TECHZONE™
Open in Telegram
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
Show more596
Subscribers
+124 hours
+17 days
-830 days
Posts Archive
596
New Gafgyt Botnet Variant Targets Weak SSH Passwords for GPU Crypto Mining
https://thehackernews.com/2024/08/new-gafgyt-botnet-variant-targets-weak.html
Cybersecurity researchers have discovered a new variant of the Gafgyt botnet that's targeting machines with weak SSH passwords to ultimately mine cryptocurrency on compromised instances using their GPU computational power.
This indicates that the "IoT botnet is targeting more robust servers running on cloud native environments," Aqua Security researcher Assaf Morag said in a Wednesday analysis.
596
Black Basta-Linked Attackers Target Users with SystemBC Malware
https://thehackernews.com/2024/08/black-basta-linked-attackers-targets.html
An ongoing social engineering campaign with alleged links to the Black Basta ransomware group has been linked to "multiple intrusion attempts" with the goal of conducting credential theft and deploying a malware dropper called SystemBC.
"The initial lure being utilized by the threat actors remains the same: an email bomb followed by an attempt to call impacted users and offer a fake solution,"
596
Belarusian-Ukrainian Hacker Extradited to U.S. for Ransomware and Cybercrime Charges
https://thehackernews.com/2024/08/belarusian-ukrainian-hacker-extradited.html
A coalition of law enforcement agencies coordinated by the U.K. National Crime Agency (NCA) has led to the arrest and extradition of a Belarussian and Ukrainian dual-national believed to be associated with Russian-speaking cybercrime groups.
Maksim Silnikau (aka Maksym Silnikov), 38, went by the online monikers J.P. Morgan, xxx, and lansky. He was extradited to the U.S. from Poland on August 9,
596
How to Augment Your Password Security with EASM
https://thehackernews.com/2024/08/how-to-augment-your-password-security.html
Simply relying on traditional password security measures is no longer sufficient. When it comes to protecting your organization from credential-based attacks, it is essential to lock down the basics first. Securing your Active Directory should be a priority – it is like making sure a house has a locked front door before investing in a high-end alarm system. Once the fundamentals are covered,
596
DDoS Attacks Surge 46% in First Half of 2024, Gcore Report Reveals
https://thehackernews.com/2024/08/ddos-attacks-surge-46-in-first-half-of.html
Monitoring evolving DDoS trends is essential for anticipating threats and adapting defensive strategies. The comprehensive Gcore Radar Report for the first half of 2024 provides detailed insights into DDoS attack data, showcasing changes in attack patterns and the broader landscape of cyber threats. Here, we share a selection of findings from the full report.
Key Takeaways
The number of DDoS
596
Why scammers want your phone number
https://www.welivesecurity.com/en/scams/scammers-phone-number/
Your phone number is more than just a way to contact you – scammers can use it to target you with malicious messages and even exploit it to gain access to your bank account or steal corporate data
596
Microsoft Issues Patches for 90 Flaws, Including 10 Critical Zero-Day Exploits
https://thehackernews.com/2024/08/microsoft-issues-patches-for-90-flaws.html
Microsoft on Tuesday shipped fixes to address a total of 90 security flaws, including 10 zero-days, of which six have come under active exploitation in the wild.
Of the 90 bugs, seven are rated Critical, 79 are rated Important, and one is rated Moderate in severity. This is also in addition to 36 vulnerabilities that the tech giant resolved in its Edge browser since last month.
The Patch Tuesday
596
Critical Flaw in Ivanti Virtual Traffic Manager Could Allow Rogue Admin Access
https://thehackernews.com/2024/08/critical-flaw-in-ivanti-virtual-traffic.html
Ivanti has rolled out security updates for a critical flaw in Virtual Traffic Manager (vTM) that could be exploited to achieve an authentication bypass and create rogue administrative users.
The vulnerability, tracked as CVE-2024-7593, has a CVSS score of 9.8 out of a maximum of 10.0.
"Incorrect implementation of an authentication algorithm in Ivanti vTM other than versions 22.2R1 or 22.7R2
596
China-Backed Earth Baku Expands Cyber Attacks to Europe, Middle East, and Africa
https://thehackernews.com/2024/08/china-backed-earth-baku-expands-cyber.html
The China-backed threat actor known as Earth Baku has diversified its targeting footprint beyond the Indo-Pacific region to include Europe, the Middle East, and Africa starting in late 2022.
Newly targeted countries as part of the activity include Italy, Germany, the U.A.E., and Qatar, with suspected attacks also detected in Georgia and Romania. Governments, media and communications, telecoms,
596
GhostWrite: New T-Head CPU Bugs Expose Devices to Unrestricted Attacks
https://thehackernews.com/2024/08/ghostwrite-new-t-head-cpu-bugs-expose.html
A team of researchers from the CISPA Helmholtz Center for Information Security in Germany has disclosed an architectural bug impacting Chinese chip company T-Head's XuanTie C910 and C920 RISC-V CPUs that could allow attackers to gain unrestricted access to susceptible devices.
