TECHZONE™
Ir al canal en Telegram
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
Mostrar más595
Suscriptores
Sin datos24 horas
Sin datos7 días
-930 días
Archivo de publicaciones
595
U.S. Seizes 32 Pro-Russian Propaganda Domains in Major Disinformation Crackdown
https://thehackernews.com/2024/09/us-seizes-32-pro-russian-propaganda.html
The U.S. Department of Justice (DoJ) on Wednesday announced the seizure of 32 internet domains used by a pro-Russian propaganda operation called Doppelganger as part of a sweeping set of actions.
Accusing the Russian government-directed foreign malign influence campaign of violating U.S. money laundering and criminal trademark laws, the agency called out companies Social Design Agency (SDA),
595
NIST Cybersecurity Framework (CSF) and CTEM – Better Together
https://thehackernews.com/2024/09/nist-cybersecurity-framework-csf-and.html
It’s been a decade since the National Institute of Standards and Technology (NIST) introduced its Cybersecurity Framework (CSF) 1.0. Created following a 2013 Executive Order, NIST was tasked with designing a voluntary cybersecurity framework that would help organizations manage cyber risk, providing guidance based on established standards and best practices. While this version was originally
595
Malware Attackers Using MacroPack to Deliver Havoc, Brute Ratel, and PhantomCore
https://thehackernews.com/2024/09/malware-attackers-using-macropack-to.html
Threat actors are likely employing a tool designated for red teaming exercises to serve malware, according to new findings from Cisco Talos.
The program in question is a payload generation framework called MacroPack, which is used to generate Office documents, Visual Basic scripts, Windows shortcuts, and other formats for penetration testing and social engineering assessments. It was developed
595
New Cross-Platform Malware KTLVdoor Discovered in Attack on Chinese Trading Firm
https://thehackernews.com/2024/09/new-cross-platform-malware-ktlvdoor.html
The Chinese-speaking threat actor known as Earth Lusca has been observed using a new backdoor dubbed KTLVdoor as part of a cyber attack targeting an unnamed trading company based in China.
The previously unreported malware is written in Golang, and thus is a cross-platform weapon capable of targeting both Microsoft Windows and Linux systems.
"KTLVdoor is a highly obfuscated malware that
595
Cisco Fixes Two Critical Flaws in Smart Licensing Utility to Prevent Remote Attacks
https://thehackernews.com/2024/09/cisco-fixes-two-critical-flaws-in-smart.html
Cisco has released security updates for two critical security flaws impacting its Smart Licensing Utility that could allow unauthenticated, remote attackers to elevate their privileges or access sensitive information.
A brief description of the two vulnerabilities is below -
CVE-2024-20439 (CVSS score: 9.8) - The presence of an undocumented static user credential for an administrative account
595
In plain sight: Malicious ads hiding in search results
https://www.welivesecurity.com/en/malware/in-plain-sight-malicious-ads-hiding-in-search-results/
Sometimes there’s more than just an enticing product offer hiding behind an ad
595
North Korean Hackers Targets Job Seekers with Fake FreeConference App
https://thehackernews.com/2024/09/north-korean-hackers-targets-job.html
North Korean threat actors have leveraged a fake Windows video conferencing application impersonating FreeConference.com to backdoor developer systems as part of an ongoing financially-driven campaign dubbed Contagious Interview.
The new attack wave, spotted by Singaporean company Group-IB in mid-August 2024, is yet another indication that the activity is also leveraging native installers for
595
Android Users Urged to Install Latest Security Updates to Fix Actively Exploited Flaw
https://thehackernews.com/2024/09/google-confirms-cve-2024-32896.html
Google has released its monthly security updates for the Android operating system to address a known security flaw that it said has come under active exploitation in the wild.
The high-severity vulnerability, tracked as CVE-2024-32896 (CVSS score: 7.8), relates to a case of privilege escalation in the Android Framework component.
According to the description of the bug in the NIST National
595
Hackers Hijack 22,000 Removed PyPI Packages, Spreading Malicious Code to Developers
https://thehackernews.com/2024/09/hackers-hijack-22000-removed-pypi.html
A new supply chain attack technique targeting the Python Package Index (PyPI) registry has been exploited in the wild in an attempt to infiltrate downstream organizations.
It has been codenamed Revival Hijack by software supply chain security firm JFrog, which said the attack method could be used to hijack 22,000 existing PyPI packages and result in "hundreds of thousands" of malicious package
595
Zyxel Patches Critical OS Command Injection Flaw in Access Points and Routers
https://thehackernews.com/2024/09/zyxel-patches-critical-os-command.html
Zyxel has released software updates to address a critical security flaw impacting certain access point (AP) and security router versions that could result in the execution of unauthorized commands.
Tracked as CVE-2024-7261 (CVSS score: 9.8), the vulnerability has been described as a case of operating system (OS) command injection.
