en
Feedback
TECHZONE™

TECHZONE™

Open in Telegram

TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news

Show more
595
Subscribers
No data24 hours
No data7 days
-730 days
Posts Archive
Warning: New Adware Campaign Targets Meta Quest App Seekers https://thehackernews.com/2024/06/warning-new-adware-campaign-targets.html A new campaign is tricking users searching for the Meta Quest (formerly Oculus) application for Windows into downloading a new adware family called AdsExhaust. "The adware is capable of exfiltrating screenshots from infected devices and interacting with browsers using simulated keystrokes," cybersecurity firm eSentire said in an analysis, adding it identified the activity earlier this month. "

U.S. Treasury Sanctions 12 Kaspersky Executives Amid Software Ban https://thehackernews.com/2024/06/us-treasury-sanctions-12-kaspersky.html The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) imposed sanctions against a dozen individuals serving executive and senior leadership roles at Kaspersky Lab, a day after the Russian company was banned by the Commerce Department. The move "underscores our commitment to ensure the integrity of our cyber domain and to protect our citizens against malicious cyber

The long-tail costs of a data breach – Week in security with Tony Anscombe https://www.welivesecurity.com/en/videos/long-tail-costs-data-breach-week-security-tony-anscombe/ Understanding and preparing for the potential long-tail costs of data breaches is crucial for businesses that aim to mitigate the impact of security incidents

Chinese Hackers Deploy SpiceRAT and SugarGh0st in Global Espionage Campaign https://thehackernews.com/2024/06/chinese-hackers-deploy-spicerat-and.html A previously undocumented Chinese-speaking threat actor codenamed SneakyChef has been linked to an espionage campaign primarily targeting government entities across Asia and EMEA (Europe, Middle East, and Africa) with SugarGh0st malware since at least August 2023. "SneakyChef uses lures that are scanned documents of government agencies, most of which are related to various countries' Ministries

Military-themed Email Scam Spreads Malware to Infect Pakistani Users https://thehackernews.com/2024/06/military-themed-emails-used-to-spread.html Cybersecurity researchers have shed light on a new phishing campaign that has been identified as targeting people in Pakistan using a custom backdoor. Dubbed PHANTOM#SPIKE by Securonix, the unknown threat actors behind the activity have leveraged military-related phishing documents to activate the infection sequence. "While there are many methods used today to deploy malware, the threat actors

Oyster Backdoor Spreading via Trojanized Popular Software Downloads https://thehackernews.com/2024/06/oyster-backdoor-spreading-via.html A malvertising campaign is leveraging trojanized installers for popular software such as Google Chrome and Microsoft Teams to drop a backdoor called Oyster (aka Broomstick and CleanUpLoader). That's according to findings from Rapid7, which identified lookalike websites hosting the malicious payloads that users are redirected to after searching for them on search engines like Google and Bing. The

SolarWinds Serv-U Vulnerability Under Active Attack - Patch Immediately https://thehackernews.com/2024/06/solarwinds-serv-u-vulnerability-under.html A recently patched high-severity flaw impacting SolarWinds Serv-U file transfer software is being actively exploited by malicious actors in the wild. The vulnerability, tracked as CVE-2024-28995 (CVSS score: 8.6), concerns a directory transversal bug that could allow attackers to read sensitive files on the host machine. Affecting all versions of the software prior to and including Serv-U 15.4.2

My health information has been stolen. Now what? https://www.welivesecurity.com/en/privacy/my-health-information-has-been-stolen-now-what/ As health data continues to be a prized target for hackers, here's how to minimize the fallout from a breach impacting your own health records

U.S. Bans Kaspersky Software, Citing National Security Risks https://thehackernews.com/2024/06/us-bans-kaspersky-software-citing.html The U.S. Department of Commerce's Bureau of Industry and Security (BIS) on Thursday announced a "first of its kind" ban that prohibits Kaspersky Lab's U.S. subsidiary from directly or indirectly offering its security software in the country. The blockade also extends to the cybersecurity company's affiliates, subsidiaries and parent companies, the department said, adding the action is based on

Researchers Uncover UEFI Vulnerability Affecting Multiple Intel CPUs https://thehackernews.com/2024/06/researchers-uncover-uefi-vulnerability.html Cybersecurity researchers have disclosed details of a now-patched security flaw in Phoenix SecureCore UEFI firmware that affects multiple families of Intel Core desktop and mobile processors. Tracked as CVE-2024-0762 (CVSS score: 7.5), the "UEFIcanhazbufferoverflow" vulnerability has been described as a case of a buffer overflow stemming from the use of an unsafe variable in the Trusted Platform

