fa
Feedback
TECHZONE™

TECHZONE™

رفتن به کانال در Telegram

TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news

نمایش بیشتر
595
مشترکین
اطلاعاتی وجود ندارد24 ساعت
-17 روز
-1030 روز
آرشیو پست ها
Leaked Black Basta Ransomware Chat Logs Reveal Inner Workings and Internal Conflicts https://thehackernews.com/2025/02/leaked-black-basta-chat-logs-reveal.html More than a year's worth of internal chat logs from a ransomware gang known as Black Basta have been published online in a leak that provides unprecedented visibility into their tactics and internal conflicts among its members. The Russian-language chats on the Matrix messaging platform between September 18, 2023, and September 28, 2024, were initially leaked on February 11, 2025, by an

SOC 3.0 - The Evolution of the SOC and How AI is Empowering Human Talent https://thehackernews.com/2025/02/soc-30-evolution-of-soc-and-how-ai-is.html Organizations today face relentless cyber attacks, with high-profile breaches hitting the headlines almost daily. Reflecting on a long journey in the security field, it’s clear this isn’t just a human problem—it’s a math problem. There are simply too many threats and security tasks for any SOC to manually handle in a reasonable timeframe. Yet, there is a solution. Many refer to it as SOC 3.0—an

New Linux Malware ‘Auto-Color’ Grants Hackers Full Remote Access to Compromised Systems https://thehackernews.com/2025/02/new-linux-malware-auto-color-grants.html Universities and government organizations in North America and Asia have been targeted by a previously undocumented Linux malware called Auto-Color between November and December 2024, according to new findings from Palo Alto Networks Unit 42. "Once installed, Auto-color allows threat actors full remote access to compromised machines, making it very difficult to remove without specialized

Three Password Cracking Techniques and How to Defend Against Them https://thehackernews.com/2025/02/three-password-cracking-techniques-and.html Passwords are rarely appreciated until a security breach occurs; suffice to say, the importance of a strong password becomes clear only when faced with the consequences of a weak one. However, most end users are unaware of just how vulnerable their passwords are to the most common password-cracking methods. The following are the three common techniques for cracking passwords and how to

CERT-UA Warns of UAC-0173 Attacks Deploying DCRat to Compromise Ukrainian Notaries https://thehackernews.com/2025/02/cert-ua-warns-of-uac-0173-attacks.html The Computer Emergency Response Team of Ukraine (CERT-UA) on Tuesday warned of renewed activity from an organized criminal group it tracks as UAC-0173 that involves infecting computers with a remote access trojan named DCRat (aka DarkCrystal RAT). The Ukrainian cybersecurity authority said it observed the latest attack wave starting in mid-January 2025. The activity is designed to target the

Malicious PyPI Package "automslc" Enables 104K+ Unauthorized Deezer Music Downloads https://thehackernews.com/2025/02/malicious-pypi-package-automslc-enables.html Cybersecurity researchers have flagged a malicious Python library on the Python Package Index (PyPI) repository that facilitates unauthorized music downloads from music streaming service Deezer. The package in question is automslc, which has been downloaded over 104,000 times to date. First published in May 2019, it remains available on PyPI as of writing. "Although automslc, which has been

CISA Adds Microsoft and Zimbra Flaws to KEV Catalog Amid Active Exploitation https://thehackernews.com/2025/02/cisa-adds-microsoft-and-zimbra-flaws-to.html The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday placed two security flaws impacting Microsoft Partner Center and Synacor Zimbra Collaboration Suite (ZCS) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerabilities in question are as follows - CVE-2024-49035 (CVSS score: 8.7) - An improper access control

LightSpy Expands to 100+ Commands, Increasing Control Over Windows, macOS, Linux, and Mobile https://thehackernews.com/2025/02/lightspy-expands-to-100-commands.html Cybersecurity researchers have flagged an updated version of the LightSpy implant that comes equipped with an expanded set of data collection features to extract information from social media platforms like Facebook and Instagram. LightSpy is the name given to a modular spyware that's capable of infecting both Windows and Apple systems with an aim to harvest data. It was first documented in

Belarus-Linked Ghostwriter Uses Macropack-Obfuscated Excel Macros to Deploy Malware https://thehackernews.com/2025/02/belarus-linked-ghostwriter-uses.html Opposition activists in Belarus as well as Ukrainian military and government organizations are the target of a new campaign that employs malware-laced Microsoft Excel documents as lures to deliver a new variant of PicassoLoader.  The threat cluster has been assessed to be an extension of a long-running campaign mounted by a Belarus-aligned threat actor dubbed Ghostwriter (aka Moonscape,

5 Active Malware Campaigns in Q1 2025 https://thehackernews.com/2025/02/5-active-malware-campaigns-in-q1-2025.html The first quarter of 2025 has been a battlefield in the world of cybersecurity. Cybercriminals continued launching aggressive new campaigns and refining their attack methods. Below is an overview of five notable malware families, accompanied by analyses conducted in controlled environments. NetSupport RAT Exploiting the ClickFix Technique In early 2025, threat actors began exploiting a technique