"The improper neutralization of special elements in the
595
The New Effective Way to Prevent Account Takeovers
https://thehackernews.com/2024/09/the-new-effective-way-to-prevent.html
Account takeover attacks have emerged as one of the most persistent and damaging threats to cloud-based SaaS environments. Yet despite significant investments in traditional security measures, many organizations continue to struggle with preventing these attacks. A new report, "Why Account Takeover Attacks Still Succeed, and Why the Browser is Your Secret Weapon in Stopping Them" argues that the
595
Clearview AI Faces €30.5M Fine for Building Illegal Facial Recognition Database
https://thehackernews.com/2024/09/clearview-ai-faces-305m-fine-for.html
The Dutch Data Protection Authority (Dutch DPA) has imposed a fine of €30.5 million ($33.7 million) against facial recognition firm Clearview AI for violating the General Data Protection Regulation (GDPR) in the European Union (E.U.) by building an "illegal database with billions of photos of faces," including those of Dutch citizens.
"Facial recognition is a highly intrusive technology that you
595
Hackers Use Fake GlobalProtect VPN Software in New WikiLoader Malware Attack
https://thehackernews.com/2024/09/hackers-use-fake-globalprotect-vpn.html
A new malware campaign is spoofing Palo Alto Networks' GlobalProtect VPN software to deliver a variant of the WikiLoader (aka WailingCrab) loader by means of a search engine optimization (SEO) campaign.
The malvertising activity, observed in June 2024, is a departure from previously observed tactics wherein the malware has been propagated via traditional phishing emails, Unit 42 researchers
595
Hacktivists Exploits WinRAR Vulnerability in Attacks Against Russia and Belarus
https://thehackernews.com/2024/09/hacktivists-exploits-winrar.html
A hacktivist group known as Head Mare has been linked to cyber attacks that exclusively target organizations located in Russia and Belarus.
"Head Mare uses more up-to-date methods for obtaining initial access," Kaspersky said in a Monday analysis of the group's tactics and tools.
"For instance, the attackers took advantage of the relatively recent CVE-2023-38831 vulnerability in WinRAR, which
595
New Rust-Based Ransomware Cicada3301 Targets Windows and Linux Systems
https://thehackernews.com/2024/09/new-rust-based-ransomware-cicada3301.html
Cybersecurity researchers have unpacked the inner workings of a new ransomware variant called Cicada3301 that shares similarities with the now-defunct BlackCat (aka ALPHV) operation.
"It appears that Cicada3301 ransomware primarily targets small to medium-sized businesses (SMBs), likely through opportunistic attacks that exploit vulnerabilities as the initial access vector," cybersecurity
595
Rocinante Trojan Poses as Banking Apps to Steal Sensitive Data from Brazilian Android Users
https://thehackernews.com/2024/09/rocinante-trojan-poses-as-banking-apps.html
Mobile users in Brazil are the target of a new malware campaign that delivers a new Android banking trojan named Rocinante.
"This malware family is capable of performing keylogging using the Accessibility Service, and is also able to steal PII from its victims using phishing screens posing as different banks," Dutch security company ThreatFabric said.
"Finally, it can use all this exfiltrated
595
Secrets Exposed: Why Your CISO Should Worry About Slack
https://thehackernews.com/2024/09/secrets-exposed-why-your-ciso-should.html
In the digital realm, secrets (API keys, private keys, username and password combos, etc.) are the keys to the kingdom. But what if those keys were accidentally left out in the open in the very tools we use to collaborate every day?
A Single Secret Can Wreak Havoc
Imagine this: It's a typical Tuesday in June 2024. Your dev team is knee-deep in sprints, Jira tickets are flying, and Slack is
595
New Flaws in Microsoft macOS Apps Could Allow Hackers to Gain Unrestricted Access
https://thehackernews.com/2024/09/new-flaws-in-microsoft-macos-apps-could.html
Eight vulnerabilities have been uncovered in Microsoft applications for macOS that an adversary could exploit to gain elevated privileges or access sensitive data by circumventing the operating system's permissions-based model, which revolves around the Transparency, Consent, and Control (TCC) framework.
"If successful, the adversary could gain any privileges already granted to the affected
595
Ex-Engineer Charged in Missouri for Failed $750,000 Bitcoin Extortion Attempt
https://thehackernews.com/2024/09/ex-engineer-charged-in-missouri-for.html
A 57-year-old man from the U.S. state of Missouri has been arrested in connection with a failed data extortion campaign that targeted his former employer.
Daniel Rhyne of Kansas City, Missouri, has been charged with one count of extortion in relation to a threat to cause damage to a protected computer, one count of intentional damage to a protected computer, and one count of wire fraud.
He was
595
RansomHub Ransomware Group Targets 210 Victims Across Critical Sectors
https://thehackernews.com/2024/09/ransomhub-ransomware-group-targets-210.html
Threat actors linked to the RansomHub ransomware group encrypted and exfiltrated data from at least 210 victims since its inception in February 2024, the U.S. government said.
The victims span various sectors, including water and wastewater, information technology, government services and facilities, healthcare and public health, emergency services, food and agriculture, financial services,
¡Ya disponible! Investigación de Telegram 2025 — los principales insights del año 
