en
Feedback
TECHZONE™

TECHZONE™

Open in Telegram

TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news

Show more
593
Subscribers
No data24 hours
-27 days
-830 days
Posts Archive
Google Cloud Resolves Privilege Escalation Flaw Impacting Kubernetes Service https://thehackernews.com/2023/12/google-cloud-resolves-privilege.html Google Cloud has addressed a medium-severity security flaw in its platform that could be abused by an attacker who already has access to a Kubernetes cluster to escalate their privileges. "An attacker who has compromised the Fluent Bit logging container could combine that access with high privileges required by Anthos Service Mesh (on clusters that have enabled it) to

Most Sophisticated iPhone Hack Ever Exploited Apple's Hidden Hardware Feature https://thehackernews.com/2023/12/most-sophisticated-iphone-hack-ever.html The Operation Triangulation spyware attacks targeting Apple iOS devices leveraged never-before-seen exploits that made it possible to even bypass pivotal hardware-based security protections erected by the company. Russian cybersecurity firm Kaspersky, which discovered the campaign at the beginning of 2023 after becoming one of the targets, described it as

Got a new device? 7 things to do before disposing of your old tech https://www.welivesecurity.com/en/cybersecurity/7-things-disposing-old-tech/ Before getting rid of your no-longer-needed device, make sure it doesn’t contain any of your personal documents or information

New Rugmi Malware Loader Surges with Hundreds of Daily Detections https://thehackernews.com/2023/12/new-rugmi-malware-loader-surges-with.html A new malware loader is being used by threat actors to deliver a wide range of information stealers such as Lumma Stealer (aka LummaC2), Vidar, RecordBreaker (aka Raccoon Stealer V2), and Rescoms. Cybersecurity firm ESET is tracking the trojan under the name Win/TrojanDownloader.Rugmi. "This malware is a loader with three types of components: a downloader that downloads an

Critical Zero-Day in Apache OfBiz ERP System Exposes Businesses to Attack https://thehackernews.com/2023/12/critical-zero-day-in-apache-ofbiz-erp.html A new zero-day security flaw has been discovered in the Apache OfBiz, an open-source Enterprise Resource Planning (ERP) system that could be exploited to bypass authentication protections. The vulnerability, tracked as CVE-2023-51467, resides in the login functionality and is the result of an incomplete patch for another critical vulnerability (CVE-2023-49070, CVSS score: 9.8) that was

Chinese Hackers Exploited New Zero-Day in Barracuda's ESG Appliances https://thehackernews.com/2023/12/chinese-hackers-exploited-new-zero-day.html Barracuda has revealed that Chinese threat actors exploited a new zero-day in its Email Security Gateway (ESG) appliances to deploy backdoor on a "limited number" of devices. Tracked as CVE-2023-7102, the issue relates to a case of arbitrary code execution that resides within a third-party and open-source library Spreadsheet::ParseExcel that's used by the Amavis scanner within the

New Sneaky Xamalicious Android Malware Hits Over 327,000 Devices https://thehackernews.com/2023/12/new-sneaky-xamalicious-android-malware.html A new Android backdoor has been discovered with potent capabilities to carry out a range of malicious actions on infected devices. Dubbed Xamalicious by the McAfee Mobile Research Team, the malware is so named for the fact that it's developed using an open-source mobile app framework called Xamarin and abuses the operating system's accessibility permissions to fulfill its objectives.

Warning: Poorly Secured Linux SSH Servers Under Attack for Cryptocurrency Mining https://thehackernews.com/2023/12/warning-poorly-secured-linux-ssh.html Poorly secured Linux SSH servers are being targeted by bad actors to install port scanners and dictionary attack tools with the goal of targeting other vulnerable servers and co-opting them into a network to carry out cryptocurrency mining and distributed denial-of-service (DDoS) attacks. "Threat actors can also choose to install only scanners and sell the breached IP and account credentials on

Carbanak Banking Malware Resurfaces with New Ransomware Tactics https://thehackernews.com/2023/12/carbanak-banking-malware-resurfaces.html The banking malware known as Carbanak has been observed being used in ransomware attacks with updated tactics. "The malware has adapted to incorporate attack vendors and techniques to diversify its effectiveness," cybersecurity firm NCC Group said in an analysis of ransomware attacks that took place in November 2023. "Carbanak returned last month through new

Cloud Atlas' Spear-Phishing Attacks Target Russian Agro and Research Companies https://thehackernews.com/2023/12/cloud-atlas-spear-phishing-attacks.html The threat actor referred to as Cloud Atlas has been linked to a set of spear-phishing attacks on Russian enterprises. Targets included a Russian agro-industrial enterprise and a state-owned research company, according to a report from F.A.C.C.T., a standalone cybersecurity company formed after Group-IB's formal exit from Russia earlier this year. Cloud Atlas, active since at

