fa
Feedback
TECHZONE™

TECHZONE™

رفتن به کانال در Telegram

TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news

نمایش بیشتر
595
مشترکین
اطلاعاتی وجود ندارد24 ساعت
اطلاعاتی وجود ندارد7 روز
-930 روز
آرشیو پست ها
Hacktivist Group Twelve Targets Russian Entities with Destructive Cyber Attacks https://thehackernews.com/2024/09/hacktivist-group-twelve-targets-russian.html A hacktivist group known as Twelve has been observed using an arsenal of publicly available tools to conduct destructive cyber attacks against Russian targets. "Rather than demand a ransom for decrypting data, Twelve prefers to encrypt victims' data and then destroy their infrastructure with a wiper to prevent recovery," Kaspersky said in a Friday analysis. "The approach is indicative of a

LinkedIn Halts AI Data Processing in UK Amid Privacy Concerns Raised by ICO https://thehackernews.com/2024/09/linkedin-halts-ai-data-processing-in-uk.html The U.K. Information Commissioner's Office (ICO) has confirmed that professional social networking platform LinkedIn has suspended processing users' data in the country to train its artificial intelligence (AI) models. "We are pleased that LinkedIn has reflected on the concerns we raised about its approach to training generative AI models with information relating to its U.K. users," Stephen

Ukraine Bans Telegram Use for Government and Military Personnel https://thehackernews.com/2024/09/ukraine-bans-telegram-use-for.html Ukraine has restricted the use of the Telegram messaging app by government officials, military personnel, and other defense and critical infrastructure workers, citing national security concerns. The ban was announced by the National Coordination Centre for Cybersecurity (NCCC) in a post shared on Facebook. "I have always advocated and advocate for freedom of speech, but the issue of Telegram is

Europol Shuts Down Major Phishing Scheme Targeting Mobile Phone Credentials https://thehackernews.com/2024/09/europol-shuts-down-major-phishing.html Law enforcement authorities have announced the takedown of an international criminal network that leveraged a phishing platform to unlock stolen or lost mobile phones. The phishing-as-a-service (PhaaS) platform, called iServer, is estimated to have claimed more than 483,000 victims globally, led by Chile (77,000), Colombia (70,000), Ecuador (42,000), Peru (41,500), Spain (30,000), and Argentina

Passwordless AND Keyless: The Future of (Privileged) Access Management https://thehackernews.com/2024/09/passwordless-and-keyless-future-of.html In IT environments, some secrets are managed well and some fly under the radar. Here’s a quick checklist of what kinds of secrets companies typically manage, including one type they should manage: Passwords [x] TLS certificates [x] Accounts [x] SSH keys ??? The secrets listed above are typically secured with privileged access management (PAM) solutions or similar. Yet, most traditional PAM

Iranian APT UNC1860 Linked to MOIS Facilitates Cyber Intrusions in Middle East https://thehackernews.com/2024/09/iranian-apt-unc1860-linked-to-mois.html An Iranian advanced persistent threat (APT) threat actor likely affiliated with the Ministry of Intelligence and Security (MOIS) is now acting as an initial access facilitator that provides remote access to target networks. Google-owned Mandiant is tracking the activity cluster under the moniker UNC1860, which it said shares similarities with intrusion sets tracked by Microsoft, Cisco Talos, and

Chrome Users Can Now Sync Passkeys Across Devices with New Google PIN Feature https://thehackernews.com/2024/09/chrome-users-can-now-sync-passkeys.html Google on Thursday unveiled a Password Manager PIN to let Chrome web users sync their passkeys across Windows, macOS, Linux, ChromeOS, and Android devices. "This PIN adds an additional layer of security to ensure your passkeys are end-to-end encrypted and can't be accessed by anyone, not even Google," Chrome product manager Chirag Desai said. The PIN is a six-digit code by default, although it's

Critical Ivanti Cloud Appliance Vulnerability Exploited in Active Cyberattacks https://thehackernews.com/2024/09/critical-ivanti-cloud-appliance.html Ivanti has revealed that a critical security flaw impacting Cloud Service Appliance (CSA) has come under active exploitation in the wild. The new vulnerability, assigned the CVE identifier CVE-2024-8963, carries a CVSS score of 9.4 out of a maximum of 10.0. It was "incidentally addressed" by the company as part of CSA 4.6 Patch 519 and CSA 5.0. "Path Traversal in the Ivanti CSA before 4.6 Patch

Influencing the influencers | Unlocked 403 cybersecurity podcast (ep. 6) https://www.welivesecurity.com/en/videos/influencing-influencers-unlocked-403-cybersecurity-podcast-ep-6/ How do analyst relations professionals 'sort through the noise' and help deliver the not-so-secret sauce for a company's success? We spoke with ESET's expert to find out.

