fa
Feedback
TECHZONE™

TECHZONE™

رفتن به کانال در Telegram

TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news

نمایش بیشتر
595
مشترکین
اطلاعاتی وجود ندارد24 ساعت
-27 روز
-1130 روز
آرشیو پست ها
The New Ransomware Groups Shaking Up 2025 https://thehackernews.com/2025/03/the-new-ransomware-groups-shaking-up.html In 2024, global ransomware attacks hit 5,414, an 11% increase from 2023.  After a slow start, attacks spiked in Q2 and surged in Q4, with 1,827 incidents (33% of the year's total). Law enforcement actions against major groups like LockBit caused fragmentation, leading to more competition and a rise in smaller gangs. The number of active ransomware groups jumped 40%, from 68 in 2023 to 95

Vo1d Botnet's Peak Surpasses 1.59M Infected Android TVs, Spanning 226 Countries https://thehackernews.com/2025/03/vo1d-botnets-peak-surpasses-159m.html Brazil, South Africa, Indonesia, Argentina, and Thailand have become the targets of a campaign that has infected Android TV devices with a botnet malware dubbed Vo1d. The improved variant of Vo1d has been found to encompass 800,000 daily active IP addresses, with the botnet scaling a peak of 1,590,299 on January 19, 2025, spanning 226 countries. As of February 25, 2025, India has experienced a

Mozilla Updates Firefox Terms Again After Backlash Over Broad Data License Language https://thehackernews.com/2025/03/mozilla-updates-firefox-terms-again.html Firefox browser maker Mozilla on Friday updated its Terms of Use a second time within a week following criticism overbroad language that appeared to give the company the rights to all information uploaded by users. The revised Terms of Use now states - You give Mozilla the rights necessary to operate Firefox. This includes processing your data as we describe in the Firefox Privacy Notice. It

Amnesty Finds Cellebrite’s Zero-Day Used to Unlock Serbian Activist’s Android Phone https://thehackernews.com/2025/02/amnesty-finds-cellebrites-zero-day.html A 23-year-old Serbian youth activist had their Android phone targeted by a zero-day exploit developed by Cellebrite to unlock the device, according to a new report from Amnesty International. "The Android phone of one student protester was exploited and unlocked by a sophisticated zero-day exploit chain targeting Android USB drivers, developed by Cellebrite," the international non-governmental

RDP: a Double-Edged Sword for IT Teams – Essential Yet Exploitable https://thehackernews.com/2025/02/rdp-double-edged-sword-for-it-teams.html Remote Desktop Protocol (RDP) is an amazing technology developed by Microsoft that lets you access and control another computer over a network. It’s like having your office computer with you wherever you go. For businesses, this means IT staff can manage systems remotely, and employees can work from home or anywhere, making RDP a true game-changer in today’s work environment. But here’s the

Fake CAPTCHA PDFs Spread Lumma Stealer via Webflow, GoDaddy, and Other Domains https://thehackernews.com/2025/02/5000-phishing-pdfs-on-260-domains.html Cybersecurity researchers have uncovered a widespread phishing campaign that uses fake CAPTCHA images shared via PDF documents hosted on Webflow's content delivery network (CDN) to deliver the Lumma stealer malware. Netskope Threat Labs said it discovered 260 unique domains hosting 5,000 phishing PDF files that redirect victims to malicious websites. "The attacker uses SEO to trick victims into

Microsoft Exposes LLMjacking Cybercriminals Behind Azure AI Abuse Scheme https://thehackernews.com/2025/02/microsoft-exposes-llmjacking.html Microsoft on Thursday unmasked four of the individuals that it said were behind an Azure Abuse Enterprise scheme that involves leveraging unauthorized access to generative artificial intelligence (GenAI) services in order to produce offensive and harmful content. The campaign, called LLMjacking, has targeted various AI offerings, including Microsoft's Azure OpenAI Service. The tech giant is

12,000+ API Keys and Passwords Found in Public Datasets Used for LLM Training https://thehackernews.com/2025/02/12000-api-keys-and-passwords-found-in.html A dataset used to train large language models (LLMs) has been found to contain nearly 12,000 live secrets, which allow for successful authentication. The findings once again highlight how hard-coded credentials pose a severe security risk to users and organizations alike, not to mention compounding the problem when LLMs end up suggesting insecure coding practices to their users. Truffle

Sticky Werewolf Uses Undocumented Implant to Deploy Lumma Stealer in Russia and Belarus https://thehackernews.com/2025/02/sticky-werewolf-uses-undocumented.html The threat actor known as Sticky Werewolf has been linked to targeted attacks primarily in Russia and Belarus with the aim of delivering the Lumma Stealer malware by means of a previously undocumented implant. Cybersecurity company Kaspersky is tracking the activity under the name Angry Likho, which it said bears a "strong resemblance" to Awaken Likho (aka Core Werewolf, GamaCopy, and

Silver Fox APT Uses Winos 4.0 Malware in Cyber Attacks Against Taiwanese Organizations https://thehackernews.com/2025/02/silver-fox-apt-uses-winos-40-malware-in.html A new campaign is targeting companies in Taiwan with malware known as Winos 4.0 as part of phishing emails masquerading as the country's National Taxation Bureau. The campaign, detected last month by Fortinet FortiGuard Labs, marks a departure from previous attack chains that have leveraged malicious game-related applications. "The sender claimed that the malicious file attached was a list of

