TECHZONE™
رفتن به کانال در Telegram
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
نمایش بیشتر595
مشترکین
اطلاعاتی وجود ندارد24 ساعت
-27 روز
-1130 روز
آرشیو پست ها
595
Elastic Releases Urgent Fix for Critical Kibana Vulnerability Enabling Remote Code Execution
https://thehackernews.com/2025/03/elastic-releases-urgent-fix-for.html
Elastic has rolled out security updates to address a critical security flaw impacting the Kibana data visualization dashboard software for Elasticsearch that could result in arbitrary code execution.
The vulnerability, tracked as CVE-2025-25012, carries a CVSS score of 9.9 out of a maximum of 10.0. It has been described as a case of prototype pollution.
"Prototype pollution in Kibana leads to
595
EncryptHub Deploys Ransomware and Stealer via Trojanized Apps, PPI Services, and Phishing
https://thehackernews.com/2025/03/encrypthub-deploys-ransomware-and.html
The financially motivated threat actor known as EncryptHub has been observed orchestrating sophisticated phishing campaigns to deploy information stealers and ransomware, while also working on a new product called EncryptRAT.
"EncryptHub has been observed targeting users of popular applications, by distributing trojanized versions," Outpost24 KrakenLabs said in a new report shared with The
595
Outsmarting Cyber Threats with Attack Graphs
https://thehackernews.com/2025/03/outsmarting-cyber-threats-with-attack.html
Cyber threats are growing more sophisticated, and traditional security approaches struggle to keep up. Organizations can no longer rely on periodic assessments or static vulnerability lists to stay secure. Instead, they need a dynamic approach that provides real-time insights into how attackers move through their environment.
This is where attack graphs come in. By mapping potential attack paths
595
Medusa Ransomware Hits 40+ Victims in 2025, Demands $100K–$15M Ransom
https://thehackernews.com/2025/03/medusa-ransomware-hits-40-victims-in.html
The threat actors behind the Medusa ransomware have claimed nearly 400 victims since it first emerged in January 2023, with the financially motivated attacks witnessing a 42% increase between 2023 and 2024.
In the first two months of 2025 alone, the group has claimed over 40 attacks, according to data from the Symantec Threat Hunter Team said in a report shared with The Hacker News. The
595
Over 1,000 WordPress Sites Infected with JavaScript Backdoors Enabling Persistent Attacker Access
https://thehackernews.com/2025/03/over-1000-wordpress-sites-infected-with.html
Over 1,000 websites powered by WordPress have been infected with a third-party JavaScript code that injects four separate backdoors.
"Creating four backdoors facilitates the attackers having multiple points of re-entry should one be detected and removed," c/side researcher Himanshu Anand said in a Wednesday analysis.
The malicious JavaScript code has been found to be served via cdn.csyndication[
595
U.S. Charges 12 Chinese Nationals in State-Backed Hacking Operations
https://thehackernews.com/2025/03/us-charges-12-chinese-nationals-in.html
The U.S. Department of Justice (DoJ) has announced charges against 12 Chinese nationals for their alleged participation in a wide-ranging scheme designed to steal data and suppress free speech and dissent globally.
The individuals include two officers of the People's Republic of China's (PRC) Ministry of Public Security (MPS), eight employees of an ostensibly private PRC company, Anxun
595
Identity: The New Cybersecurity Battleground
https://thehackernews.com/2025/03/identity-new-cybersecurity-battleground.html
The rapid adoption of cloud services, SaaS applications, and the shift to remote work have fundamentally reshaped how enterprises operate. These technological advances have created a world of opportunity but also brought about complexities that pose significant security threats. At the core of these vulnerabilities lies Identity—the gateway to enterprise security and the number one attack vector
595
Seven Malicious Go Packages Found Deploying Malware on Linux and macOS Systems
https://thehackernews.com/2025/03/seven-malicious-go-packages-found.html
Cybersecurity researchers are alerting of an ongoing malicious campaign targeting the Go ecosystem with typosquatted modules that are designed to deploy loader malware on Linux and Apple macOS systems.
"The threat actor has published at least seven packages impersonating widely used Go libraries, including one (github[.]com/shallowmulti/hypert) that appears to target financial-sector developers
595
Researchers Link CACTUS Ransomware Tactics to Former Black Basta Affiliates
https://thehackernews.com/2025/03/researchers-link-cactus-ransomware.html
Threat actors deploying the Black Basta and CACTUS ransomware families have been found to rely on the same BackConnect (BC) module for maintaining persistent control over infected hosts, a sign that affiliates previously associated with Black Basta may have transitioned to CACTUS.
"Once infiltrated, it grants attackers a wide range of remote control capabilities, allowing them to execute
595
VMware Security Flaws Exploited in the Wild—Broadcom Releases Urgent Patches
https://thehackernews.com/2025/03/vmware-security-flaws-exploited-in.html
Broadcom has released security updates to address three actively exploited security flaws in VMware ESXi, Workstation, and Fusion products that could lead to code execution and information disclosure.
