TECHZONE™
Open in Telegram
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
Show more594
Subscribers
No data24 hours
No data7 days
-630 days
Posts Archive
594
4-Step Approach to Mapping and Securing Your Organization's Most Critical Assets
https://thehackernews.com/2024/05/4-step-approach-to-mapping-and-securing.html
You’re probably familiar with the term “critical assets”.
These are the technology assets within your company's IT infrastructure that are essential to the functioning of your organization. If anything happens to these assets, such as application servers, databases, or privileged identities, the ramifications to your security posture can be severe.
But is every technology asset considered
594
Researchers Warn of CatDDoS Botnet and DNSBomb DDoS Attack Technique
https://thehackernews.com/2024/05/researchers-warn-of-catddos-botnet-and.html
The threat actors behind the CatDDoS malware botnet have exploited over 80 known security flaws in various software over the past three months to infiltrate vulnerable devices and co-opt them into a botnet for conducting distributed denial-of-service (DDoS) attacks.
"CatDDoS-related gangs' samples have used a large number of known vulnerabilities to deliver samples," the QiAnXin XLab team
594
WordPress Plugin Exploited to Steal Credit Card Data from E-commerce Sites
https://thehackernews.com/2024/05/wordpress-plugin-exploited-to-steal.html
Unknown threat actors are abusing lesser-known code snippet plugins for WordPress to insert malicious PHP code in victim sites that are capable of harvesting credit card data.
The campaign, observed by Sucuri on May 11, 2024, entails the abuse of a WordPress plugin called Dessky Snippets, which allows users to add custom PHP code. It has over 200 active installations.
594
TP-Link Gaming Router Vulnerability Exposes Users to Remote Code Attacks
https://thehackernews.com/2024/05/tp-link-gaming-router-vulnerability.html
A maximum-severity security flaw has been disclosed in the TP-Link Archer C5400X gaming router that could lead to remote code execution on susceptible devices by sending specially crafted requests.
The vulnerability, tracked as CVE-2024-5035, carries a CVSS score of 10.0. It impacts all versions of the router firmware including and prior to 1_1.1.6. It has 
594
Moroccan Cybercrime Group Steals Up to $100K Daily Through Gift Card Fraud
https://thehackernews.com/2024/05/moroccan-cybercrime-group-steals-up-to.html
Microsoft is calling attention to a Morocco-based cybercrime group dubbed Storm-0539 that's behind gift card fraud and theft through highly sophisticated email and SMS phishing attacks.
"Their primary motivation is to steal gift cards and profit by selling them online at a discounted rate," the company said in its latest Cyber Signals report. "We've seen some examples where
594
Report: The Dark Side of Phishing Protection
https://thehackernews.com/2024/05/report-dark-side-of-phishing-protection.html
The transition to the cloud, poor password hygiene and the evolution in webpage technologies have all enabled the rise in phishing attacks. But despite sincere efforts by security stakeholders to mitigate them - through email protection, firewall rules and employee education - phishing attacks are still a very risky attack vector.
A new report by LayerX explores the state of
594
New Tricks in the Phishing Playbook: Cloudflare Workers, HTML Smuggling, GenAI
https://thehackernews.com/2024/05/new-tricks-in-phishing-playbook.html
Cybersecurity researchers are alerting of phishing campaigns that abuse Cloudflare Workers to serve phishing sites that are used to harvest users' credentials associated with Microsoft, Gmail, Yahoo!, and cPanel Webmail.
The attack method, called transparent phishing or adversary-in-the-middle (AitM) phishing, "uses Cloudflare Workers to act as a reverse proxy server for a
594
Pakistan-linked Hackers Deploy Python, Golang, and Rust Malware on Indian Targets
https://thehackernews.com/2024/05/pakistan-linked-hackers-deploy-python.html
The Pakistan-nexus Transparent Tribe actor has been linked to a new set of attacks targeting Indian government, defense, and aerospace sectors using cross-platform malware written in Python, Golang, and Rust.
"This cluster of activity spanned from late 2023 to April 2024 and is anticipated to persist," the BlackBerry Research and Intelligence Team said in a technical report
594
Experts Find Flaw in Replicate AI Service Exposing Customers' Models and Data
https://thehackernews.com/2024/05/experts-find-flaw-in-replicate-ai.html
Cybersecurity researchers have discovered a critical security flaw in an artificial intelligence (AI)-as-a-service provider Replicate that could have allowed threat actors to gain access to proprietary AI models and sensitive information.
"Exploitation of this vulnerability would have allowed unauthorized access to the AI prompts and results of all Replicate's platform customers,"
594
Mandatory reporting for ransomware attacks? – Week in security with Tony Anscombe
https://www.welivesecurity.com/en/videos/mandatory-reporting-ransomware-attacks-week-security-tony-anscombe/
As the UK mulls new rules for ransomware disclosure, what would be the wider implications of such a move, how would cyber-insurance come into play, and how might cybercriminals respond?
