fa
Feedback
TECHZONE™

TECHZONE™

رفتن به کانال در Telegram

TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news

نمایش بیشتر
595
مشترکین
-124 ساعت
اطلاعاتی وجود ندارد7 روز
-930 روز
آرشیو پست ها
New Go-based Backdoor GoGra Targets South Asian Media Organization https://thehackernews.com/2024/08/new-go-based-backdoor-gogra-targets.html An unnamed media organization in South Asia was targeted in November 20233 using a previously undocumented Go-based backdoor called GoGra. "GoGra is written in Go and uses the Microsoft Graph API to interact with a command-and-control (C&C) server hosted on Microsoft mail services," Symantec, part of Broadcom, said in a report shared with The Hacker News. It's currently not clear how it's

CrowdStrike Reveals Root Cause of Global System Outages https://thehackernews.com/2024/08/crowdstrike-reveals-root-cause-of.html Cybersecurity company CrowdStrike has published its root cause analysis detailing the Falcon Sensor software update crash that crippled millions of Windows devices globally. The "Channel File 291" incident, as originally highlighted in its Preliminary Post Incident Review (PIR), has been traced back to a content validation issue that arose after it introduced a new Template Type to enable

Chameleon Android Banking Trojan Targets Users Through Fake CRM App https://thehackernews.com/2024/08/chameleon-android-banking-trojan.html Cybersecurity researchers have lifted the lid on a new technique adopted by threat actors behind the Chameleon Android banking trojan targeting users in Canada by masquerading as a Customer Relationship Management (CRM) app. "Chameleon was seen masquerading as a CRM app, targeting a Canadian restaurant chain operating internationally," Dutch security outfit ThreatFabric said in a technical

Apple’s New macOS Sequoia Tightens Gatekeeper Controls to Block Unauthorized Software https://thehackernews.com/2024/08/apples-new-macos-sequoia-tightens.html Apple on Tuesday announced an update to its next-generation macOS version that makes it a little more difficult for users to override Gatekeeper protections. Gatekeeper is a crucial line of defense built into macOS designed to ensure that only trusted apps run on the operating system. When an app is downloaded from outside of the App Store and opened for the first time, it verifies that the

INTERPOL Recovers $41 Million in Largest Ever BEC Scam in Singapore https://thehackernews.com/2024/08/interpol-recovers-41-million-in-largest.html INTERPOL said it devised a "global stop-payment mechanism" that helped facilitate the largest-ever recovery of funds defrauded in a business email compromise (BEC) scam.  The development comes after an unnamed commodity firm based in Singapore fell victim to a BEC scam in mid-July 2024. It refers to a type of cybercrime where a malicious actor poses as a trusted figure and uses email to

Suspicious Minds: Insider Threats in The SaaS World https://thehackernews.com/2024/08/suspicious-minds-insider-threats-in.html Everyone loves the double-agent plot twist in a spy movie, but it’s a different story when it comes to securing company data. Whether intentional or unintentional, insider threats are a legitimate concern. According to CSA research, 26% of companies who reported a SaaS security incident were struck by an insider.  The challenge for many is detecting those threats before they lead to full

North Korean Hackers Moonstone Sleet Push Malicious JS Packages to npm Registry https://thehackernews.com/2024/08/north-korean-hackers-moonstone-sleet.html The North Korea-linked threat actor known as Moonstone Sleet has continued to push malicious npm packages to the JavaScript package registry with the aim of infecting Windows systems, underscoring the persistent nature of their campaigns. The packages in question, harthat-api and harthat-hash, were published on July 7, 2024, according to Datadog Security Labs. Both the libraries did not attract

New Android Spyware LianSpy Evades Detection Using Yandex Cloud https://thehackernews.com/2024/08/new-android-spyware-lianspy-evades.html Users in Russia have been the target of a previously undocumented Android post-compromise spyware called LianSpy since at least 2021. Cybersecurity vendor Kaspersky, which discovered the malware in March 2024, noted its use of Yandex Cloud, a Russian cloud service, for command-and-control (C2) communications as a way to avoid having a dedicated infrastructure and evade detection. "This threat is

Google Patches New Android Kernel Vulnerability Exploited in the Wild https://thehackernews.com/2024/08/google-patches-new-android-kernel.html Google has addressed a high-severity security flaw impacting the Android kernel that it has been actively exploited in the wild. The vulnerability, tracked as CVE-2024-36971, has been described as a case of remote code execution impacting the kernel. "There are indications that CVE-2024-36971 may be under limited, targeted exploitation," the tech giant noted in its monthly Android security

New Zero-Day Flaw in Apache OFBiz ERP Allows Remote Code Execution https://thehackernews.com/2024/08/new-zero-day-flaw-in-apache-ofbiz-erp.html A new zero-day pre-authentication remote code execution vulnerability has been disclosed in the Apache OFBiz open-source enterprise resource planning (ERP) system that could allow threat actors to achieve remote code execution on affected instances. Tracked as CVE-2024-38856, the flaw has a CVSS score of 9.8 out of a maximum of 10.0. It affects Apache OFBiz versions prior to 18.12.15. "The

