TECHZONE™
Open in Telegram
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
Show more596
Subscribers
No data24 hours
No data7 days
-930 days
Posts Archive
596
Critical Flaw in WordPress LiteSpeed Cache Plugin Allows Hackers Admin Access
https://thehackernews.com/2024/08/critical-flaw-in-wordpress-litespeed.html
Cybersecurity researchers have disclosed a critical security flaw in the LiteSpeed Cache plugin for WordPress that could permit unauthenticated users to gain administrator privileges.
"The plugin suffers from an unauthenticated privilege escalation vulnerability which allows any unauthenticated visitor to gain Administrator level access after which malicious plugins could be uploaded and
596
GitHub Patches Critical Security Flaw in Enterprise Server Granting Admin Privileges
https://thehackernews.com/2024/08/github-patches-critical-security-flaw.html
GitHub has released fixes to address a set of three security flaws impacting its Enterprise Server product, including one critical bug that could be abused to gain site administrator privileges.
The most severe of the shortcomings has been assigned the CVE identifier CVE-2024-6800, and carries a CVSS score of 9.5.
"On GitHub Enterprise Server instances that use SAML single sign-on (SSO)
596
New Malware PG_MEM Targets PostgreSQL Databases for Crypto Mining
https://thehackernews.com/2024/08/new-malware-pgmem-targets-postgresql.html
Cybersecurity researchers have unpacked a new malware strain dubbed PG_MEM that's designed to mine cryptocurrency after brute-forcing their way into PostgreSQL database instances.
"Brute-force attacks on Postgres involve repeatedly attempting to guess the database credentials until access is gained, exploiting weak passwords," Aqua security researcher Assaf Morag said in a technical report.
"
596
Microsoft Patches Critical Copilot Studio Vulnerability Exposing Sensitive Data
https://thehackernews.com/2024/08/microsoft-patches-critical-copilot.html
Cybersecurity researchers have disclosed a critical security flaw impacting Microsoft's Copilot Studio that could be exploited to access sensitive information.
Tracked as CVE-2024-38206 (CVSS score: 8.5), the vulnerability has been described as an information disclosure bug stemming from a server-side request forgery (SSRF) attack.
"An authenticated attacker can bypass Server-Side Request
596
North Korean Hackers Deploy New MoonPeak Trojan in Cyber Campaign
https://thehackernews.com/2024/08/north-korean-hackers-deploy-new.html
A new remote access trojan called MoonPeak has been discovered as being used by a state-sponsored North Korean threat activity cluster as part of a new campaign.
Cisco Talos attributed the malicious cyber campaign to a hacking group it tracks as UAT-5394, which it said exhibits some level of tactical overlaps with a known nation-state actor codenamed Kimsuky.
MoonPeak, under active development
596
It's Time To Untangle the SaaS Ball of Yarn
https://thehackernews.com/2024/08/its-time-to-untangle-saas-ball-of-yarn.html
It's no great revelation to say that SaaS applications have changed the way we operate, both in our personal and professional lives. We routinely rely on cloud-based and remote applications to conduct our basic functions, with the result that the only true perimeter of our networks has become the identities with which we log into these services.
Unfortunately – as is so often the case – our
596
Styx Stealer Creator's OPSEC Fail Leaks Client List and Profit Details
https://thehackernews.com/2024/08/styx-stealer-creators-opsec-fail-leaks.html
In what's a case of an operational security (OPSEC) lapse, the operator behind a new information stealer called Styx Stealer leaked data from their own computer, including details related to the clients, profit information, nicknames, phone numbers, and email addresses.
Styx Stealer, a derivative of the Phemedrone Stealer, is capable of stealing browser data, instant messenger sessions from
596
New macOS Malware TodoSwift Linked to North Korean Hacking Groups
https://thehackernews.com/2024/08/new-macos-malware-todoswift-linked-to.html
Cybersecurity researchers have uncovered a new macOS malware strain dubbed TodoSwift that they say exhibits commonalities with known malicious software used by North Korean hacking groups.
"This application shares several behaviors with malware we've seen that originated in North Korea (DPRK) — specifically the threat actor known as BlueNoroff — such as KANDYKORN and RustBucket," Kandji security
596
Be careful what you pwish for – Phishing in PWA applications
https://www.welivesecurity.com/en/eset-research/be-careful-what-you-pwish-for-phishing-in-pwa-applications/
ESET analysts dissect a novel phishing method tailored to Android and iOS users
596
CERT-UA Warns of New Vermin-Linked Phishing Attacks with PoW Bait
https://thehackernews.com/2024/08/cert-ua-warns-of-new-vermin-linked.html
The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of new phishing attacks that aim to infect devices with malware.
The activity has been attributed to a threat cluster it tracks as UAC-0020, which is also known as Vermin. The exact scale and scope of the attacks are presently unknown.