594
Hackers Created Rogue VMs to Evade Detection in Recent MITRE Cyber Attack
https://thehackernews.com/2024/05/hackers-created-rogue-vms-to-evade.html
The MITRE Corporation has revealed that the cyber attack targeting the not-for-profit company towards late December 2023 by exploiting zero-day flaws in Ivanti Connect Secure (ICS) involved the actor creating rogue virtual machines (VMs) within its VMware environment.
"The adversary created their own rogue VMs within the VMware environment, leveraging compromised vCenter Server access," MITRE
594
Fake Antivirus Websites Deliver Malware to Android and Windows Devices
https://thehackernews.com/2024/05/fake-antivirus-websites-deliver-malware.html
Threat actors have been observed making use of fake websites masquerading as legitimate antivirus solutions from Avast, Bitdefender, and Malwarebytes to propagate malware capable of stealing sensitive information from Android and Windows devices.
"Hosting malicious software through sites which look legitimate is predatory to general consumers, especially those who look to protect their devices
594
How Do Hackers Blend In So Well? Learn Their Tricks in This Expert Webinar
https://thehackernews.com/2024/05/how-do-hackers-blend-in-so-well-learn.html
Don't be fooled into thinking that cyber threats are only a problem for large organizations. The truth is that cybercriminals are increasingly targeting smaller businesses, and they're getting smarter every day.
Join our FREE webinar "Navigating the SMB Threat Landscape: Key Insights from Huntress' Threat Report," in which Jamie Levy — Director of Adversary Tactics at Huntress, a renowned
594
DevOps Dilemma: How Can CISOs Regain Control in the Age of Speed?
https://thehackernews.com/2024/05/devops-dilemma-how-can-cisos-regain.html
Introduction
The infamous Colonial pipeline ransomware attack (2021) and SolarWinds supply chain attack (2020) were more than data leaks; they were seismic shifts in cybersecurity. These attacks exposed a critical challenge for Chief Information Security Officers (CISOs): holding their ground while maintaining control over cloud security in the accelerating world of DevOps.
594
Google Detects 4th Chrome Zero-Day in May Actively Under Attack - Update ASAP
https://thehackernews.com/2024/05/google-detects-4th-chrome-zero-day-in.html
Google on Thursday rolled out fixes to address a high-severity security flaw in its Chrome browser that it said has been exploited in the wild.
Assigned the CVE identifier CVE-2024-5274, the vulnerability relates to a type confusion bug in the V8 JavaScript and WebAssembly engine. It was reported by Clément Lecigne of Google's Threat Analysis Group and Brendon Tiszka of
594
Courtroom Software Backdoored to Deliver RustDoor Malware in Supply Chain Attack
https://thehackernews.com/2024/05/courtroom-software-backdoored-to.html
Malicious actors have backdoored the installer associated with courtroom video recording software developed by Justice AV Solutions (JAVS) to deliver malware that's associated with a known backdoor called RustDoor.
The software supply chain attack, tracked as CVE-2024-4978, impacts JAVS Viewer v8.3.7, a component of the JAVS Suite 8 that allows users to create, manage, publish,
594
Japanese Experts Warn of BLOODALCHEMY Malware Targeting Government Agencies
https://thehackernews.com/2024/05/japanese-experts-warn-of-bloodalchemy.html
Cybersecurity researchers have discovered that the malware known as BLOODALCHEMY used in attacks targeting government organizations in Southern and Southeastern Asia is in fact an updated version of Deed RAT, which is believed to be a successor to ShadowPad.
"The origin of BLOODALCHEMY and Deed RAT is ShadowPad and given the history of ShadowPad being utilized in numerous APT
594
Introducing Nimfilt: A reverse-engineering tool for Nim-compiled binaries
https://www.welivesecurity.com/en/eset-research/introducing-nimfilt-reverse-engineering-tool-nim-compiled-binaries/
Available as both an IDA plugin and a Python script, Nimfilt helps to reverse engineer binaries compiled with the Nim programming language compiler by demangling package and function names, and applying structs to strings
594
Ransomware Attacks Exploit VMware ESXi Vulnerabilities in Alarming Pattern
https://thehackernews.com/2024/05/ransomware-attacks-exploit-vmware-esxi.html
Ransomware attacks targeting VMware ESXi infrastructure following an established pattern regardless of the file-encrypting malware deployed.
"Virtualization platforms are a core component of organizational IT infrastructure, yet they often suffer from inherent misconfigurations and vulnerabilities, making them a lucrative and highly effective target for threat actors to abuse,"
594
CISA Warns of Actively Exploited Apache Flink Security Vulnerability
https://thehackernews.com/2024/05/cisa-warns-of-actively-exploited-apache.html
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a security flaw impacting Apache Flink, the open-source, unified stream-processing and batch-processing framework, to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
Tracked as CVE-2020-17519, the issue relates to a case of improper access control that
