TECHZONE™
رفتن به کانال در Telegram
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
نمایش بیشتر596
مشترکین
اطلاعاتی وجود ندارد24 ساعت
اطلاعاتی وجود ندارد7 روز
-930 روز
آرشیو پست ها
596
Ex-Engineer Charged in Missouri for Failed $750,000 Bitcoin Extortion Attempt
https://thehackernews.com/2024/09/ex-engineer-charged-in-missouri-for.html
A 57-year-old man from the U.S. state of Missouri has been arrested in connection with a failed data extortion campaign that targeted his former employer.
Daniel Rhyne of Kansas City, Missouri, has been charged with one count of extortion in relation to a threat to cause damage to a protected computer, one count of intentional damage to a protected computer, and one count of wire fraud.
He was
596
RansomHub Ransomware Group Targets 210 Victims Across Critical Sectors
https://thehackernews.com/2024/09/ransomhub-ransomware-group-targets-210.html
Threat actors linked to the RansomHub ransomware group encrypted and exfiltrated data from at least 210 victims since its inception in February 2024, the U.S. government said.
The victims span various sectors, including water and wastewater, information technology, government services and facilities, healthcare and public health, emergency services, food and agriculture, financial services,
596
Webinar: Learn to Boost Cybersecurity with AI-Powered Vulnerability Management
https://thehackernews.com/2024/09/webinar-learn-to-boost-cybersecurity.html
The world of cybersecurity is in a constant state of flux. New vulnerabilities emerge daily, and attackers are becoming more sophisticated.
In this high-stakes game, security leaders need every advantage they can get. That's where Artificial Intelligence (AI) comes in. AI isn't just a buzzword; it's a game-changer for vulnerability management.
AI is poised to revolutionize vulnerability
596
Next-Generation Attacks, Same Targets - How to Protect Your Users' Identities
https://thehackernews.com/2024/09/next-generation-attacks-same-targets.html
The FBI and CISA Issue Joint Advisory on New Threats and How to Stop Ransomware
Note: on August 29, the FBI and CISA issued a joint advisory as part of their ongoing #StopRansomware effort to help organizations protect against ransomware. The latest advisory, AA24-242A, describes a new cybercriminal group and its attack methods. It also details three important actions to take today to mitigate
596
Malicious npm Packages Mimicking 'noblox.js' Compromise Roblox Developers’ Systems
https://thehackernews.com/2024/09/malicious-npm-packages-mimicking.html
Roblox developers are the target of a persistent campaign that seeks to compromise systems through bogus npm packages, once again underscoring how threat actors continue to exploit the trust in the open-source ecosystem to deliver malware.
"By mimicking the popular 'noblox.js' library, attackers have published dozens of packages designed to steal sensitive data and compromise systems," Checkmarx
596
North Korean Hackers Deploy FudModule Rootkit via Chrome Zero-Day Exploit
https://thehackernews.com/2024/08/north-korean-hackers-deploy-fudmodule.html
A recently patched security flaw in Google Chrome and other Chromium web browsers was exploited as a zero-day by North Korean actors in a campaign designed to deliver the FudModule rootkit.
The development is indicative of the persistent efforts made by the nation-state adversary, which had made a habit of incorporating rafts of Windows zero-day exploits into its arsenal in recent months.
596
Cyberattackers Exploit Google Sheets for Malware Control in Likely Espionage Campaign
https://thehackernews.com/2024/08/cyberattackers-exploit-google-sheets.html
Cybersecurity researchers have uncovered a novel malware campaign that leverages Google Sheets as a command-and-control (C2) mechanism.
The activity, detected by Proofpoint starting August 5, 2024, impersonates tax authorities from governments in Europe, Asia, and the U.S., with the goal of targeting over 70 organizations worldwide by means of a bespoke tool called Voldemort that's equipped to
596
Iranian Hackers Set Up New Network to Target U.S. Political Campaigns
https://thehackernews.com/2024/08/iranian-hackers-set-up-new-network-to.html
Cybersecurity researchers have unearthed new network infrastructure set up by Iranian threat actors to support activities linked to the recent targeting of U.S. political campaigns.
Recorded Future's Insikt Group has linked the infrastructure to a threat it tracks as GreenCharlie, an Iran-nexus cyber threat group that overlaps with APT42, Charming Kitten, Damselfly, Mint Sandstorm (formerly
596
Breaking Down AD CS Vulnerabilities: Insights for InfoSec Professionals
https://thehackernews.com/2024/08/breaking-down-ad-cs-vulnerabilities.html
The most dangerous vulnerability you’ve never heard of.
In the world of cybersecurity, vulnerabilities are discovered so often, and at such a high rate, that it can be very difficult to keep up with. Some vulnerabilities will start ringing alarm bells within your security tooling, while others are far more nuanced, but still pose an equally dangerous threat. Today, we want to discuss one of
596
New Malware Masquerades as Palo Alto VPN Targeting Middle East Users
https://thehackernews.com/2024/08/new-malware-masquerades-as-palo-alto.html
Cybersecurity researchers have disclosed a new campaign that potentially targets users in the Middle East through malware that disguises itself as Palo Alto Networks GlobalProtect virtual private network (VPN) tool.
