TECHZONE™
Ir al canal en Telegram
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
Mostrar más594
Suscriptores
Sin datos24 horas
Sin datos7 días
-630 días
Archivo de publicaciones
594
Malicious PyPI and npm Packages Discovered Exploiting Dependencies in Supply Chain Attacks
https://thehackernews.com/2025/08/malicious-pypi-and-npm-packages.html
Cybersecurity researchers have discovered a malicious package in the Python Package Index (PyPI) repository that introduces malicious behavior through a dependency that allows it to establish persistence and achieve code execution.
The package, named termncolor, realizes its nefarious functionality through a dependency package called colorinal by means of a multi-stage malware operation, Zscaler
594
Wazuh for Regulatory Compliance
https://thehackernews.com/2025/08/wazuh-for-regulatory-compliance.html
Organizations handling various forms of sensitive data or personally identifiable information (PII) require adherence to regulatory compliance standards and frameworks. These compliance standards also apply to organizations operating in regulated sectors such as healthcare, finance, government contracting, or education. Some of these standards and frameworks include, but are not limited to:
594
ERMAC V3.0 Banking Trojan Source Code Leak Exposes Full Malware Infrastructure
https://thehackernews.com/2025/08/ermac-v30-banking-trojan-source-code.html
Cybersecurity researchers have detailed the inner workings of an Android banking trojan called ERMAC 3.0, uncovering serious shortcomings in the operators' infrastructure.
"The newly uncovered version 3.0 reveals a significant evolution of the malware, expanding its form injection and data theft capabilities to target more than 700 banking, shopping, and cryptocurrency applications,"
594
Russian Group EncryptHub Exploits MSC EvilTwin Vulnerability to Deploy Fickle Stealer Malware
https://thehackernews.com/2025/08/russian-group-encrypthub-exploits-msc.html
The threat actor known as EncryptHub is continuing to exploit a now-patched security flaw impacting Microsoft Windows to deliver malicious payloads.
Trustwave SpiderLabs said it recently observed an EncryptHub campaign that brings together social engineering and the exploitation of a vulnerability in the Microsoft Management Console (MMC) framework (CVE-2025-26633, aka MSC EvilTwin) to trigger
594
Taiwan Web Servers Breached by UAT-7237 Using Customized Open-Source Hacking Tools
https://thehackernews.com/2025/08/taiwan-web-servers-breached-by-uat-7237.html
A Chinese-speaking advanced persistent threat (APT) actor has been observed targeting web infrastructure entities in Taiwan using customized versions of open-sourced tools with an aim to establish long-term access within high-value victim environments.
The activity has been attributed by Cisco Talos to an activity cluster it tracks as UAT-7237, which is believed to be active since at least 2022.
594
U.S. Sanctions Garantex and Grinex Over $100M in Ransomware-Linked Illicit Crypto Transactions
https://thehackernews.com/2025/08/us-sanctions-garantex-and-grinex-over.html
The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) on Thursday renewed sanctions against Russian cryptocurrency exchange platform Garantex for facilitating ransomware actors and other cybercriminals by processing more than $100 million in transactions linked to illicit activities since 2019.
The Treasury said it's also imposing sanctions on Garantex's successor, Grinex
594
Zero Trust + AI: Privacy in the Age of Agentic AI
https://thehackernews.com/2025/08/zero-trust-ai-privacy-in-age-of-agentic.html
We used to think of privacy as a perimeter problem: about walls and locks, permissions, and policies. But in a world where artificial agents are becoming autonomous actors — interacting with data, systems, and humans without constant oversight — privacy is no longer about control. It’s about trust. And trust, by definition, is about what happens when you’re not looking.
Agentic AI — AI that
594
Cisco Warns of CVSS 10.0 FMC RADIUS Flaw Allowing Remote Code Execution
https://thehackernews.com/2025/08/cisco-warns-of-cvss-100-fmc-radius-flaw.html
Cisco has released security updates to address a maximum-severity security flaw in Secure Firewall Management Center (FMC) Software that could allow an attacker to execute arbitrary code on affected systems.
The vulnerability, assigned the CVE identifier CVE-2025-20265 (CVSS score: 10.0), affects the RADIUS subsystem implementation that could permit an unauthenticated, remote attacker to inject
594
New HTTP/2 'MadeYouReset' Vulnerability Enables Large-Scale DoS Attacks
https://thehackernews.com/2025/08/new-http2-madeyoureset-vulnerability.html
Multiple HTTP/2 implementations have been found susceptible to a new attack technique called MadeYouReset that could be explored to conduct powerful denial-of-service (DoS) attacks.