The attack chains commence with phishing messages with photos of alleged prisoners of war (
596
GiveWP WordPress Plugin Vulnerability Puts 100,000+ Websites at Risk
https://thehackernews.com/2024/08/givewp-wordpress-plugin-vulnerability.html
A maximum-severity security flaw has been disclosed in the WordPress GiveWP donation and fundraising plugin that exposes more than 100,000 websites to remote code execution attacks.
The flaw, tracked as CVE-2024-5932 (CVSS score: 10.0), impacts all versions of the plugin prior to version 3.14.2, which was released on August 7, 2024. A security researcher, who goes by the online alias villu164,
596
Detecting AWS Account Compromise: Key Indicators in CloudTrail Logs for Stolen API Keys
https://thehackernews.com/2024/08/detecting-aws-account-compromise-key.html
As cloud infrastructure becomes the backbone of modern enterprises, ensuring the security of these environments is paramount. With AWS (Amazon Web Services) still being the dominant cloud it is important for any security professional to know where to look for signs of compromise. AWS CloudTrail stands out as an essential tool for tracking and logging API activity, providing a comprehensive
596
Czech Mobile Users Targeted in New Banking Credential Theft Scheme
https://thehackernews.com/2024/08/czech-mobile-users-targeted-in-new.html
Mobile users in the Czech Republic are the target of a novel phishing campaign that leverages a Progressive Web Application (PWA) in an attempt to steal their banking account credentials.
The attacks have targeted the Czech-based Československá obchodní banka (CSOB), as well as the Hungarian OTP Bank and the Georgian TBC Bank, according to Slovak cybersecurity company ESET.
"The phishing
596
Hackers Exploit PHP Vulnerability to Deploy Stealthy Msupedge Backdoor
https://thehackernews.com/2024/08/hackers-exploit-php-vulnerability-to.html
A previously undocumented backdoor named Msupedge has been put to use against a cyber attack targeting an unnamed university in Taiwan.
"The most notable feature of this backdoor is that it communicates with a command-and-control (C&C) server via DNS traffic," the Symantec Threat Hunter Team, part of Broadcom, said in a report shared with The Hacker News.
The origins of the backdoor are
596
Anatomy of an Attack
https://thehackernews.com/2024/08/anatomy-of-attack.html
In today's rapidly evolving cyber threat landscape, organizations face increasingly sophisticated attacks targeting their applications. Understanding these threats and the technologies designed to combat them is crucial. This article delves into the mechanics of a common application attack, using the infamous Log4Shell vulnerability as an example, and demonstrates how Application Detection and
596
Researchers Uncover TLS Bootstrap Attack on Azure Kubernetes Clusters
https://thehackernews.com/2024/08/researchers-uncover-tls-bootstrap.html
Cybersecurity researchers have disclosed a security flaw impacting Microsoft Azure Kubernetes Services that, if successfully exploited, could allow an attacker to escalate their privileges and access credentials for services used by the cluster.
"An attacker with command execution in a Pod running within an affected Azure Kubernetes Services cluster could download the configuration used to
596
Iranian Cyber Group TA453 Targets Jewish Leader with New AnvilEcho Malware
https://thehackernews.com/2024/08/iranian-cyber-group-ta453-targets.html
Iranian state-sponsored threat actors have been observed orchestrating spear-phishing campaigns targeting a prominent Jewish figure starting in late July 2024 with the goal of delivering a new intelligence-gathering tool called AnvilEcho.
Enterprise security company Proofpoint is tracking the activity under the name TA453, which overlaps with activity tracked by the broader cybersecurity
596
Blind Eagle Hackers Exploit Spear-Phishing to Deploy RATs in Latin America
https://thehackernews.com/2024/08/blind-eagle-hackers-exploit-spear.html
Cybersecurity researchers have shed light on a threat actor known as Blind Eagle that has persistently targeted entities and individuals in Colombia, Ecuador, Chile, Panama, and other Latin American nations.
Targets of these attacks span several sectors, including governmental institutions, financial companies, energy and oil and gas companies.
"Blind Eagle has demonstrated adaptability in
596
Thousands of Oracle NetSuite Sites at Risk of Exposing Customer Information
https://thehackernews.com/2024/08/thousands-of-oracle-netsuite-sites-at.html
Cybersecurity researchers are warning about the discovery of thousands of externally-facing Oracle NetSuite e-commerce sites that have been found susceptible to leaking sensitive customer information.
"A potential issue in NetSuite's SuiteCommerce platform could allow attackers to access sensitive data due to misconfigured access controls on custom record types (CRTs)," AppOmni's Aaron Costello
596
CISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks
https://thehackernews.com/2024/08/cisa-warns-of-critical-jenkins.html
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security flaw impacting Jenkins to its Known Exploited Vulnerabilities (KEV) catalog, following its exploitation in ransomware attacks.
The vulnerability, tracked as CVE-2024-23897 (CVSS score: 9.8), is a path traversal flaw that could lead to code execution.
"Jenkins Command Line Interface (CLI) contains a
Available now! Telegram Research 2025 — the year's key insights 
