TECHZONE™
رفتن به کانال در Telegram
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
نمایش بیشتر595
مشترکین
اطلاعاتی وجود ندارد24 ساعت
اطلاعاتی وجود ندارد7 روز
-930 روز
آرشیو پست ها
595
Hacktivist Group Twelve Targets Russian Entities with Destructive Cyber Attacks
https://thehackernews.com/2024/09/hacktivist-group-twelve-targets-russian.html
A hacktivist group known as Twelve has been observed using an arsenal of publicly available tools to conduct destructive cyber attacks against Russian targets.
"Rather than demand a ransom for decrypting data, Twelve prefers to encrypt victims' data and then destroy their infrastructure with a wiper to prevent recovery," Kaspersky said in a Friday analysis.
"The approach is indicative of a
595
LinkedIn Halts AI Data Processing in UK Amid Privacy Concerns Raised by ICO
https://thehackernews.com/2024/09/linkedin-halts-ai-data-processing-in-uk.html
The U.K. Information Commissioner's Office (ICO) has confirmed that professional social networking platform LinkedIn has suspended processing users' data in the country to train its artificial intelligence (AI) models.
"We are pleased that LinkedIn has reflected on the concerns we raised about its approach to training generative AI models with information relating to its U.K. users," Stephen
595
Ukraine Bans Telegram Use for Government and Military Personnel
https://thehackernews.com/2024/09/ukraine-bans-telegram-use-for.html
Ukraine has restricted the use of the Telegram messaging app by government officials, military personnel, and other defense and critical infrastructure workers, citing national security concerns.
The ban was announced by the National Coordination Centre for Cybersecurity (NCCC) in a post shared on Facebook.
"I have always advocated and advocate for freedom of speech, but the issue of Telegram is
595
Europol Shuts Down Major Phishing Scheme Targeting Mobile Phone Credentials
https://thehackernews.com/2024/09/europol-shuts-down-major-phishing.html
Law enforcement authorities have announced the takedown of an international criminal network that leveraged a phishing platform to unlock stolen or lost mobile phones.
The phishing-as-a-service (PhaaS) platform, called iServer, is estimated to have claimed more than 483,000 victims globally, led by Chile (77,000), Colombia (70,000), Ecuador (42,000), Peru (41,500), Spain (30,000), and Argentina
595
Passwordless AND Keyless: The Future of (Privileged) Access Management
https://thehackernews.com/2024/09/passwordless-and-keyless-future-of.html
In IT environments, some secrets are managed well and some fly under the radar. Here’s a quick checklist of what kinds of secrets companies typically manage, including one type they should manage:
Passwords [x]
TLS certificates [x]
Accounts [x]
SSH keys ???
The secrets listed above are typically secured with privileged access management (PAM) solutions or similar. Yet, most traditional PAM
595
Iranian APT UNC1860 Linked to MOIS Facilitates Cyber Intrusions in Middle East
https://thehackernews.com/2024/09/iranian-apt-unc1860-linked-to-mois.html
An Iranian advanced persistent threat (APT) threat actor likely affiliated with the Ministry of Intelligence and Security (MOIS) is now acting as an initial access facilitator that provides remote access to target networks.
Google-owned Mandiant is tracking the activity cluster under the moniker UNC1860, which it said shares similarities with intrusion sets tracked by Microsoft, Cisco Talos, and
595
Chrome Users Can Now Sync Passkeys Across Devices with New Google PIN Feature
https://thehackernews.com/2024/09/chrome-users-can-now-sync-passkeys.html
Google on Thursday unveiled a Password Manager PIN to let Chrome web users sync their passkeys across Windows, macOS, Linux, ChromeOS, and Android devices.
"This PIN adds an additional layer of security to ensure your passkeys are end-to-end encrypted and can't be accessed by anyone, not even Google," Chrome product manager Chirag Desai said.
The PIN is a six-digit code by default, although it's
595
Critical Ivanti Cloud Appliance Vulnerability Exploited in Active Cyberattacks
https://thehackernews.com/2024/09/critical-ivanti-cloud-appliance.html
Ivanti has revealed that a critical security flaw impacting Cloud Service Appliance (CSA) has come under active exploitation in the wild.
The new vulnerability, assigned the CVE identifier CVE-2024-8963, carries a CVSS score of 9.4 out of a maximum of 10.0. It was "incidentally addressed" by the company as part of CSA 4.6 Patch 519 and CSA 5.0.
"Path Traversal in the Ivanti CSA before 4.6 Patch
595
Influencing the influencers | Unlocked 403 cybersecurity podcast (ep. 6)
https://www.welivesecurity.com/en/videos/influencing-influencers-unlocked-403-cybersecurity-podcast-ep-6/
How do analyst relations professionals 'sort through the noise' and help deliver the not-so-secret sauce for a company's success? We spoke with ESET's expert to find out.