Researchers Uncover Flaws in Windows Smart App Control and SmartScreen https://thehackernews.com/2024/08/researchers-uncover-flaws-in-windows.html Cybersecurity researchers have uncovered design weaknesses in Microsoft's Windows Smart App Control and SmartScreen that could enable threat actors to gain initial access to target environments without raising any warnings. Smart App Control (SAC) is a cloud-powered security feature introduced by Microsoft in Windows 11 to block malicious, untrusted, and potentially unwanted apps from being run

Kazakh Organizations Targeted by 'Bloody Wolf' Cyber Attacks https://thehackernews.com/2024/08/kazakh-organizations-targeted-by-bloody.html Organizations in Kazakhstan are the target of a threat activity cluster dubbed Bloody Wolf that delivers a commodity malware called STRRAT (aka Strigoi Master). "The program selling for as little as $80 on underground resources allows the adversaries to take control of corporate computers and hijack restricted data," cybersecurity vendor BI.ZONE said in a new analysis. The cyber attacks employ

The Loper Bright Decision: How it Impacts Cybersecurity Law https://thehackernews.com/2024/08/the-loper-bright-decision-how-it.html The Loper Bright decision has yielded impactful results: the Supreme Court has overturned forty years of administrative law, leading to potential litigation over the interpretation of ambiguous laws previously decided by federal agencies. This article explores key questions for cybersecurity professionals and leaders as we enter a more contentious period of cybersecurity law. Background What is

Enhancing Incident Response Readiness with Wazuh https://thehackernews.com/2024/08/enhancing-incident-response-readiness.html Incident response is a structured approach to managing and addressing security breaches or cyber-attacks. Security teams must overcome challenges such as timely detection, comprehensive data collection, and coordinated actions to enhance readiness. Improving these areas ensures a swift and effective response, minimizing damage and restoring normal operations quickly. Challenges in incident

Critical Flaw in Rockwell Automation Devices Allows Unauthorized Access https://thehackernews.com/2024/08/critical-flaw-in-rockwell-automation.html A high-severity security bypass vulnerability has been disclosed in Rockwell Automation ControlLogix 1756 devices that could be exploited to execute common industrial protocol (CIP) programming and configuration commands. The flaw, which is assigned the CVE identifier CVE-2024-6242, carries a CVSS v3.1 score of 8.4. "A vulnerability exists in the affected products that allows a threat actor to

New Android Trojan "BlankBot" Targets Turkish Users' Financial Data https://thehackernews.com/2024/08/new-android-trojan-blankbot-targets.html Cybersecurity researchers have discovered a new Android banking trojan called BlankBot targeting Turkish users with an aim to steal financial information. "BlankBot features a range of malicious capabilities, which include customer injections, keylogging, screen recording and it communicates with a control server over a WebSocket connection," Intel 471 said in an analysis published last week.

China-Linked Hackers Compromise ISP to Deploy Malicious Software Updates https://thehackernews.com/2024/08/china-linked-hackers-compromise-isp-to.html The China-linked threat actor known as Evasive Panda compromised an unnamed internet service provider (ISP) to push malicious software updates to target companies in mid-2023, highlighting a new level of sophistication associated with the group. Evasive Panda, also known by the names Bronze Highland, Daggerfly, and StormBamboo, is a cyber espionage group that's been active since at least 2012,

AI and automation reducing breach costs – Week in security with Tony Anscombe https://www.welivesecurity.com/en/videos/ai-automation-reducing-breach-costs-week-security-tony-anscombe/ Organizations that leveraged AI and automation in security prevention cut the cost of a data breach by US$2.22 million compared to those that didn't deploy these technologies, according to IBM

DOJ and FTC Sue TikTok for Violating Children's Privacy Laws https://thehackernews.com/2024/08/doj-and-ftc-sue-tiktok-for-violating.html The U.S. Department of Justice (DoJ), along with the Federal Trade Commission (FTC), filed a lawsuit against popular video-sharing platform TikTok for "flagrantly violating" children's privacy laws in the country. The agencies claimed the company knowingly permitted children to create TikTok accounts and to view and share short-form videos and messages with adults and others on the service. They

Hackers Exploit Misconfigured Jupyter Notebooks with Repurposed Minecraft DDoS Tool https://thehackernews.com/2024/08/hackers-exploit-misconfigured-jupyter.html Cybersecurity researchers have disclosed details of a new distributed denial-of-service (DDoS) attack campaign targeting misconfigured Jupyter Notebooks. The activity, codenamed Panamorfi by cloud security firm Aqua, utilizes a Java-based tool called mineping to launch a TCP flood DDoS attack. Mineping is a DDoS package designed for Minecraft game servers. Attack chains entail the exploitation