"MadeYouReset bypasses the typical server-imposed limit of 100 concurrent HTTP/2 requests per TCP connection from a client. This limit is intended to mitigate DoS attacks by restricting the number of simultaneous
594
Hackers Found Using CrossC2 to Expand Cobalt Strike Beacon’s Reach to Linux and macOS
https://thehackernews.com/2025/08/researchers-warn-crossc2-expands-cobalt.html
Japan's CERT coordination center (JPCERT/CC) on Thursday revealed it observed incidents that involved the use of a command-and-control (C2) framework called CrossC2, which is designed to extend the functionality of Cobalt Strike to other platforms like Linux and Apple macOS for cross-platform system control.
The agency said the activity was detected between September and December 2024, targeting
594
Have You Turned Off Your Virtual Oven?
https://thehackernews.com/2025/08/have-you-turned-off-your-virtual-oven.html
You check that the windows are shut before leaving home. Return to the kitchen to verify that the oven and stove were definitely turned off. Maybe even circle back again to confirm the front door was properly closed. These automatic safety checks give you peace of mind because you know the unlikely but potentially dangerous consequences of forgetting – a break-in, fire, or worse.
Your
594
New Android Malware Wave Hits Banking via NFC Relay Fraud, Call Hijacking, and Root Exploits
https://thehackernews.com/2025/08/new-android-malware-wave-hits-banking.html
Cybersecurity researchers have disclosed a new Android trojan called PhantomCard that abuses near-field communication (NFC) to conduct relay attacks for facilitating fraudulent transactions in attacks targeting banking customers in Brazil.
"PhantomCard relays NFC data from a victim's banking card to the fraudster's device," ThreatFabric said in a report. "PhantomCard is based on
594
Simple Steps for Attack Surface Reduction
https://thehackernews.com/2025/08/simple-steps-for-attack-surface.html
Story teaser text: Cybersecurity leaders face mounting pressure to stop attacks before they start, and the best defense may come down to the settings you choose on day one. In this piece, Yuriy Tsibere explores how default policies like deny-by-default, MFA enforcement, and application Ringfencing ™ can eliminate entire categories of risk. From disabling Office macros to blocking outbound server
594
Google Requires Crypto App Licenses in 15 Regions as FBI Warns of $9.9M Scam Losses
https://thehackernews.com/2025/08/google-requires-crypto-app-licenses-in.html
Google said it's implementing a new policy requiring developers of cryptocurrency exchanges and wallets to obtain government licenses before publishing apps in 15 jurisdictions in order to "ensure a safe and compliant ecosystem for users."
The policy applies to markets like Bahrain, Canada, Hong Kong, Indonesia, Israel, Japan, the Philippines, South Africa, South Korea, Switzerland, Thailand,
594
CISA Adds Two N-able N-central Flaws to Known Exploited Vulnerabilities Catalog
https://thehackernews.com/2025/08/cisa-adds-two-n-able-n-central-flaws-to.html
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added two security flaws impacting N-able N-central to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
N-able N-central is a Remote Monitoring and Management (RMM) platform designed for Managed Service Providers (MSPs), allowing customers to efficiently manage and secure
594
Supply-chain dependencies: Check your resilience blind spot
https://www.welivesecurity.com/en/business-security/supply-chain-dependencies-resilience-blind-spot/
Does your business truly understand its dependencies, and how to mitigate the risks posed by an attack on them?
594
How the always-on generation can level up its cybersecurity game
https://www.welivesecurity.com/en/kids-online/young-people-level-up-cybersecurity-game/
Digital natives are comfortable with technology, but may be more exposed to online scams and other threats than they think
594
New PS1Bot Malware Campaign Uses Malvertising to Deploy Multi-Stage In-Memory Attacks
https://thehackernews.com/2025/08/new-ps1bot-malware-campaign-uses.html
Cybersecurity researchers have discovered a new malvertising campaign that's designed to infect victims with a multi-stage malware framework called PS1Bot.
"PS1Bot features a modular design, with several modules delivered used to perform a variety of malicious activities on infected systems, including information theft, keylogging, reconnaissance, and the establishment of persistent system
594
Zoom and Xerox Release Critical Security Updates Fixing Privilege Escalation and RCE Flaws
https://thehackernews.com/2025/08/zoom-and-xerox-release-critical.html
Zoom and Xerox have addressed critical security flaws in Zoom Clients for Windows and FreeFlow Core that could allow privilege escalation and remote code execution.
The vulnerability impacting Zoom Clients for Windows, tracked as CVE-2025-49457 (CVSS score: 9.6), relates to a case of an untrusted search path that could pave the way for privilege escalation.
"Untrusted search path in
594
Fortinet Warns About FortiSIEM Vulnerability (CVE-2025-25256) With In-the-Wild Exploit Code
https://thehackernews.com/2025/08/fortinet-warns-about-fortisiem.html
Fortinet is alerting customers of a critical security flaw in FortiSIEM for which it said there exists an exploit in the wild.
The vulnerability, tracked as CVE-2025-25256, carries a CVSS score of 9.8 out of a maximum of 10.0.
"An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in FortiSIEM may allow an unauthenticated attacker to