Wherever There's Ransomware, There's Service Account Compromise. Are You Protected? https://thehackernews.com/2024/09/wherever-theres-ransomware-theres.html Until just a couple of years ago, only a handful of IAM pros knew what service accounts are. In the last years, these silent Non-Human-Identities (NHI) accounts have become one of the most targeted and compromised attack surfaces. Assessments report that compromised service accounts play a key role in lateral movement in over 70% of ransomware attacks. However, there’s an alarming disproportion

Hackers Exploit Default Credentials in FOUNDATION Software to Breach Construction Firms https://thehackernews.com/2024/09/hackers-exploit-default-credentials-in.html Threat actors have been observed targeting the construction sector by infiltrating the FOUNDATION Accounting Software, according to new findings from Huntress. "Attackers have been observed brute-forcing the software at scale, and gaining access simply by using the product’s default credentials," the cybersecurity company said. Targets of the emerging threat include plumbing, HVAC (heating,

New Brazilian-Linked SambaSpy Malware Targets Italian Users via Phishing Emails https://thehackernews.com/2024/09/new-brazilian-linked-sambaspy-malware.html A previously undocumented malware called SambaSpy is exclusively targeting users in Italy via a phishing campaign orchestrated by a suspected Brazilian Portuguese-speaking threat actor. "Threat actors usually try to cast a wide net to maximize their profits, but these attackers are focused on just one country," Kaspersky said in a new analysis. "It's likely that the attackers are testing the

New TeamTNT Cryptojacking Campaign Targets CentOS Servers with Rootkit https://thehackernews.com/2024/09/new-teamtnt-cryptojacking-campaign.html The cryptojacking operation known as TeamTNT has likely resurfaced as part of a new campaign targeting Virtual Private Server (VPS) infrastructures based on the CentOS operating system. "The initial access was accomplished via a Secure Shell (SSH) brute force attack on the victim's assets, during which the threat actor uploaded a malicious script," Group-IB researchers Vito Alfano and Nam Le

Healthcare's Diagnosis is Critical: The Cure is Cybersecurity Hygiene https://thehackernews.com/2024/09/healthcares-diagnosis-is-critical-cure.html Cybersecurity in healthcare has never been more urgent. As the most vulnerable industry and largest target for cybercriminals, healthcare is facing an increasing wave of cyberattacks. When a hospital's systems are held hostage by ransomware, it’s not just data at risk — it’s the care of patients who depend on life-saving treatments. Imagine an attack that forces emergency care to halt, surgeries

Microsoft Warns of New INC Ransomware Targeting U.S. Healthcare Sector https://thehackernews.com/2024/09/microsoft-warns-of-new-inc-ransomware.html Microsoft has revealed that a financially motivated threat actor has been observed using a ransomware strain called INC for the first time to target the healthcare sector in the U.S. The tech giant's threat intelligence team is tracking the activity under the name Vanilla Tempest (formerly DEV-0832). "Vanilla Tempest receives hand-offs from GootLoader infections by the threat actor Storm-0494,

Understanding cyber-incident disclosure https://www.welivesecurity.com/en/business-security/understanding-cyber-incident-disclosure/ Proper disclosure of a cyber-incident can help shield your business from further financial and reputational damage, and cyber-insurers can step in to help

GitLab Patches Critical SAML Authentication Bypass Flaw in CE and EE Editions https://thehackernews.com/2024/09/gitlab-patches-critical-saml.html GitLab has released patches to address a critical flaw impacting Community Edition (CE) and Enterprise Edition (EE) that could result in an authentication bypass. The vulnerability is rooted in the ruby-saml library (CVE-2024-45409, CVSS score: 10.0), which could allow an attacker to log in as an arbitrary user within the vulnerable system. It was addressed by the maintainers last week. The

New "Raptor Train" IoT Botnet Compromises Over 200,000 Devices Worldwide https://thehackernews.com/2024/09/new-raptor-train-iot-botnet-compromises.html Cybersecurity researchers have uncovered a never-before-seen botnet comprising an army of small office/home office (SOHO) and IoT devices that are likely operated by a Chinese nation-state threat actor called Flax Typhoon (aka Ethereal Panda or RedJuliett). The sophisticated botnet, dubbed Raptor Train by Lumen's Black Lotus Labs, is believed to have been operational since at least May 2020,

Chinese Engineer Charged in U.S. for Years-Long Cyber Espionage Targeting NASA and Military https://thehackernews.com/2024/09/chinese-engineer-charged-in-us-for.html A Chinese national has been indicted in the U.S. on charges of conducting a "multi-year" spear-phishing campaign to obtain unauthorized access to computer software and source code created by the National Aeronautics and Space Administration (NASA), research universities, and private companies. Song Wu, 39, has been charged with 14 counts of wire fraud and 14 counts of aggravated identity theft.

ESET Research Podcast: EvilVideo https://www.welivesecurity.com/en/podcasts/eset-research-podcast-evilvideo/ ESET researchers discuss how they uncovered a zero-day Telegram for Android exploit that allowed attackers to send malicious files posing as videos