595
Wherever There's Ransomware, There's Service Account Compromise. Are You Protected?
https://thehackernews.com/2024/09/wherever-theres-ransomware-theres.html
Until just a couple of years ago, only a handful of IAM pros knew what service accounts are. In the last years, these silent Non-Human-Identities (NHI) accounts have become one of the most targeted and compromised attack surfaces. Assessments report that compromised service accounts play a key role in lateral movement in over 70% of ransomware attacks. However, there’s an alarming disproportion
595
Hackers Exploit Default Credentials in FOUNDATION Software to Breach Construction Firms
https://thehackernews.com/2024/09/hackers-exploit-default-credentials-in.html
Threat actors have been observed targeting the construction sector by infiltrating the FOUNDATION Accounting Software, according to new findings from Huntress.
"Attackers have been observed brute-forcing the software at scale, and gaining access simply by using the product’s default credentials," the cybersecurity company said.
Targets of the emerging threat include plumbing, HVAC (heating,
595
New Brazilian-Linked SambaSpy Malware Targets Italian Users via Phishing Emails
https://thehackernews.com/2024/09/new-brazilian-linked-sambaspy-malware.html
A previously undocumented malware called SambaSpy is exclusively targeting users in Italy via a phishing campaign orchestrated by a suspected Brazilian Portuguese-speaking threat actor.
"Threat actors usually try to cast a wide net to maximize their profits, but these attackers are focused on just one country," Kaspersky said in a new analysis. "It's likely that the attackers are testing the
595
New TeamTNT Cryptojacking Campaign Targets CentOS Servers with Rootkit
https://thehackernews.com/2024/09/new-teamtnt-cryptojacking-campaign.html
The cryptojacking operation known as TeamTNT has likely resurfaced as part of a new campaign targeting Virtual Private Server (VPS) infrastructures based on the CentOS operating system.
"The initial access was accomplished via a Secure Shell (SSH) brute force attack on the victim's assets, during which the threat actor uploaded a malicious script," Group-IB researchers Vito Alfano and Nam Le
595
Healthcare's Diagnosis is Critical: The Cure is Cybersecurity Hygiene
https://thehackernews.com/2024/09/healthcares-diagnosis-is-critical-cure.html
Cybersecurity in healthcare has never been more urgent. As the most vulnerable industry and largest target for cybercriminals, healthcare is facing an increasing wave of cyberattacks. When a hospital's systems are held hostage by ransomware, it’s not just data at risk — it’s the care of patients who depend on life-saving treatments. Imagine an attack that forces emergency care to halt, surgeries
595
Microsoft Warns of New INC Ransomware Targeting U.S. Healthcare Sector
https://thehackernews.com/2024/09/microsoft-warns-of-new-inc-ransomware.html
Microsoft has revealed that a financially motivated threat actor has been observed using a ransomware strain called INC for the first time to target the healthcare sector in the U.S.
The tech giant's threat intelligence team is tracking the activity under the name Vanilla Tempest (formerly DEV-0832).
"Vanilla Tempest receives hand-offs from GootLoader infections by the threat actor Storm-0494,
595
Understanding cyber-incident disclosure
https://www.welivesecurity.com/en/business-security/understanding-cyber-incident-disclosure/
Proper disclosure of a cyber-incident can help shield your business from further financial and reputational damage, and cyber-insurers can step in to help
595
GitLab Patches Critical SAML Authentication Bypass Flaw in CE and EE Editions
https://thehackernews.com/2024/09/gitlab-patches-critical-saml.html
GitLab has released patches to address a critical flaw impacting Community Edition (CE) and Enterprise Edition (EE) that could result in an authentication bypass.
The vulnerability is rooted in the ruby-saml library (CVE-2024-45409, CVSS score: 10.0), which could allow an attacker to log in as an arbitrary user within the vulnerable system. It was addressed by the maintainers last week.
The
595
New "Raptor Train" IoT Botnet Compromises Over 200,000 Devices Worldwide
https://thehackernews.com/2024/09/new-raptor-train-iot-botnet-compromises.html
Cybersecurity researchers have uncovered a never-before-seen botnet comprising an army of small office/home office (SOHO) and IoT devices that are likely operated by a Chinese nation-state threat actor called Flax Typhoon (aka Ethereal Panda or RedJuliett).
The sophisticated botnet, dubbed Raptor Train by Lumen's Black Lotus Labs, is believed to have been operational since at least May 2020,
595
Chinese Engineer Charged in U.S. for Years-Long Cyber Espionage Targeting NASA and Military
https://thehackernews.com/2024/09/chinese-engineer-charged-in-us-for.html
A Chinese national has been indicted in the U.S. on charges of conducting a "multi-year" spear-phishing campaign to obtain unauthorized access to computer software and source code created by the National Aeronautics and Space Administration (NASA), research universities, and private companies.
Song Wu, 39, has been charged with 14 counts of wire fraud and 14 counts of aggravated identity theft.
595
ESET Research Podcast: EvilVideo
https://www.welivesecurity.com/en/podcasts/eset-research-podcast-evilvideo/
ESET researchers discuss how they uncovered a zero-day Telegram for Android exploit that allowed attackers to send malicious files posing as videos
اکنون در دسترس! پژوهش تلگرام ۲۰۲۵ — مهمترین بینشهای سال 
