TECHZONE™
رفتن به کانال در Telegram
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
نمایش بیشتر595
مشترکین
اطلاعاتی وجود ندارد24 ساعت
-17 روز
-1030 روز
آرشیو پست ها
595
Expired Domains Allowed Control Over 4,000 Backdoors on Compromised Systems
https://thehackernews.com/2025/01/expired-domains-allowed-control-over.html
No less than 4,000 unique web backdoors previously deployed by various threat actors have been hijacked by taking control of abandoned and expired infrastructure for as little as $20 per domain.
Cybersecurity company watchTowr Labs said it pulled off the operation by registering over 40 domain names that the backdoors had been designed to use for command-and-control (C2). In partnership with the
595
Microsoft Sues Hacking Group Exploiting Azure AI for Harmful Content Creation
https://thehackernews.com/2025/01/microsoft-sues-hacking-group-exploiting.html
Microsoft has revealed that it's pursuing legal action against a "foreign-based threat–actor group" for operating a hacking-as-a-service infrastructure to intentionally get around the safety controls of its generative artificial intelligence (AI) services and produce offensive and harmful content.
The tech giant's Digital Crimes Unit (DCU) said it has observed the threat actors "develop
595
DoJ Indicts Three Russians for Operating Crypto Mixers Used in Cybercrime Laundering
https://thehackernews.com/2025/01/doj-indicts-three-russians-for.html
The U.S. Department of Justice (DoJ) on Friday indicted three Russian nationals for their alleged involvement in operating the cryptocurrency mixing services Blender.io and Sinbad.io.
Roman Vitalyevich Ostapenko and Alexander Evgenievich Oleynik were arrested on December 1, 2024, in coordination with the Netherlands' Financial Intelligence and Investigative Service, Finland's National Bureau of
595
Taking the Pain Out of Cybersecurity Reporting: A Practical Guide for MSPs
https://thehackernews.com/2025/01/taking-pain-out-of-cybersecurity.html
Cybersecurity reporting is a critical yet often overlooked opportunity for service providers managing cybersecurity for their clients, and specifically for virtual Chief Information Security Officers (vCISOs). While reporting is seen as a requirement for tracking cybersecurity progress, it often becomes bogged down with technical jargon, complex data, and disconnected spreadsheets that fail to
595
AI-Driven Ransomware FunkSec Targets 85 Victims Using Double Extortion Tactics
https://thehackernews.com/2025/01/ai-driven-ransomware-funksec-targets-85.html
Cybersecurity researchers have shed light on a nascent artificial intelligence (AI) assisted ransomware family called FunkSec that sprang forth in late 2024, and has claimed more than 85 victims to date.
"The group uses double extortion tactics, combining data theft with encryption to pressure victims into paying ransoms," Check Point Research said in a new report shared with The Hacker News. "
595
Hands-On Walkthrough: Microsegmentation For all Users, Workloads and Devices by Elisity
https://thehackernews.com/2025/01/hands-on-walkthrough-microsegmentation.html
Network segmentation remains a critical security requirement, yet organizations struggle with traditional approaches that demand extensive hardware investments, complex policy management, and disruptive network changes. Healthcare and manufacturing sectors face particular challenges as they integrate diverse endpoints – from legacy medical devices to IoT sensors – onto their production networks.
595
Google Project Zero Researcher Uncovers Zero-Click Exploit Targeting Samsung Devices
https://thehackernews.com/2025/01/google-project-zero-researcher-uncovers.html
Cybersecurity researchers have detailed a now-patched security flaw impacting Monkey's Audio (APE) decoder on Samsung smartphones that could lead to code execution.
The high-severity vulnerability, tracked as CVE-2024-49415 (CVSS score: 8.1), affects Samsung devices running Android versions 12, 13, and 14.
"Out-of-bounds write in libsaped.so prior to SMR Dec-2024 Release 1 allows remote
595
RedDelta Deploys PlugX Malware to Target Mongolia and Taiwan in Espionage Campaigns
https://thehackernews.com/2025/01/reddelta-deploys-plugx-malware-to.html
Mongolia, Taiwan, Myanmar, Vietnam, and Cambodia have been targeted by the China-nexus RedDelta threat actor to deliver a customized version of the PlugX backdoor between July 2023 and December 2024.
"The group used lure documents themed around the 2024 Taiwanese presidential candidate Terry Gou, the Vietnamese National Holiday, flood protection in Mongolia, and meeting invitations, including an
595
CrowdStrike Warns of Phishing Scam Targeting Job Seekers with XMRig Cryptominer
https://thehackernews.com/2025/01/crowdstrike-warns-of-phishing-scam.html
Cybersecurity company CrowdStrike is alerting of a phishing campaign that exploits its own branding to distribute a cryptocurrency miner that's disguised as an employee CRM application as part of a supposed recruitment process.
"The attack begins with a phishing email impersonating CrowdStrike recruitment, directing recipients to a malicious website," the company said. "Victims are prompted to
595
Major Vulnerabilities Patched in SonicWall, Palo Alto Expedition, and Aviatrix Controllers
https://thehackernews.com/2025/01/major-vulnerabilities-patched-in.html
Palo Alto Networks has released software patches to address several security flaws in its Expedition migration tool, including a high-severity bug that an authenticated attacker could exploit to access sensitive data.