"The malware can execute remote PowerShell commands, download and exfiltrate files, encrypt communications, and bypass sandbox solutions, representing a significant threat to
596
North Korean Hackers Target Developers with Malicious npm Packages
https://thehackernews.com/2024/08/north-korean-hackers-target-developers.html
Threat actors with ties to North Korea have been observed publishing a set of malicious packages to the npm registry, indicating "coordinated and relentless" efforts to target developers with malware and steal cryptocurrency assets.
The latest wave, which was observed between August 12 and 27, 2024, involved packages named temp-etherscan-api, ethersscan-api, telegram-con, helmet-validate, and
596
SANS Institute Unveils Critical Infrastructure Strategy Guide for 2024: A Call to Action for Securing ICS/OT Environments
https://thehackernews.com/2024/08/sans-institute-unveils-critical.html
A comprehensive guide authored by Dean Parsons emphasizes the growing need for specialized ICS security measures in the face of rising cyber threats.
With a staggering 50% increase in ransomware attacks targeting industrial control systems (ICS) in 2023, the SANS Institute is taking decisive action by announcing the release of its essential new strategy guide, "ICS Is the Business: Why Securing
596
New Cyberattack Targets Chinese-Speaking Businesses with Cobalt Strike Payloads
https://thehackernews.com/2024/08/new-cyberattack-targets-chinese.html
Chinese-speaking users are the target of a "highly organized and sophisticated attack" campaign that is likely leveraging phishing emails to infect Windows systems with Cobalt Strike payloads.
"The attackers managed to move laterally, establish persistence and remain undetected within the systems for more than two weeks," Securonix researchers Den Iuzvyk and Tim Peck said in a new report.
The
596
Atlassian Confluence Vulnerability Exploited in Crypto Mining Campaigns
https://thehackernews.com/2024/08/atlassian-confluence-vulnerability.html
Threat actors are actively exploiting a now-patched, critical security flaw impacting the Atlassian Confluence Data Center and Confluence Server to conduct illicit cryptocurrency mining on susceptible instances.
"The attacks involve threat actors that employ methods such as the deployment of shell scripts and XMRig miners, targeting of SSH endpoints, killing competing crypto mining processes,
596
Vietnamese Human Rights Group Targeted in Multi-Year Cyberattack by APT32
https://thehackernews.com/2024/08/vietnamese-human-rights-group-targeted.html
A non-profit supporting Vietnamese human rights has been the target of a multi-year campaign designed to deliver a variety of malware on compromised hosts.
Cybersecurity company Huntress attributed the activity to a threat cluster known as APT32, a Vietnamese-aligned hacking crew that's also known as APT-C-00, Canvas Cyclone (formerly Bismuth), Cobalt Kitty, and OceanLotus. The intrusion is
596
Russian Hackers Exploit Safari and Chrome Flaws in High-Profile Cyberattack
https://thehackernews.com/2024/08/russian-hackers-exploit-safari-and.html
Cybersecurity researchers have flagged multiple in-the-wild exploit campaigns that leveraged now-patched flaws in Apple Safari and Google Chrome browsers to infect mobile users with information-stealing malware.
"These campaigns delivered n-day exploits for which patches were available, but would still be effective against unpatched devices," Google Threat Analysis Group (TAG) researcher Clement
596
U.S. Agencies Warn of Iranian Hacking Group's Ongoing Ransomware Attacks
https://thehackernews.com/2024/08/us-agencies-warn-of-iranian-hacking.html
U.S. cybersecurity and intelligence agencies have called out an Iranian hacking group for breaching multiple organizations across the country and coordinating with affiliates to deliver ransomware.
The activity has been linked to a threat actor dubbed Pioneer Kitten, which is also known as Fox Kitten, Lemon Sandstorm (formerly Rubidium), Parisite, and UNC757, which it described as connected to
596
How AitM Phishing Attacks Bypass MFA and EDR—and How to Fight Back
https://thehackernews.com/2024/08/how-to-stop-aitm-phishing-attack.html
Attackers are increasingly using new phishing toolkits (open-source, commercial, and criminal) to execute adversary-in-the-middle (AitM) attacks.
AitM enables attackers to not just harvest credentials but steal live sessions, allowing them to bypass traditional phishing prevention controls such as MFA, EDR, and email content filtering.
In this article, we’re going to look at what AitM phishing
596
Unpatched AVTECH IP Camera Flaw Exploited by Hackers for Botnet Attacks
https://thehackernews.com/2024/08/unpatched-avtech-ip-camera-flaw.html
A years-old high-severity flaw impacting AVTECH IP cameras has been weaponized by malicious actors as a zero-day to rope them into a botnet.
CVE-2024-7029 (CVSS score: 8.7), the vulnerability in question, is a "command injection vulnerability found in the brightness function of AVTECH closed-circuit television (CCTV) cameras that allows for remote code execution (RCE)," Akamai researchers Kyle
596
Stealing cash using NFC relay – Week in Security with Tony Anscombe
https://www.welivesecurity.com/en/videos/stealing-cash-using-nfc-relay-week-in-security-with-tony-anscombe/
The discovery of the NGate malware by ESET Research is another example of how sophisticated Android threats have become
اکنون در دسترس! پژوهش تلگرام ۲۰۲۵ — مهمترین بینشهای سال 