Space Pirates Targets Russian IT Firms With New LuckyStrike Agent Malware https://thehackernews.com/2025/02/space-pirates-targets-russian-it-firms.html The threat actor known as Space Pirates has been linked to a malicious campaign targeting Russian information technology (IT) organizations with a previously undocumented malware called LuckyStrike Agent. The activity was detected in November 2024 by Solar, the cybersecurity arm of Russian state-owned telecom company Rostelecom. It's tracking the activity under the name Erudite Mogwai. The

89% of Enterprise GenAI Usage Is Invisible to Organizations Exposing Critical Security Risks, New Report Reveals https://thehackernews.com/2025/02/89-of-enterprise-genai-usage-is.html Organizations are either already adopting GenAI solutions, evaluating strategies for integrating these tools into their business plans, or both. To drive informed decision-making and effective planning, the availability of hard data is essential—yet such data remains surprisingly scarce. The “Enterprise GenAI Data Security Report 2025” by LayerX delivers unprecedented insights

New TgToxic Banking Trojan Variant Evolves with Anti-Analysis Upgrades https://thehackernews.com/2025/02/new-tgtoxic-banking-trojan-variant.html Cybersecurity researchers have discovered an updated version of an Android malware called TgToxic (aka ToxicPanda), indicating that the threat actors behind it are continuously making changes in response to public reporting. "The modifications seen in the TgToxic payloads reflect the actors' ongoing surveillance of open source intelligence and demonstrate their commitment to enhancing the

PolarEdge Botnet Exploits Cisco and Other Flaws to Hijack ASUS, QNAP, and Synology Devices https://thehackernews.com/2025/02/polaredge-botnet-exploits-cisco-and.html A new malware campaign has been observed targeting edge devices from Cisco, ASUS, QNAP, and Synology to rope them into a botnet named PolarEdge since at least the end of 2023. French cybersecurity company Sekoia said it observed the unknown threat actors leveraging CVE-2023-20118 (CVSS score: 6.5), a critical security flaw impacting Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and

Bybit Hack Traced to Safe{Wallet} Supply Chain Attack Exploited by North Korean Hackers https://thehackernews.com/2025/02/bybit-hack-traced-to-safewallet-supply.html The U.S. Federal Bureau of Investigation (FBI) formally linked the record-breaking $1.5 billion Bybit hack to North Korean threat actors, as the company's CEO Ben Zhou declared a "war against Lazarus." The agency said the Democratic People's Republic of Korea (North Korea) was responsible for the theft of the virtual assets from the cryptocurrency exchange, attributing it to a specific cluster

Hackers Exploited Krpano Framework Flaw to Inject Spam Ads on 350+ Websites https://thehackernews.com/2025/02/hackers-exploited-krpano-framework-flaw.html A cross-site scripting (XSS) vulnerability in a virtual tour framework has been weaponized by malicious actors to inject malicious scripts across hundreds of websites with the goal of manipulating search results and fueling a spam ads campaign at scale. Security researcher Oleg Zaytsev, in a report shared with The Hacker News, said the campaign – dubbed 360XSS – affected over 350 websites,

Leaked Black Basta Ransomware Chat Logs Reveal Inner Workings and Internal Conflicts https://thehackernews.com/2025/02/leaked-black-basta-chat-logs-reveal.html More than a year's worth of internal chat logs from a ransomware gang known as Black Basta have been published online in a leak that provides unprecedented visibility into their tactics and internal conflicts among its members. The Russian-language chats on the Matrix messaging platform between September 18, 2023, and September 28, 2024, were initially leaked on February 11, 2025, by an

SOC 3.0 - The Evolution of the SOC and How AI is Empowering Human Talent https://thehackernews.com/2025/02/soc-30-evolution-of-soc-and-how-ai-is.html Organizations today face relentless cyber attacks, with high-profile breaches hitting the headlines almost daily. Reflecting on a long journey in the security field, it’s clear this isn’t just a human problem—it’s a math problem. There are simply too many threats and security tasks for any SOC to manually handle in a reasonable timeframe. Yet, there is a solution. Many refer to it as SOC 3.0—an

New Linux Malware ‘Auto-Color’ Grants Hackers Full Remote Access to Compromised Systems https://thehackernews.com/2025/02/new-linux-malware-auto-color-grants.html Universities and government organizations in North America and Asia have been targeted by a previously undocumented Linux malware called Auto-Color between November and December 2024, according to new findings from Palo Alto Networks Unit 42. "Once installed, Auto-color allows threat actors full remote access to compromised machines, making it very difficult to remove without specialized

Three Password Cracking Techniques and How to Defend Against Them https://thehackernews.com/2025/02/three-password-cracking-techniques-and.html Passwords are rarely appreciated until a security breach occurs; suffice to say, the importance of a strong password becomes clear only when faced with the consequences of a weak one. However, most end users are unaware of just how vulnerable their passwords are to the most common password-cracking methods. The following are the three common techniques for cracking passwords and how to