"Multiple vulnerabilities in the Palo Alto Networks Expedition migration tool enable an attacker to read Expedition database contents and arbitrary files, as well as create and
595
New Banshee Stealer Variant Bypasses Antivirus with Apple’s XProtect-Inspired Encryption
https://thehackernews.com/2025/01/new-banshee-stealer-variant-bypasses.html
Cybersecurity researchers have uncovered a new, stealthier version of a macOS-focused information-stealing malware called Banshee Stealer.
"Once thought dormant after its source code leak in late 2024, this new iteration introduces advanced string encryption inspired by Apple's XProtect," Check Point Research said in a new analysis shared with The Hacker News. "This development allows it to
595
Product Review: How Reco Discovers Shadow AI in SaaS
https://thehackernews.com/2025/01/product-review-how-reco-discovers.html
As SaaS providers race to integrate AI into their product offerings to stay competitive and relevant, a new challenge has emerged in the world of AI: shadow AI.
Shadow AI refers to the unauthorized use of AI tools and copilots at organizations. For example, a developer using ChatGPT to assist with writing code, a salesperson downloading an AI-powered meeting transcription tool, or a
595
Webinar: Learn How to Stop Encrypted Attacks Before They Cost You Millions
https://thehackernews.com/2025/01/webinar-learn-how-to-stop-encrypted.html
Ransomware isn’t slowing down—it’s getting smarter. Encryption, designed to keep our online lives secure, is now being weaponized by cybercriminals to hide malware, steal data, and avoid detection.The result? A 10.3% surge in encrypted attacks over the past year and some of the most shocking ransom payouts in history, including a $75 million ransom in 2024.
Are you prepared to fight back?
Join
595
MirrorFace Leverages ANEL and NOOPDOOR in Multi-Year Cyberattacks on Japan
https://thehackernews.com/2025/01/mirrorface-leverages-anel-and-noopdoor.html
Japan's National Police Agency (NPA) and National Center of Incident Readiness and Strategy for Cybersecurity (NCSC) accused a China-linked threat actor named MirrorFace of orchestrating a persistent attack campaign targeting organizations, businesses, and individuals in the country since 2019.
The primary objective of the attack campaign is to steal information related to Japan's national
595
Critical RCE Flaw in GFI KerioControl Allows Remote Code Execution via CRLF Injection
https://thehackernews.com/2025/01/critical-rce-flaw-in-gfi-keriocontrol.html
Threat actors are attempting to take advantage of a recently disclosed security flaw impacting GFI KerioControl firewalls that, if successfully exploited, could allow malicious actors to achieve remote code execution (RCE).
The vulnerability in question, CVE-2024-52875, refers to a carriage return line feed (CRLF) injection attack, paving the way for HTTP response splitting, which could then
595
E.U. Commission Fined for Transferring User Data to Meta in Violation of Privacy Laws
https://thehackernews.com/2025/01/eu-commission-fined-for-transferring.html
The European General Court on Wednesday fined the European Commission, the primary executive arm of the European Union responsible for proposing and enforcing laws for member states, for violating the bloc's own data privacy regulations.
The development marks the first time the Commission has been held liable for infringing stringent data protection laws in the region.
The court determined that
595
Ivanti Flaw CVE-2025-0282 Actively Exploited, Impacts Connect Secure and Policy Secure
https://thehackernews.com/2025/01/ivanti-flaw-cve-2025-0282-actively.html
Ivanti is warning that a critical security flaw impacting Ivanti Connect Secure, Policy Secure, and ZTA Gateways has come under active exploitation in the wild beginning mid-December 2024.
The security vulnerability in question is CVE-2025-0282 (CVSS score: 9.0), a stack-based buffer overflow that affects Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2
595
Neglected Domains Used in Malspam to Evade SPF and DMARC Security Protections
https://thehackernews.com/2025/01/neglected-domains-used-in-malspam-to.html
Cybersecurity researchers have found that bad actors are continuing to have success by spoofing sender email addresses as part of various malspam campaigns.
Faking the sender address of an email is widely seen as an attempt to make the digital missive more legitimate and get past security mechanisms that could otherwise flag it as malicious.
While there are safeguards such as DomainKeys
595
Researchers Expose NonEuclid RAT Using UAC Bypass and AMSI Evasion Techniques
https://thehackernews.com/2025/01/researchers-expose-noneuclid-rat-using.html
Cybersecurity researchers have shed light on a new remote access trojan called NonEuclid that allows bad actors to remotely control compromised Windows systems.
"The NonEuclid remote access trojan (RAT), developed in C#, is a highly sophisticated malware offering unauthorised remote access with advanced evasion techniques," Cyfirma said in a technical analysis published last week.
"It employs
595
Top 5 Malware Threats to Prepare Against in 2025
https://thehackernews.com/2025/01/top-5-malware-threats-to-prepare.html
2024 had its fair share of high-profile cyber attacks, with companies as big as Dell and TicketMaster falling victim to data breaches and other infrastructure compromises. In 2025, this trend will continue. So, to be prepared for any kind of malware attack, every organization needs to know its cyber enemy in advance. Here are 5 common malware families that you can start preparing to counter
اکنون در دسترس! پژوهش تلگرام ۲۰۲۵ — مهمترین بینشهای سال 
