TECHZONE™
رفتن به کانال در Telegram
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
نمایش بیشتر593
مشترکین
-124 ساعت
-17 روز
-730 روز
آرشیو پست ها
593
Threat intelligence explained | Unlocked 403: A cybersecurity podcast
https://www.welivesecurity.com/en/videos/threat-intelligence-explained-unlocked-403-cybersecurity-podcast/
We break down the fundamentals of threat intelligence and its role in anticipating and countering emerging threats
593
GhostRace – New Data Leak Vulnerability Affects Modern CPUs
https://thehackernews.com/2024/03/ghostrace-new-data-leak-vulnerability.html
A group of researchers has discovered a new data leakage attack impacting modern CPU architectures supporting speculative execution.
Dubbed GhostRace (CVE-2024-2193), it is a variation of the transient execution CPU vulnerability known as Spectre v1 (CVE-2017-5753). The approach combines speculative execution and race conditions.
"All the common synchronization primitives implemented
593
Third-Party ChatGPT Plugins Could Lead to Account Takeovers
https://thehackernews.com/2024/03/third-party-chatgpt-plugins-could-lead.html
Cybersecurity researchers have found that third-party plugins available for OpenAI ChatGPT could act as a new attack surface for threat actors looking to gain unauthorized access to sensitive data.
According to new research published by Salt Labs, security flaws found directly in ChatGPT and within the ecosystem could allow attackers to install malicious plugins without users' consent
593
Google Introduces Enhanced Real-Time URL Protection for Chrome Users
https://thehackernews.com/2024/03/google-introduces-enhanced-real-time.html
Google on Thursday announced an enhanced version of Safe Browsing to provide real-time, privacy-preserving URL protection and safeguard users from visiting potentially malicious sites.
“The Standard protection mode for Chrome on desktop and iOS will check sites against Google’s server-side list of known bad sites in real-time,” Google’s Jonathan Li and Jasika Bawa said.
“If we
593
Malicious Ads Targeting Chinese Users with Fake Notepad++ and VNote Installers
https://thehackernews.com/2024/03/malicious-ads-targeting-chinese-users.html
Chinese users looking for legitimate software such as Notepad++ and VNote on search engines like Baidu are being targeted with malicious ads and bogus links to distribute trojanized versions of the software and ultimately deploy Geacon, a Golang-based implementation of Cobalt Strike.
“The malicious site found in the notepad++ search is distributed through an advertisement block,” Kaspersky
593
How to share sensitive files securely online
https://www.welivesecurity.com/en/how-to/share-sensitive-files-securely-online/
Here are a few tips for secure file transfers and what else to consider when sharing sensitive documents so that your data remains safe
593
LockBit Ransomware Hacker Ordered to Pay $860,000 After Guilty Plea in Canada
https://thehackernews.com/2024/03/lockbit-ransomware-hacker-ordered-to.html
A 34-year-old Russian-Canadian national has been sentenced to nearly four years in jail in Canada for his participation in the LockBit global ransomware operation.
Mikhail Vasiliev, an Ontario resident, was originally arrested in November 2022 and charged by the U.S. Department of Justice (DoJ) with "conspiring with others to intentionally damage protected computers and to transmit
593
Researchers Detail Kubernetes Vulnerability That Enables Windows Node Takeover
https://thehackernews.com/2024/03/researchers-detail-kubernetes.html
Details have been made public about a now-patched high-severity flaw in Kubernetes that could allow a malicious attacker to achieve remote code execution with elevated privileges under specific circumstances.
“The vulnerability allows remote code execution with SYSTEM privileges on all Windows endpoints within a Kubernetes cluster,” Akamai security researcher Tomer Peled said. “To exploit
593
3 Things CISOs Achieve with Cato
https://thehackernews.com/2024/03/3-things-cisos-achieve-with-cato.html
Being a CISO is a balancing act: ensuring organizations are secure without compromising users’ productivity. This requires taking multiple elements into consideration, like cost, complexity, performance and user experience. CISOs around the globe use Cato SSE 360, as part of the Cato SASE Cloud platform to balance these factors without compromise.
This article details how CISOs are
593
RedCurl Cybercrime Group Abuses Windows PCA Tool for Corporate Espionage
https://thehackernews.com/2024/03/redcurl-cybercrime-group-abuses-windows.html
The Russian-speaking cybercrime group called RedCurl is leveraging a legitimate Microsoft Windows component called the Program Compatibility Assistant (PCA) to execute malicious commands.
“The Program Compatibility Assistant Service (pcalua.exe) is a Windows service designed to identify and address compatibility issues with older programs,” Trend Micro said in an analysis
593
Ande Loader Malware Targets Manufacturing Sector in North America
https://thehackernews.com/2024/03/ande-loader-malware-targets.html
The threat actor known as Blind Eagle has been observed using a loader malware called Ande Loader to deliver remote access trojans (RATs) like Remcos RAT and NjRAT.
