersecurity: Why Attack Simulation is Key to Avoiding a KO https://thehackernews.com/2024/01/applying-tyson-principle-to.html Picture a cybersecurity landscape where defenses are impenetrable, and threats are nothing more than mere disturbances deflected by a strong shield. Sadly, this image of fortitude remains a pipe dream despite its comforting nature. In the security world, preparedness is not just a luxury but a necessity. In this context, Mike Tyson's famous adage, "Everyone has a plan until they get punched in

Cryptominers Targeting Misconfigured Apache Hadoop and Flink with Rootkit in New Attacks https://thehackernews.com/2024/01/cryptominers-targeting-misconfigured.html Cybersecurity researchers have identified a new attack that exploits misconfigurations in Apache Hadoop and Flink to deploy cryptocurrency miners within targeted environments. "This attack is particularly intriguing due to the attacker's use of packers and rootkits to conceal the malware," Aqua security researchers Nitzan Yaakov and Assaf Morag said in an analysis published earlier

Act Now: CISA Flags Active Exploitation of Microsoft SharePoint Vulnerability https://thehackernews.com/2024/01/act-now-cisa-flags-active-exploitation.html The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security vulnerability impacting Microsoft SharePoint Server to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The issue, tracked as CVE-2023-29357 (CVSS score: 9.8), is a privilege escalation flaw that could be exploited by an attacker to gain

A peek behind the curtain: How are sock puppet accounts used in OSINT? https://www.welivesecurity.com/en/cybersecurity/peek-curtain-sock-puppet-accounts-osint/ How wearing a ‘sock puppet’ can aid the collection of open source intelligence while insulating the ‘puppeteer’ from risks

Threat Actors Increasingly Abusing GitHub for Malicious Purposes https://thehackernews.com/2024/01/threat-actors-increasingly-abusing.html The ubiquity of GitHub in information technology (IT) environments has made it a lucrative choice for threat actors to host and deliver malicious payloads and act as dead drop resolvers, command-and-control, and data exfiltration points. “Using GitHub services for malicious infrastructure allows adversaries to blend in with legitimate network traffic, often bypassing traditional security

New PoC Exploit for Apache OfBiz Vulnerability Poses Risk to ERP Systems https://thehackernews.com/2024/01/new-poc-exploit-for-apache-ofbiz.html Cybersecurity researchers have developed a proof-of-concept (PoC) code that exploits a recently disclosed critical flaw in the Apache OfBiz open-source Enterprise Resource Planning (ERP) system to execute a memory-resident payload. The vulnerability in question is CVE-2023-51467 (CVSS score: 9.8), a bypass for another severe shortcoming in the same software (