TECHZONE™
Open in Telegram
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
Show more593
Subscribers
No data24 hours
-27 days
-830 days
Posts Archive
593
Iranian Hackers Using MuddyC2Go in Telecom Espionage Attacks Across Africa
https://thehackernews.com/2023/12/iranian-hackers-using-muddyc2go-in-new.html
The Iranian nation-state actor known as MuddyWater has leveraged a newly discovered command-and-control (C2) framework called MuddyC2Go in its attacks on the telecommunications sector in Egypt, Sudan, and Tanzania.
The Symantec Threat Hunter Team, part of Broadcom, is tracking the activity under the name Seedworm, which is also tracked under the monikers Boggy Serpens, Cobalt
593
ESET Research Podcast: Neanderthals, Mammoths and Telekopye
https://www.welivesecurity.com/en/podcasts/eset-research-podcast-neanderthals-mammoths-telekopye/
ESET researchers discuss the dynamics within and between various groups of scammers who use a Telegram bot called Telekopye to scam people on online marketplaces
593
New Malvertising Campaign Distributing PikaBot Disguised as Popular Software
https://thehackernews.com/2023/12/new-malvertising-campaign-distributing.html
The malware loader known as PikaBot is being distributed as part of a malvertising campaign targeting users searching for legitimate software like AnyDesk.
"PikaBot was previously only distributed via malspam campaigns similarly to QakBot and emerged as one of the preferred payloads for a threat actor known as TA577," Malwarebytes' Jérôme Segura said.
The malware family,
593
8220 Gang Exploiting Oracle WebLogic Server Vulnerability to Spread Malware
https://thehackernews.com/2023/12/8220-gang-exploiting-oracle-weblogic.html
The threat actors associated with the 8220 Gang have been observed exploiting a high-severity flaw in Oracle WebLogic Server to propagate their malware.
The security shortcoming is CVE-2020-14883 (CVSS score: 7.2), a remote code execution bug that could be exploited by authenticated attackers to take over susceptible servers.
"This vulnerability allows remote authenticated
593
Double-Extortion Play Ransomware Strikes 300 Organizations Worldwide
https://thehackernews.com/2023/12/double-extortion-play-ransomware.html
The threat actors behind the Play ransomware are estimated to have impacted approximately 300 entities as of October 2023, according to a new joint cybersecurity advisory from Australia and the U.S.
"Play ransomware actors employ a double-extortion model, encrypting systems after exfiltrating data and have impacted a wide range of businesses and critical infrastructure organizations in North
593
Beware: Experts Reveal New Details on Zero-Click Outlook RCE Exploits
https://thehackernews.com/2023/12/beware-experts-reveal-new-details-on.html
Technical details have emerged about two now-patched security flaws in Microsoft Windows that could be chained by threat actors to achieve remote code execution on the Outlook email service sans any user interaction.
"An attacker on the internet can chain the vulnerabilities together to create a full, zero-click remote code execution (RCE) exploit against Outlook clients," Akamai security
593
Top 7 Trends Shaping SaaS Security in 2024
https://thehackernews.com/2023/12/top-7-trends-shaping-saas-security-in.html
Over the past few years, SaaS has developed into the backbone of corporate IT. Service businesses, such as medical practices, law firms, and financial services firms, are almost entirely SaaS based. Non-service businesses, including manufacturers and retailers, have about 70% of their software in the cloud.
These applications contain a wealth of data, from minimally sensitive general
593
Rhadamanthys Malware: Swiss Army Knife of Information Stealers Emerges
https://thehackernews.com/2023/12/rhadamanthys-malware-swiss-army-knife.html
The developers of the information stealer malware known as Rhadamanthys are actively iterating on its features, broadening its information-gathering capabilities and also incorporating a plugin system to make it more customizable.
This approach not only transforms it into a threat capable of delivering "specific distributor needs," but also makes it more potent, Check Point said&
593
Four U.S. Nationals Charged in $80 Million Pig Butchering Crypto Scam
https://thehackernews.com/2023/12/four-us-nationals-charged-in-80-million.html
Four U.S. nationals have been charged for participating in an illicit scheme that earned them more than $80 million via cryptocurrency investment scams.
The defendants – Lu Zhang, 36, of Alhambra, California; Justin Walker, 31, of Cypress, California; Joseph Wong, 32, Rosemead, California; and Hailong Zhu, 40, Naperville, Illinois – have been charged with conspiracy to commit money laundering,
593
Unmasking the Dark Side of Low-Code/No-Code Applications
https://thehackernews.com/2023/12/unmasking-dark-side-of-low-codeno-code.html
Low-code/no-code (LCNC) and robotic process automation (RPA) have gained immense popularity, but how secure are they? Is your security team paying enough attention in an era of rapid digital transformation, where business users are empowered to create applications swiftly using platforms like Microsoft PowerApps, UiPath, ServiceNow, Mendix, and OutSystems?
