TECHZONE™
Ir al canal en Telegram
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
Mostrar más596
Suscriptores
Sin datos24 horas
Sin datos7 días
-930 días
Archivo de publicaciones
596
New Android Malware NGate Steals NFC Data to Clone Contactless Payment Cards
https://thehackernews.com/2024/08/new-android-malware-ngate-steals-nfc.html
Cybersecurity researchers have uncovered new Android malware that can relay victims' contactless payment data from physical credit and debit cards to an attacker-controlled device with the goal of conducting fraudulent operations.
The Slovak cybersecurity company is tracking the novel malware as NGate, stating it observed the crimeware campaign targeting three banks in Czechia.
The malware "has
596
Telegram Founder Pavel Durov Arrested in France for Content Moderation Failures
https://thehackernews.com/2024/08/telegram-founder-pavel-durov-arrested.html
Pavel Durov, founder and chief executive of the popular messaging app Telegram, was arrested in France on Saturday, according to French television network TF1.
Durov is believed to have been apprehended pursuant to a warrant issued in connection with a preliminary police investigation.
TF1 said the probe was focused on a lack of content moderation on the instant messaging service, which the
596
New Linux Malware 'sedexp' Hides Credit Card Skimmers Using Udev Rules
https://thehackernews.com/2024/08/new-linux-malware-sedexp-hides-credit.html
Cybersecurity researchers have uncovered a new stealthy piece of Linux malware that leverages an unconventional technique to achieve persistence on infected systems and hide credit card skimmer code.
The malware, attributed to a financially motivated threat actor, has been codenamed sedexp by Aon's Stroz Friedberg incident response services team.
"This advanced threat, active since 2022, hides
596
PWA phishing on Android and iOS – Week in security with Tony Anscombe
https://www.welivesecurity.com/en/videos/pwa-phishing-on-android-and-ios-week-in-security-with-tony-anscombe/
Phishing using PWAs? ESET Research's latest discovery might just ruin some users' assumptions about their preferred platform's security
596
CISA Urges Federal Agencies to Patch Versa Director Vulnerability by September
https://thehackernews.com/2024/08/cisa-urges-federal-agencies-to-patch.html
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has placed a security flaw impacting Versa Director to its Known Exploited Vulnerabilities (KEV) catalog based on evidence of active exploitation.
The medium-severity vulnerability, tracked as CVE-2024-39717 (CVSS score: 6.6), is case of file upload bug impacting the "Change Favicon" feature that could allow a threat actor to
596
Meta Exposes Iranian Hacker Group Targeting Global Political Figures on WhatsApp
https://thehackernews.com/2024/08/meta-exposes-iranian-hacker-group.html
Meta Platforms on Friday became the latest company after Microsoft, Google, and OpenAI to expose the activities of an Iranian state-sponsored threat actor, who it said used a set of WhatsApp accounts that attempted to target individuals in Israel, Palestine, Iran, the U.K., and the U.S.
The activity cluster, which originated from Iran, "appeared to have focused on political and diplomatic
596
NGate Android malware relays NFC traffic to steal cash
https://www.welivesecurity.com/en/eset-research/ngate-android-malware-relays-nfc-traffic-to-steal-cash/
Android malware discovered by ESET Research relays NFC data from victims’ payment cards, via victims’ mobile phones, to the device of a perpetrator waiting at an ATM
596
New PEAKLIGHT Dropper Deployed in Attacks Targeting Windows with Malicious Movie Downloads
https://thehackernews.com/2024/08/new-peaklight-dropper-deployed-in.html
Cybersecurity researchers have uncovered a never-before-seen dropper that serves as a conduit to launch next-stage malware with the ultimate goal of infecting Windows systems with information stealers and loaders.
"This memory-only dropper decrypts and executes a PowerShell-based downloader," Google-owned Mandiant said. "This PowerShell-based downloader is being tracked as PEAKLIGHT."
Some of
596
Webinar: Experience the Power of a Must-Have All-in-One Cybersecurity Platform
https://thehackernews.com/2024/08/webinar-experience-power-of-must-have.html
Let's be honest. The world of cybersecurity feels like a constant war zone. You're bombarded by threats, scrambling to keep up with patches, and drowning in an endless flood of alerts. It's exhausting, isn’t it?
But what if there was a better way?
Imagine having every essential cybersecurity tool at your fingertips, all within a single, intuitive platform, backed by expert support 24/7. This is
596
Focus on What Matters Most: Exposure Management and Your Attack Surface
https://thehackernews.com/2024/08/focus-on-what-matters-most-exposure.html
Read the full article for key points from Intruder’s VP of Product, Andy Hornegold’s recent talk on exposure management. If you’d like to hear Andy’s insights first-hand, watch Intruder’s on-demand webinar. To learn more about reducing your attack surface, reach out to their team today.