The list of vulnerabilities is as follows -
CVE-2025-22224 (CVSS score: 9.3) - A Time-of-Check Time-of-Use (TOCTOU) vulnerability that leads to an out-of-bounds write, which a malicious actor with
595
How New AI Agents Will Transform Credential Stuffing Attacks
https://thehackernews.com/2025/03/how-new-ai-agents-will-transform.html
Credential stuffing attacks had a huge impact in 2024, fueled by a vicious circle of infostealer infections and data breaches. But things could be about to get worse still with Computer-Using Agents, a new kind of AI agent that enables low-cost, low-effort automation of common web tasks — including those frequently performed by attackers.
Stolen credentials: The cyber criminal’s weapon of choice
595
Suspected Iranian Hackers Used Compromised Indian Firm's Email to Target U.A.E. Aviation Sector
https://thehackernews.com/2025/03/suspected-iranian-hackers-used.html
Threat hunters are calling attention to a new highly-targeted phishing campaign that singled out "fewer than five" entities in the United Arab Emirates (U.A.E.) to deliver a previously undocumented Golang backdoor dubbed Sosano.
The malicious activity was specifically directed against aviation and satellite communications organizations, according to Proofpoint, which detected it in late October
595
Over 4,000 ISP IPs Targeted in Brute-Force Attacks to Deploy Info Stealers and Cryptominers
https://thehackernews.com/2025/03/over-4000-isp-networks-targeted-in.html
Internet service providers (ISPs) in China and the West Coast of the United States have become the target of a mass exploitation campaign that deploys information stealers and cryptocurrency miners on compromised hosts.
The findings come from the Splunk Threat Research Team, which said the activity also led to the delivery of various binaries that facilitate data exfiltration as well as offer
595
Cisco, Hitachi, Microsoft, and Progress Flaws Actively Exploited—CISA Sounds Alarm
https://thehackernews.com/2025/03/cisco-hitachi-microsoft-and-progress.html
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added five security flaws impacting software from Cisco, Hitachi Vantara, Microsoft Windows, and Progress WhatsUp Gold to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The list of vulnerabilities is as follows -
CVE-2023-20118 (CVSS score: 6.5) - A command injection
595
Google's March 2025 Android Security Update Fixes Two Actively Exploited Vulnerabilities
https://thehackernews.com/2025/03/googles-march-2025-android-security.html
Google has released its monthly Android Security Bulletin for March 2025 to address a total of 44 vulnerabilities, including two that it said have come under active exploitation in the wild.
The two high-severity vulnerabilities are listed below -
CVE-2024-43093 - A privilege escalation flaw in the Framework component that could result in unauthorized access to "Android/data," "Android/obb,"
595
Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail
https://thehackernews.com/2025/03/hackers-exploit-aws-misconfigurations.html
Threat actors are targeting Amazon Web Services (AWS) environments to push out phishing campaigns to unsuspecting targets, according to findings from Palo Alto Networks Unit 42.
The cybersecurity company is tracking the activity cluster under the name TGR-UNK-0011 (short for a threat group with unknown motivation), which it said overlaps with a group known as JavaGhost. TGR-UNK-0011 is known to
595
Hackers Use ClickFix Trick to Deploy PowerShell-Based Havoc C2 via SharePoint Sites
https://thehackernews.com/2025/03/hackers-use-clickfix-trick-to-deploy.html
Cybersecurity researchers are calling attention to a new phishing campaign that employs the ClickFix technique to deliver an open-source command-and-control (C2) framework called Havoc.
"The threat actor hides each malware stage behind a SharePoint site and uses a modified version of Havoc Demon in conjunction with the Microsoft Graph API to obscure C2 communications within trusted, well-known
595
U.K. ICO Investigates TikTok, Reddit, and Imgur Over Children's Data Protection Practices
https://thehackernews.com/2025/03/uk-ico-investigates-tiktok-reddit-and.html
The U.K.'s Information Commissioner's Office (ICO) has opened an investigation into online platforms TikTok, Reddit, and Imgur to assess the steps they are taking to protect children between the ages of 13 and 17 in the country.
To that end, the watchdog said it's probing how the ByteDance-owned video-sharing service uses the personal data of children in the age range to surface recommendations
595
Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks
https://thehackernews.com/2025/03/hackers-exploit-paragon-partition.html
Threat actors have been exploiting a security vulnerability in Paragon Partition Manager's BioNTdrv.sys driver in ransomware attacks to escalate privileges and execute arbitrary code.
The zero-day flaw (CVE-2025-0289) is part of a set of five vulnerabilities that was discovered by Microsoft, according to the CERT Coordination Center (CERT/CC).
"These include arbitrary kernel memory mapping and
595
⚡ THN Weekly Recap: Alerts on Zero-Day Exploits, AI Breaches, and Crypto Heists
https://thehackernews.com/2025/03/thn-weekly-recap-alerts-on-zero-day.html
This week, a 23-year-old Serbian activist found themselves at the crossroads of digital danger when a sneaky zero-day exploit turned their Android device into a target. Meanwhile, Microsoft pulled back the curtain on a scheme where cybercriminals used AI tools for harmful pranks, and a massive trove of live secrets was discovered, reminding us that even the tools we rely on can hide risky
اکنون در دسترس! پژوهش تلگرام ۲۰۲۵ — مهمترین بینشهای سال 