French Diplomatic Entities Targeted in Russian-Linked Cyber Attacks https://thehackernews.com/2024/06/french-diplomatic-entities-targeted-in.html State-sponsored actors with ties to Russia have been linked to targeted cyber attacks aimed at French diplomatic entities, the country's information security agency ANSSI said in an advisory. The attacks have been attributed to a cluster tracked by Microsoft under the name Midnight Blizzard (formerly Nobelium), which overlaps with activity tracked as APT29, BlueBravo, Cloaked Ursa, Cozy Bear,

Tool Overload: Why MSPs Are Still Drowning with Countless Cybersecurity Tools in 2024 https://thehackernews.com/2024/06/tool-overload-why-msps-are-still.html Highlights Complex Tool Landscape: Explore the wide array of cybersecurity tools used by MSPs, highlighting the common challenge of managing multiple systems that may overlap in functionality but lack integration.Top Cybersecurity Challenges: Discuss the main challenges MSPs face, including integration issues, limited visibility across systems, and the high cost and complexity of maintaining

Chinese Cyber Espionage Targets Telecom Operators in Asia Since 2021 https://thehackernews.com/2024/06/chinese-cyber-espionage-targets-telecom.html Cyber espionage groups associated with China have been linked to a long-running campaign that has infiltrated several telecom operators located in a single Asian country at least since 2021. "The attackers placed backdoors on the networks of targeted companies and also attempted to steal credentials," the Symantec Threat Hunter Team, part of Broadcom, said in a report shared with The Hacker News

New Rust-based Fickle Malware Uses PowerShell for UAC Bypass and Data Exfiltration https://thehackernews.com/2024/06/new-rust-based-fickle-malware-uses.html A new Rust-based information stealer malware called Fickle Stealer has been observed being delivered via multiple attack chains with the goal of harvesting sensitive information from compromised hosts. Fortinet FortiGuard Labs said it's aware of four different distribution methods -- namely VBA dropper, VBA downloader, link downloader, and executable downloader -- with some of them using a

Experts Uncover New Evasive SquidLoader Malware Targeting Chinese Organizations https://thehackernews.com/2024/06/experts-uncover-new-evasive-squidloader.html Cybersecurity researchers have uncovered a new evasive malware loader named SquidLoader that spreads via phishing campaigns targeting Chinese organizations. AT&T LevelBlue Labs, which first observed the malware in late April 2024, said it incorporates features that are designed to thwart static and dynamic analysis and ultimately evade detection. Attack chains leverage phishing emails that

Hacktivism is evolving – and that could be bad news for organizations everywhere https://www.welivesecurity.com/en/business-security/hacktivism-evolving-bad-news-organizations-everywhere/ Hacktivism is nothing new, but the increasingly fuzzy lines between traditional hacktivism and state-backed operations make it a more potent threat

Kraken Crypto Exchange Hit by $3 Million Theft Exploiting Zero-Day Flaw https://thehackernews.com/2024/06/kraken-crypto-exchange-hit-by-3-million.html Crypto exchange Kraken revealed that an unnamed security researcher exploited an "extremely critical" zero-day flaw in its platform to steal $3 million in digital assets and refused to return them. Details of the incident were shared by Kraken's Chief Security Officer, Nick Percoco, on X (formerly Twitter), stating it received a Bug Bounty program alert about a bug that "allowed them to

Chinese Cyber Espionage Group Exploits Fortinet, Ivanti and VMware Zero-Days https://thehackernews.com/2024/06/chinese-cyber-espionage-group-exploits.html The China-nexus cyber espionage actor linked to the zero-day exploitation of security flaws in Fortinet, Ivanti, and VMware devices has been observed utilizing multiple persistence mechanisms in order to maintain unfettered access to compromised environments. "Persistence mechanisms encompassed network devices, hypervisors, and virtual machines, ensuring alternative channels remain available

New Case Study: Unmanaged GTM Tags Become a Security Nightmare https://thehackernews.com/2024/06/new-case-study-unmanaged-gtm-tags.html Are your tags really safe with Google Tag Manager? If you've been thinking that using GTM means that your tracking tags and pixels are safely managed, then it might be time to think again. In this article we look at how a big-ticket seller that does business on every continent came unstuck when it forgot that you can’t afford to allow tags to go unmanaged or become misconfigured.  Read the

New Threat Actor 'Void Arachne' Targets Chinese Users with Malicious VPN Installers https://thehackernews.com/2024/06/void-arachne-uses-deepfakes-and-ai-to.html Chinese-speaking users are the target of a never-before-seen threat activity cluster codenamed Void Arachne that employs malicious Windows Installer (MSI) files for virtual private networks (VPNs) to deliver a command-and-control (C&C) framework called Winos 4.0. "The campaign also promotes compromised MSI files embedded with nudifiers and deepfake pornography-generating software, as well as