TECHZONEā¢
Open in Telegram
TECHZONE CYBERNEWS && UPDATES Wį“Źį“į“į“į“ Tį“ TECHZONE⢠āļøInfosec Facts āļøCheatsheets āļøFree Courses āļøOpen source tools āļøTech news
Show more593
Subscribers
No data24 hours
-27 days
-830 days
Posts Archive
593
New Python-based FBot Hacking Toolkit Aims at Cloud and SaaS Platforms
https://thehackernews.com/2024/01/new-python-based-fbot-hacking-toolkit.html
A new Python-based hacking tool called FBot has been uncovered targeting web servers, cloud services, content management systems (CMS), and SaaS platforms such as Amazon Web Services (AWS), Microsoft 365, PayPal, Sendgrid, and Twilio.
āKey features include credential harvesting for spamming attacks, AWS account hijacking tools, and functions to enable attacks against PayPal and various
593
There is a Ransomware Armageddon Coming for Us All
https://thehackernews.com/2024/01/there-is-ransomware-armageddon-coming.html
Generative AI will enable anyone to launch sophisticated phishing attacks that only Next-generation MFA devices can stop
The least surprising headline from 2023 is that ransomware again set new records for a number of incidents and the damage inflicted. We saw new headlines every week, which included a whoās-who of big-name organizations. If MGM, Johnson Controls, Chlorox, Hanes Brands, Caesars
593
Atomic Stealer Gets an Upgrade - Targeting Mac Users with Encrypted Payload
https://thehackernews.com/2024/01/atomic-stealer-gets-upgrade-targeting.html
Cybersecurity researchers have identified an updated version of a macOS information stealer called Atomic (or AMOS), indicating that the threat actors behind the malware are actively enhancing its capabilities.
"It looks like Atomic Stealer was updated around mid to late December 2023, where its developers introduced payload encryption in an effort to bypass detection rules,"
593
Attack of the copycats: How fake messaging apps and app mods could bite you
https://www.welivesecurity.com/en/mobile-security/attack-copycats-fake-messaging-apps-app-mods/
WhatsApp, Telegram and Signal clones and mods remain a popular vehicle for malware distribution. Donāt get taken for a ride.
593
Mandiant's X Account Was Hacked Using Brute-Force Attack
https://thehackernews.com/2024/01/mandiants-x-account-was-hacked-using.html
The compromise of Mandiant's X (formerly Twitter) account last week was likely the result of a "brute-force password attack," attributing the hack to a drainer-as-a-service (DaaS) group.
"Normally, [two-factor authentication] would have mitigated this, but due to some team transitions and a change in X's 2FA policy, we were not adequately protected," the threat intelligence firm said
593
Chinese Hackers Exploit Zero-Day Flaws in Ivanti Connect Secure and Policy Secure
https://thehackernews.com/2024/01/chinese-hackers-exploit-zero-day-flaws.html
A pair of zero-day flaws identified in Ivanti Connect Secure (ICS) and Policy Secure have been chained by suspected China-linked nation-state actors to breach less than 10 customers.
Cybersecurity firm Volexity, which identified the activity on the network of one of its customers in the second week of December 2023, attributed it to a hacking group it tracks under the name UTA0178
593
Cisco Fixes High-Risk Vulnerability Impacting Unity Connection Software
https://thehackernews.com/2024/01/cisco-fixes-high-risk-vulnerability.html
Cisco has released software updates to address a critical security flaw impacting Unity Connection that could permit an adversary to execute arbitrary commands on the underlying system.
Tracked as CVE-2024-20272 (CVSS score: 7.3), the vulnerability is an arbitrary file upload bug residing in the web-based management interface and is the result of a lack of authentication in a specific
593
Love is in the AI: Finding love online takes on a whole new meaning
https://www.welivesecurity.com/en/we-live-progress/love-ai-finding-love-online-whole-new-meaning/
Is AI companionship the future of not-so-human connection ā and even the cure for loneliness?
593
NoaBot: Latest Mirai-Based Botnet Targeting SSH Servers for Crypto Mining
https://thehackernews.com/2024/01/noabot-latest-mirai-based-botnet.html
A new Mirai-based botnet called NoaBot is being used by threat actors as part of a crypto mining campaign since the beginning of 2023.
āThe capabilities of the new botnet, NoaBot, include a wormable self-spreader and an SSH key backdoor to download and execute additional binaries or spread itself to new victims,ā Akamai security researcher Stiv Kupchik said in a report shared with The
593
Getting off the Attack Surface Hamster Wheel: Identity Can Help
https://thehackernews.com/2024/01/getting-off-attack-surface-hamster.html
IT professionals have developed a sophisticated understanding of the enterprise attack surface ā what it is, how to quantify it and how to manage it.