The vulnerability has been codenamed GhostWrite. It has been described as a direct CPU bug embedded in the hardware, as
596
Researchers Uncover Vulnerabilities in AI-Powered Azure Health Bot Service
https://thehackernews.com/2024/08/researchers-uncover-vulnerabilities-in_0471960302.html
Cybersecurity researchers have discovered two security flaws in Microsoft's Azure Health Bot Service that, if exploited, could permit a malicious actor to achieve lateral movement within customer environments and access sensitive patient data.
The critical issues, now patched by Microsoft, could have allowed access to cross-tenant resources within the service, Tenable said in a new report shared
596
The great location leak: Privacy risks in dating apps
https://www.welivesecurity.com/en/privacy/great-location-leak-privacy-risks-dating-apps/
Convenience may come at a cost – such as when your favorite app reveals your exact coordinates to someone you’d rather keep at a distance
596
Top 6 Craigslist scams: Don’t fall for these tricks
https://www.welivesecurity.com/en/scams/top-6-craigslist-scams-dont-fall-tricks/
Here’s how to spot and dodge scams when searching for stuff on the classified ads website that offers almost everything under the sun
596
Why Hardsec Matters: From Protecting Critical Services to Enhancing Resilience
https://thehackernews.com/2024/08/why-hardsec-matters-from-protecting.html
Traditionally, the focus has been on defending against digital threats such as malware, ransomware, and phishing attacks by detecting them and responding. However, as cyber threats become more sophisticated. There is a growing recognition of the importance of measures that stop new attacks before they are recognized. With high-value assets, it’s not good enough to have the protection, it’s
596
FBI Shuts Down Dispossessor Ransomware Group's Servers Across U.S., U.K., and Germany
https://thehackernews.com/2024/08/fbi-shuts-down-dispossessor-ransomware.html
The U.S. Federal Bureau of Investigation (FBI) on Monday announced the disruption of online infrastructure associated with a nascent ransomware group called Dispossessor (aka Radar).
The effort saw the dismantling of three U.S. servers, three United Kingdom servers, 18 German servers, eight U.S.-based criminal domains, and one German-based criminal domain. Dispossessor is said to be led by
596
Ukraine Warns of New Phishing Campaign Targeting Government Computers
https://thehackernews.com/2024/08/ukraine-warns-of-new-phishing-campaign.html
The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new phishing campaign that masquerades as the Security Service of Ukraine to distribute malware capable of remote desktop access.
The agency is tracking the activity under the name UAC-0198. More than 100 computers are estimated to have been infected since July 2024, including those related to government bodies in the
596
How Phishing Attacks Adapt Quickly to Capitalize on Current Events
https://thehackernews.com/2024/08/how-phishing-attacks-adapt-quickly-to.html
In 2023, no fewer than 94 percent of businesses were impacted by phishing attacks, a 40 percent increase compared to the previous year, according to research from Egress.
What's behind the surge in phishing? One popular answer is AI – particularly generative AI, which has made it trivially easier for threat actors to craft content that they can use in phishing campaigns, like malicious emails
596
Researchers Uncover Vulnerabilities in Solarman and Deye Solar Systems
https://thehackernews.com/2024/08/researchers-uncover-vulnerabilities-in.html
Cybersecurity researchers have identified a number of security shortcomings in photovoltaic system management platforms operated by Chinese companies Solarman and Deye that could enable malicious actors to cause disruption and power blackouts.
"If exploited, these vulnerabilities could allow an attacker to control inverter settings that could take parts of the grid down, potentially causing
596
The AI Hangover is Here – The End of the Beginning
https://thehackernews.com/2024/08/the-ai-hangover-is-here-end-of-beginning.html
After a good year of sustained exuberance, the hangover is finally here. It’s a gentle one (for now), as the market corrects the share price of the major players (like Nvidia, Microsoft, and Google), while other players reassess the market and adjust priorities. Gartner calls it the trough of disillusionment, when interest wanes and implementations fail to deliver the promised breakthroughs.
596
FreeBSD Releases Urgent Patch for High-Severity OpenSSH Vulnerability
https://thehackernews.com/2024/08/freebsd-releases-urgent-patch-for-high.html
The maintainers of the FreeBSD Project have released security updates to address a high-severity flaw in OpenSSH that attackers could potentially exploit to execute arbitrary code remotely with elevated privileges.
The vulnerability, tracked as CVE-2024-7589, carries a CVSS score of 7.4 out of a maximum of 10.0, indicating high severity.
"A signal handler in sshd(8) may call a logging function
Available now! Telegram Research 2025 — the year's key insights 