2,500+ Truesight.sys Driver Variants Exploited to Bypass EDR and Deploy HiddenGh0st RAT https://thehackernews.com/2025/02/2500-truesightsys-driver-variants.html A large-scale malware campaign has been found leveraging a vulnerable Windows driver associated with Adlice's product suite to sidestep detection efforts and deliver the Gh0st RAT malware. "To further evade detection, the attackers deliberately generated multiple variants (with different hashes) of the 2.0.2 driver by modifying specific PE parts while keeping the signature valid," Check Point

GitVenom Malware Steals $456K in Bitcoin Using Fake GitHub Projects to Hijack Wallets https://thehackernews.com/2025/02/gitvenom-malware-steals-456k-in-bitcoin.html Cybersecurity researchers are calling attention to an ongoing campaign that's targeting gamers and cryptocurrency investors under the guise of open-source projects hosted on GitHub. The campaign, which spans hundreds of repositories, has been dubbed GitVenom by Kaspersky. "The infected projects include an automation instrument for interacting with Instagram accounts, a Telegram bot that enables

FatalRAT Phishing Attacks Target APAC Industries Using Chinese Cloud Services https://thehackernews.com/2025/02/fatalrat-phishing-attacks-target-apac.html Various industrial organizations in the Asia-Pacific (APAC) region have been targeted as part of phishing attacks designed to deliver a known malware called FatalRAT. "The threat was orchestrated by attackers using legitimate Chinese cloud content delivery network (CDN) myqcloud and the Youdao Cloud Notes service as part of their attack infrastructure," Kaspersky ICS CERT said in a Monday

Two Actively Exploited Security Flaws in Adobe and Oracle Products Flagged by CISA https://thehackernews.com/2025/02/two-actively-exploited-security-flaws.html The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two security flaws impacting Adobe ColdFusion and Oracle Agile Product Lifecycle Management (PLM) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerabilities in question are listed below - CVE-2017-3066 (CVSS score: 9.8) - A deserialization vulnerability impacting

New Malware Campaign Uses Cracked Software to Spread Lumma and ACR Stealer https://thehackernews.com/2025/02/new-malware-campaign-uses-cracked.html Cybersecurity researchers are warning of a new campaign that leverages cracked versions of software as a lure to distribute information stealers like Lumma and ACR Stealer. The AhnLab Security Intelligence Center (ASEC) said it has observed a spike in the distribution volume of ACR Stealer since January 2025. A notable aspect of the stealer malware is the use of a technique called dead drop

⚡ THN Weekly Recap: From $1.5B Crypto Heist to AI Misuse & Apple’s Data Dilemma https://thehackernews.com/2025/02/thn-weekly-recap-from-15b-crypto-heist.html Welcome to your weekly roundup of cyber news, where every headline gives you a peek into the world of online battles. This week, we look at a huge crypto theft, reveal some sneaky AI scam tricks, and discuss big changes in data protection. Let these stories spark your interest and help you understand the changing threats in our digital world. ⚡ Threat of the Week Lazarus Group Linked to

Google Cloud KMS Adds Quantum-Safe Digital Signatures to Defend Against Future Threats https://thehackernews.com/2025/02/google-cloud-kms-adds-quantum-safe.html Google Cloud has announced quantum-safe digital signatures in Google Cloud Key Management Service (Cloud KMS) for software-based keys as a way to bulletproof encryption systems against the threat posed by cryptographically-relevant quantum computers. The feature, currently in preview, coexists with the National Institute of Standards and Technology's (NIST) post-quantum cryptography (PQC)

Becoming Ransomware Ready: Why Continuous Validation Is Your Best Defense https://thehackernews.com/2025/02/becoming-ransomware-ready-why.html Ransomware doesn’t hit all at once—it slowly floods your defenses in stages. Like a ship subsumed with water, the attack starts quietly, below the surface, with subtle warning signs that are easy to miss. By the time encryption starts, it’s too late to stop the flood.  Each stage of a ransomware attack offers a small window to detect and stop the threat before it’s too late. The problem is

Australia Bans Kaspersky Software Over National Security and Espionage Concerns https://thehackernews.com/2025/02/australia-bans-kaspersky-software-over.html Australia has become the latest country to ban the installation of security software from Russian company Kaspersky, citing national security concerns. "After considering threat and risk analysis, I have determined that the use of Kaspersky Lab, Inc. products and web services by Australian Government entities poses an unacceptable security risk to Australian Government, networks and data,

Bybit Confirms Record-Breaking $1.46 Billion Crypto Heist in Sophisticated Cold Wallet Attack https://thehackernews.com/2025/02/bybit-confirms-record-breaking-146.html Cryptocurrency exchange Bybit on Friday revealed that a "sophisticated" attack led to the theft of over $1.46 billion worth of cryptocurrency from one of its Ethereum cold (offline) wallets, making it the largest ever single crypto heist in history. "The incident occurred when our ETH multisig cold wallet executed a transfer to our warm wallet. Unfortunately, this transaction was manipulated