The process is simple: begin by thoroughly assessing the attack surface, encompassing the entire IT environment. Identify all potential entry and exit points where unauthorized access could occur. Strengthen these vulnerable points using
593
Free Decryptor Released for Black Basta and Babuk's Tortilla Ransomware Victims
https://thehackernews.com/2024/01/free-decryptor-released-for-black-basta.html
A decryptor for the Tortilla variant of the Babuk ransomware has been released by Cisco Talos, allowing victims targeted by the malware to regain access to their files.
The cybersecurity firm said the threat intelligence it shared with Dutch law enforcement authorities made it possible to arrest the threat actor behind the operations.
The encryption key has also been shared with Avast,
593
FTC Bans Outlogic (X-Mode) From Selling Sensitive Location Data
https://thehackernews.com/2024/01/ftc-bans-outlogic-x-mode-from-selling.html
The U.S. Federal Trade Commission (FTC) on Tuesday prohibited data broker Outlogic, which was previously known as X-Mode Social, from sharing or selling any sensitive location data with third-parties.
The ban is part of a settlement over allegations that the company "sold precise location data that could be used to track people's visits to sensitive locations such as medical and
593
Microsoft's January 2024 Windows Update Patches 48 New Vulnerabilities
https://thehackernews.com/2024/01/microsofts-january-2024-windows-update.html
Microsoft has addressed a total of 48 security flaws spanning its software as part of its Patch Tuesday updates for January 2024.
Of the 48 bugs, two are rated Critical and 46 are rated Important in severity. There is no evidence that any of the issues are publicly known or under active attack at the time of release, making it the second consecutive Patch Tuesday with no zero-days.
The
593
CISA Flags 6 Vulnerabilities - Apple, Apache, Adobe , D-Link, Joomla Under Attack
https://thehackernews.com/2024/01/cisa-flags-6-vulnerabilities-apple.html
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added six security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
This includes CVE-2023-27524 (CVSS score: 8.9), a high-severity vulnerability impacting the Apache Superset open-source data visualization software that could enable remote code execution.
593
Alert: Water Curupira Hackers Actively Distributing PikaBot Loader Malware
https://thehackernews.com/2024/01/alert-water-curupira-hackers-actively.html
A threat actor called Water Curupira has been observed actively distributing the PikaBot loader malware as part of spam campaigns in 2023.
āPikaBotās operators ran phishing campaigns, targeting victims via its two components ā a loader and a core module ā which enabled unauthorized remote access and allowed the execution of arbitrary commands through an established connection with
593
Turkish Hackers Exploiting Poorly Secured MS SQL Servers Across the Globe
https://thehackernews.com/2024/01/turkish-hackers-exploiting-poorly.html
Poorly secured Microsoft SQL (MS SQL) servers are being targeted in the U.S., European Union, and Latin American (LATAM) regions as part of an ongoing financially motivated campaign to gain initial access.
āThe analyzed threat campaign appears to end in one of two ways, either the selling of āaccessā to the compromised host, or the ultimate delivery of ransomware payloads,ā Securonix researchers
593
Why Public Links Expose Your SaaS Attack Surface
https://thehackernews.com/2024/01/why-public-links-expose-your-saas.html
Collaboration is a powerful selling point for SaaS applications. Microsoft, Github, Miro, and others promote the collaborative nature of their software applications that allows users to do more.
Links to files, repositories, and boards can be shared with anyone, anywhere. This encourages teamwork that helps create stronger campaigns and projects by encouraging collaboration among employees
593
Alert: New Vulnerabilities Discovered in QNAP and Kyocera Device Manager
https://thehackernews.com/2024/01/alert-new-vulnerabilities-discovered-in.html
A security flaw has been disclosed in Kyoceraās Device Manager product that could be exploited by bad actors to carry out malicious activities on affected systems.
"This vulnerability allows attackers to coerce authentication attempts to their own resources, such as a malicious SMB share, to capture or relay Active Directory hashed credentials if the āRestrict NTLM: Outgoing NTLM
593
Beware! YouTube Videos Promoting Cracked Software Distribute Lumma Stealer
https://thehackernews.com/2024/01/beware-youtube-videos-promoting-cracked.html
Threat actors are resorting to YouTube videos featuring content related to cracked software in order to entice users into downloading an information stealer malware called Lumma.
āThese YouTube videos typically feature content related to cracked applications, presenting users with similar installation guides and incorporating malicious URLs often shortened using services like TinyURL and Cuttly,
593
Syrian Hackers Distributing Stealthy C#-Based Silver RAT to Cybercriminals
https://thehackernews.com/2024/01/syrian-hackers-distributing-stealthy-c.html
Threat actors operating under the name Anonymous Arabic have released a remote access trojan (RAT) called Silver RAT thatās equipped to bypass security software and stealthily launch hidden applications.
āThe developers operate on multiple hacker forums and social media platforms, showcasing an active and sophisticated presence,ā cybersecurity firm Cyfirma said in a report