The simple truth is often swept under
593
QakBot Malware Resurfaces with New Tactics, Targeting the Hospitality Industry
https://thehackernews.com/2023/12/qakbot-malware-resurfaces-with-new.html
A new wave of phishing messages distributing the QakBot malware has been observed, more than three months after a law enforcement effort saw its infrastructure dismantled by infiltrating its command-and-control (C2) network.
Microsoft, which made the discovery, described it as a low-volume campaign that began on December 11, 2023, and targeted the hospitality industry.
"Targets
593
CISA Urges Manufacturers Eliminate Default Passwords to Thwart Cyber Threats
https://thehackernews.com/2023/12/cisa-urges-manufacturers-eliminate.html
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is urging manufacturers to get rid of default passwords on internet-exposed systems altogether, citing severe risks that could be exploited by malicious actors to gain initial access to, and move laterally within, organizations.
In an alert published last week, the agency called out Iranian threat actors affiliated with
593
MongoDB Suffers Security Breach, Exposing Customer Data
https://thehackernews.com/2023/12/mongodb-suffers-security-breach.html
MongoDB on Saturday disclosed it's actively investigating a security incident that has led to unauthorized access to "certain" corporate systems, resulting in the exposure of customer account metadata and contact information.
The American database software company said it first detected anomalous activity on December 13, 2023, and that it immediately activated its incident response
593
New iOS feature to thwart eavesdropping – Week in security with Tony Anscombe
https://www.welivesecurity.com/en/videos/new-ios-feature-thwart-eavesdropping-week-security-tony-anscombe/
Your iPhone has just received a new feature called iMessage Contact Key Verification that is designed to help protect your messages from prying eyes
593
China's MIIT Introduces Color-Coded Action Plan for Data Security Incidents
https://thehackernews.com/2023/12/chinas-miit-introduces-color-coded.html
China's Ministry of Industry and Information Technology (MIIT) on Friday unveiled draft proposals detailing its plans to tackle data security events in the country using a color-coded system.
The effort is designed to "improve the comprehensive response capacity for data security incidents, to ensure timely and effective control, mitigation and elimination of hazards and losses caused
593
Microsoft Warns of Storm-0539: The Rising Threat Behind Holiday Gift Card Frauds
https://thehackernews.com/2023/12/microsoft-warns-of-storm-0539-rising.html
Microsoft is warning of an uptick in malicious activity from an emerging threat cluster it's tracking as Storm-0539 for orchestrating gift card fraud and theft via highly sophisticated email and SMS phishing attacks against retail entities during the holiday shopping season.
The goal of the attacks is to propagate booby-trapped links that direct victims to adversary-in-the-middle (AiTM
593
New KV-Botnet Targeting Cisco, DrayTek, and Fortinet Devices for Stealthy Attacks
https://thehackernews.com/2023/12/new-kv-botnet-targeting-cisco-draytek.html
A new botnet consisting of firewalls and routers from Cisco, DrayTek, Fortinet, and NETGEAR is being used as a covert data transfer network for advanced persistent threat actors, including the China-linked threat actor called Volt Typhoon.
Dubbed KV-botnet by the Black Lotus Labs team at Lumen Technologies, the malicious network is an amalgamation of two complementary activity
593
Crypto Hardware Wallet Ledger's Supply Chain Breach Results in $600,000 Theft
https://thehackernews.com/2023/12/crypto-hardware-wallet-ledgers-supply.html
Crypto hardware wallet maker Ledger published a new version of its "@ledgerhq/connect-kit" npm module after unidentified threat actors pushed malicious code that led to the theft of more than $600,000 in virtual assets.
The compromise was the result of a former employee falling victim to a phishing attack, the company said in a statement.
This allowed the attackers to gain
593
Bug or Feature? Hidden Web Application Vulnerabilities Uncovered
https://thehackernews.com/2023/12/bug-or-feature-hidden-web-application.html
Web Application Security consists of a myriad of security controls that ensure that a web application:
Functions as expected.
Cannot be exploited to operate out of bounds.
Cannot initiate operations that it is not supposed to do.
Web Applications have become ubiquitous after the expansion of Web 2.0, which Social Media Platforms, E-Commerce websites, and email clients saturating the internet
593
New Security Vulnerabilities Uncovered in pfSense Firewall Software - Patch Now
https://thehackernews.com/2023/12/new-security-vulnerabilities-uncovered.html
Multiple security vulnerabilities have been discovered in the open-source Netgate pfSense firewall solution called pfSense that could be chained by an attacker to execute arbitrary commands on susceptible appliances.
The issues relate to two reflected cross-site scripting (XSS) bugs and one command injection flaw, according to new findings from Sonar.
"Security inside a local network is often