The attacks, which take the form of phishing emails, targeted Spanish-speaking users in the manufacturing industry based in North America, eSentire said.
Blind Eagle (aka APT-C-36) is a financially motivated threat actor&
593
DarkGate Malware Exploits Recently Patched Microsoft Flaw in Zero-Day Attack
https://thehackernews.com/2024/03/darkgate-malware-exploits-recently.html
A DarkGate malware campaign observed in mid-January 2024 leveraged a recently patched security flaw in Microsoft Windows as a zero-day using bogus software installers.
“During this campaign, users were lured using PDFs that contained Google DoubleClick Digital Marketing (DDM) open redirects that led unsuspecting victims to compromised sites hosting the Microsoft Windows SmartScreen bypass
593
Fortinet Warns of Severe SQLi Vulnerability in FortiClientEMS Software
https://thehackernews.com/2024/03/fortinet-warns-of-severe-sqli.html
Fortinet has warned of a critical security flaw impacting its FortiClientEMS software that could allow attackers to achieve code execution on affected systems.
"An improper neutralization of special elements used in an SQL Command ('SQL Injection') vulnerability [CWE-89] in FortiClientEMS may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted
593
Demystifying a Common Cybersecurity Myth
https://thehackernews.com/2024/03/demystifying-common-cybersecurity-myth.html
One of the most common misconceptions in file upload cybersecurity is that certain tools are “enough” on their own—this is simply not the case. In our latest whitepaper OPSWAT CEO and Founder, Benny Czarny, takes a comprehensive look at what it takes to prevent malware threats in today’s ever-evolving file upload security landscape, and a big part of that is understanding where the
593
PixPirate Android Banking Trojan Using New Evasion Tactic to Target Brazilian Users
https://thehackernews.com/2024/03/pixpirate-android-banking-trojan-using.html
The threat actors behind the PixPirate Android banking trojan are leveraging a new trick to evade detection on compromised devices and harvest sensitive information from users in Brazil.
The approach allows it to hide the malicious app’s icon from the home screen of the victim’s device, IBM said in a technical report published today.
“Thanks to this new technique, during PixPirate reconnaissance
593
Join Our Webinar on Protecting Human and Non-Human Identities in SaaS Platforms
https://thehackernews.com/2024/03/join-our-webinar-on-protecting-human.html
Identities are the latest sweet spot for cybercriminals, now heavily targeting SaaS applications that are especially vulnerable in this attack vector.
The use of SaaS applications involves a wide range of identities, including human and non-human, such as service accounts, API keys, and OAuth authorizations. Consequently, any identity in a SaaS app can create an opening for cybercriminals to
593
Researchers Highlight Google's Gemini AI Susceptibility to LLM Threats
https://thehackernews.com/2024/03/researchers-highlight-googles-gemini-ai.html
Google's Gemini large language model (LLM) is susceptible to security threats that could cause it to divulge system prompts, generate harmful content, and carry out indirect injection attacks.
The findings come from HiddenLayer, which said the issues impact consumers using Gemini Advanced with Google Workspace as well as companies using the LLM API.
The first vulnerability involves
593
Alert: Cybercriminals Deploying VCURMS and STRRAT Trojans via AWS and GitHub
https://thehackernews.com/2024/03/alert-cybercriminals-deploying-vcurms.html
A new phishing campaign has been observed delivering remote access trojans (RAT) such as VCURMS and STRRAT by means of a malicious Java-based downloader.
“The attackers stored malware on public services like Amazon Web Services (AWS) and GitHub, employing a commercial protector to avoid detection of the malware,” Fortinet FortiGuard Labs researcher Yurren Wan said.
An unusual aspect of the
593
Microsoft's March Updates Fix 61 Vulnerabilities, Including Critical Hyper-V Flaws
https://thehackernews.com/2024/03/microsofts-march-updates-fix-61.html
Microsoft on Tuesday released its monthly security update, addressing 61 different security flaws spanning its software, including two critical issues impacting Windows Hyper-V that could lead to denial-of-service (DoS) and remote code execution.
Of the 61 vulnerabilities, two are rated Critical, 58 are rated Important, and one is rated Low in severity. None of the flaws are listed as
593
Election cybersecurity: Protecting the ballot box and building trust in election integrity
https://www.welivesecurity.com/en/critical-infrastructure/election-cybersecurity-protecting-ballot-box-building-trust-election-integrity/
What cyberthreats could wreak havoc on elections this year and how worried should we as voters be about the integrity of our voting systems?