British LAPSUS$ Teen Members Sentenced for High-Profile Attacks https://thehackernews.com/2023/12/british-lapsus-teen-members-sentenced.html Two British teens part of the LAPSUS$ cyber crime and extortion gang have been sentenced for their roles in orchestrating a string of high-profile attacks against a number of companies. Arion Kurtaj, an 18-year-old from Oxford, has been sentenced to an indefinite hospital order due to his intent to get back to cybercrime "as soon as possible," BBC reported. Kurtaj, who is autistic, was

Key findings from ESET Threat Report H2 2023 – Week in security with Tony Anscombe https://www.welivesecurity.com/en/videos/key-findings-eset-threat-report-h2-2023-week-security-tony-anscombe/ How cybercriminals take advantage of the popularity of ChatGPT and other tools of its ilk to direct people to sketchy sites, plus other interesting findings from ESET's latest Threat Report

Rogue WordPress Plugin Exposes E-Commerce Sites to Credit Card Theft https://thehackernews.com/2023/12/rogue-wordpress-plugin-exposes-e.html Threat hunters have discovered a rogue WordPress plugin that's capable of creating bogus administrator users and injecting malicious JavaScript code to steal credit card information. The skimming activity is part of a Magecart campaign targeting e-commerce websites, according to Sucuri. "As with many other malicious or fake WordPress plugins it contains some deceptive information at

Operation RusticWeb: Rust-Based Malware Targets Indian Government Entities https://thehackernews.com/2023/12/operation-rusticweb-rust-based-malware.html Indian government entities and the defense sector have been targeted by a phishing campaign that's engineered to drop Rust-based malware for intelligence gathering. The activity, first detected in October 2023, has been codenamed Operation RusticWeb by enterprise security firm SEQRITE. "New Rust-based payloads and encrypted PowerShell commands have been utilized to exfiltrate

Decoy Microsoft Word Documents Used to Deliver Nim-Based Malware https://thehackernews.com/2023/12/decoy-microsoft-word-documents-used-to.html A new phishing campaign is leveraging decoy Microsoft Word documents as bait to deliver a backdoor written in the Nim programming language. "Malware written in uncommon programming languages puts the security community at a disadvantage as researchers and reverse engineers' unfamiliarity can hamper their investigation," Netskope researchers Ghanashyam Satpathy and Jan Michael Alcantara&nbsp

UAC-0099 Using WinRAR Exploit to Target Ukrainian Firms with LONEPAGE Malware https://thehackernews.com/2023/12/uac-0099-using-winrar-exploit-to-target.html The threat actor known as UAC-0099 has been linked to continued attacks aimed at Ukraine, some of which leverage a high-severity flaw in the WinRAR software to deliver a malware strain called LONEPAGE. "The threat actor targets Ukrainian employees working for companies outside of Ukraine," cybersecurity firm Deep Instinct said in a Thursday analysis. UAC-0099 was first

Microsoft Warns of New 'FalseFont' Backdoor Targeting the Defense Sector https://thehackernews.com/2023/12/microsoft-warns-of-new-falsefont.html Organizations in the Defense Industrial Base (DIB) sector are in the crosshairs of an Iranian threat actor as part of a campaign designed to deliver a never-before-seen backdoor called FalseFont. The findings come from Microsoft, which is tracking the activity under its weather-themed moniker Peach Sandstorm (formerly Holmium), which is also known as APT33, Elfin, and Refined Kitten. "

Safeguard the joy: 10 tips for securing your shiny new device https://www.welivesecurity.com/en/cybersecurity/safeguard-joy-tips-securing-shiny-new-device/ Unwrapping a new gadget this holiday season will put a big smile on your face but things may quickly turn sour if the device and data on it aren’t secured properly

Experts Detail Multi-Million Dollar Licensing Model of Predator Spyware https://thehackernews.com/2023/12/multi-million-dollar-predator-spyware.html A new analysis of the sophisticated commercial spyware called Predator has revealed that its ability to persist between reboots is offered as an "add-on feature" and that it depends on the licensing options opted by a customer. "In 2021, Predator spyware couldn't survive a reboot on the infected Android system (it had it on iOS)," Cisco Talos researchers Mike Gentile, Asheer Malhotra, and Vitor

Chameleon Android Banking Trojan Variant Bypasses Biometric Authentication https://thehackernews.com/2023/12/new-chameleon-android-banking-trojan.html Cybersecurity researchers have discovered an updated version of an Android banking malware called Chameleon that has expanded its targeting to include users in the U.K. and Italy. "Representing a restructured and enhanced iteration of its predecessor, this evolved Chameleon variant excels in executing Device Takeover (DTO) using the accessibility service, all while expanding its targeted region,