Attack surface management vs exposure management
Attack surface management (ASM) is the ongoing
596
New Qilin Ransomware Attack Uses VPN Credentials, Steals Chrome Data
https://thehackernews.com/2024/08/new-qilin-ransomware-attack-uses-vpn.html
The threat actors behind a recently observed Qilin ransomware attack have stolen credentials stored in Google Chrome browsers on a small set of compromised endpoints.
The use of credential harvesting in connection with a ransomware infection marks an unusual twist, and one that could have cascading consequences, cybersecurity firm Sophos said in a Thursday report.
The attack, detected in July
596
New macOS Malware "Cthulhu Stealer" Targets Apple Users' Data
https://thehackernews.com/2024/08/new-macos-malware-cthulhu-stealer.html
Cybersecurity researchers have uncovered a new information stealer that's designed to target Apple macOS hosts and harvest a wide range of information, underscoring how threat actors are increasingly setting their sights on the operating system.
Dubbed Cthulhu Stealer, the malware has been available under a malware-as-a-service (MaaS) model for $500 a month from late 2023. It's capable of
596
Latvian Hacker Extradited to U.S. for Role in Karakurt Cybercrime Group
https://thehackernews.com/2024/08/latvian-hacker-extradited-to-us-for.html
A 33-year-old Latvian national living in Moscow, Russia, has been charged in the U.S. for allegedly stealing data, extorting victims, and laundering ransom payments since August 2021.
Deniss Zolotarjovs (aka Sforza_cesarini) has been charged with conspiring to commit money laundering, wire fraud and Hobbs Act extortion. He was arrested in Georgia in December 2023 and has since been extradited to
596
How regulatory standards and cyber insurance inform each other
https://www.welivesecurity.com/en/business-security/how-regulatory-standards-and-cyber-insurance-inform-each-other/
Should the payment of a ransomware demand be illegal? Should it be regulated in some way? These questions are some examples of the legal minefield that cybersecurity teams must deal with
596
Hardware Backdoor Discovered in RFID Cards Used in Hotels and Offices Worldwide
https://thehackernews.com/2024/08/hardware-backdoor-discovered-in-rfid.html
Cybersecurity researchers have uncovered a hardware backdoor within a particular model of MIFARE Classic contactless cards that could allow authentication with an unknown key and open hotel rooms and office doors.
The attacks have been demonstrated against FM11RF08S, a new variant of MIFARE Classic that was released by Shanghai Fudan Microelectronics in 2020.
"The FM11RF08S backdoor enables any
596
Hardcoded Credential Vulnerability Found in SolarWinds Web Help Desk
https://thehackernews.com/2024/08/hardcoded-credential-vulnerability.html
SolarWinds has issued patches to address a new security flaw in its Web Help Desk (WHD) software that could allow remote unauthenticated users to gain unauthorized access to susceptible instances.
"The SolarWinds Web Help Desk (WHD) software is affected by a hardcoded credential vulnerability, allowing [a] remote unauthenticated user to access internal functionality and modify data," the company
596
Chinese Hackers Exploit Zero-Day Cisco Switch Flaw to Gain System Control
https://thehackernews.com/2024/08/chinese-hackers-exploit-zero-day-cisco.html
Details have emerged about a China-nexus threat group's exploitation of a recently disclosed, now-patched security flaw in Cisco switches as a zero-day to seize control of the appliance and evade detection.
The activity, attributed to Velvet Ant, was observed early this year and involved the weaponization of CVE-2024-20399 (CVSS score: 6.0) to deliver bespoke malware and gain extensive control
596
New 'ALBeast' Vulnerability Exposes Weakness in AWS Application Load Balancer
https://thehackernews.com/2024/08/new-albeast-vulnerability-exposes.html
As many as 15,000 applications using Amazon Web Services' (AWS) Application Load Balancer (ALB) for authentication are potentially susceptible to a configuration-based issue that could expose them to sidestep access controls and compromise applications.
That's according to findings from Israeli cybersecurity company Miggo, which dubbed the problem ALBeast.
"This vulnerability allows attackers to
596
The Facts About Continuous Penetration Testing and Why It’s Important
https://thehackernews.com/2024/08/the-facts-about-continuous-penetration.html
What is Continuous Attack Surface Penetration Testing or CASPT?
Continuous Penetration Testing or Continuous Attack Surface Penetration Testing (CASPT) is an advanced security practice that involves the continuous, automated, and ongoing penetration testing services of an organization's digital assets to identify and mitigate security vulnerabilities. CASPT is designed for enterprises with an
596
Google Fixes High-Severity Chrome Flaw Actively Exploited in the Wild
https://thehackernews.com/2024/08/google-fixes-high-severity-chrome-flaw.html
Google has rolled out security fixes to address a high-severity security flaw in its Chrome browser that it said has come under active exploitation in the wild.
Tracked as CVE-2024-7971, the vulnerability has been described as a type confusion bug in the V8 JavaScript and WebAssembly engine.
"Type confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to exploit heap
¡Ya disponible! Investigación de Telegram 2025 — los principales insights del año 
