fa
Feedback
TECHZONE™

TECHZONE™

رفتن به کانال در Telegram

TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news

نمایش بیشتر
595
مشترکین
-124 ساعت
اطلاعاتی وجود ندارد7 روز
-930 روز
آرشیو پست ها
APT41 Hackers Use ShadowPad, Cobalt Strike in Taiwanese Institute Cyber Attack https://thehackernews.com/2024/08/apt41-hackers-use-shadowpad-cobalt.html A Taiwanese government-affiliated research institute that specializes in computing and associated technologies was breached by nation-state threat actors with ties to China, according to new findings from Cisco Talos. The unnamed organization was targeted as early as mid-July 2023 to deliver a variety of backdoors and post-compromise tools like ShadowPad and Cobalt Strike. It has been attributed

APT28 Targets Diplomats with HeadLace Malware via Car Sale Phishing Lure https://thehackernews.com/2024/08/apt28-targets-diplomats-with-headlace.html A Russia-linked threat actor has been linked to a new campaign that employed a car for sale as a phishing lure to deliver a modular Windows backdoor called HeadLace. "The campaign likely targeted diplomats and began as early as March 2024," Palo Alto Networks Unit 42 said in a report published today, attributing it with medium to high level of confidence to APT28, which is also referred to as

Webinar: Discover the All-in-One Cybersecurity Solution for SMBs https://thehackernews.com/2024/08/webinar-discover-all-in-one.html In today's digital battlefield, small and medium businesses (SMBs) face the same cyber threats as large corporations, but with fewer resources. Managed service providers (MSPs) are struggling to keep up with the demand for protection. If your current cybersecurity strategy feels like a house of cards – a complex, costly mess of different vendors and tools – it's time for a change. Introducing

Mirai Botnet targeting OFBiz Servers Vulnerable to Directory Traversal https://thehackernews.com/2024/08/mirai-botnet-targeting-ofbiz-servers.html Enterprise Resource Planning (ERP) Software is at the heart of many enterprising supporting human resources, accounting, shipping, and manufacturing. These systems can become very complex and difficult to maintain. They are often highly customized, which can make patching difficult. However, critical vulnerabilities keep affecting these systems and put critical business data at risk.  The

New Windows Backdoor BITSLOTH Exploits BITS for Stealthy Communication https://thehackernews.com/2024/08/new-windows-backdoor-bitsloth-exploits.html Cybersecurity researchers have discovered a previously undocumented Windows backdoor that leverages a built-in feature called Background Intelligent Transfer Service (BITS) as a command-and-control (C2) mechanism. The newly identified malware strain has been codenamed BITSLOTH by Elastic Security Labs, which made the discovery on June 25, 2024, in connection with a cyber attack targeting an

U.S. Releases High-Profile Russian Hackers in Diplomatic Prisoner Exchange https://thehackernews.com/2024/08/us-releases-high-profile-russian.html In a historic prisoner exchange between Belarus, Germany, Norway, Russia, Slovenia, and the U.S., two Russian nationals serving time for cybercrime activities have been freed and repatriated to their country. This includes Roman Valerevich Seleznev and Vladislav Klyushin, who are part of a group of eight people who have been swapped back to Russia in exchange for the release of 16 people who

Cybercriminals Abusing Cloudflare Tunnels to Evade Detection and Spread Malware https://thehackernews.com/2024/08/cybercriminals-abusing-cloudflare.html Cybersecurity companies are warning about an uptick in the abuse of Clouflare's TryCloudflare free service for malware delivery. The activity, documented by both eSentire and Proofpoint, entails the use of TryCloudflare to create a one-time tunnel that acts as a conduit to relay traffic from an attacker-controlled server to a local machine through Cloudflare's infrastructure. Attack chains

The cyberthreat that drives businesses towards cyber risk insurance https://www.welivesecurity.com/en/business-security/cyberthreat-drives-businesses-cyber-risk-insurance/ Many smaller organizations are turning to cyber risk insurance, both to protect against the cost of a cyber incident and to use the extensive post-incident services that insurers provide

Over 1 Million Domains at Risk of 'Sitting Ducks' Domain Hijacking Technique https://thehackernews.com/2024/08/over-1-million-domains-at-risk-of.html Over a million domains are susceptible to takeover by malicious actors by means of what has been called a Sitting Ducks attack. The powerful attack vector, which exploits weaknesses in the domain name system (DNS), is being exploited by over a dozen Russian-nexus cybercriminal actors to stealthily hijack domains, a joint analysis published by Infoblox and Eclypsium has revealed. "In a Sitting

Hackers Distributing Malicious Python Packages via Popular Developer Q&A Platform https://thehackernews.com/2024/08/hackers-distributing-malicious-python.html In yet another sign that threat actors are always looking out for new ways to trick users into downloading malware, it has come to light that the question-and-answer (Q&A) platform known as Stack Exchange has been abused to direct unsuspecting developers to bogus Python packages capable of draining their cryptocurrency wallets. "Upon installation, this code would execute automatically,

New Android Banking Trojan BingoMod Steals Money, Wipes Devices https://thehackernews.com/2024/08/new-android-banking-trojan-bingomod.html Cybersecurity researchers have uncovered a new Android remote access trojan (RAT) called BingoMod that not only performs fraudulent money transfers from the compromised devices but also wipes them in an attempt to erase traces of the malware. Italian cybersecurity firm Cleafy, which discovered the RAT towards the end of May 2024, said the malware is under active development. It attributed the

Obfuscation: There Are Two Sides To Everything https://thehackernews.com/2024/08/obfuscation-there-are-two-sides-to.html How to detect and prevent attackers from using these various techniques Obfuscation is an important technique for protecting software that also carries risks, especially when used by malware authors. In this article, we examine obfuscation, its effects, and responses to it. What Is Obfuscation? Obfuscation is the technique of intentionally making information difficult to read, especially in

Google Chrome Adds App-Bound Encryption to Protect Cookies from Malware https://thehackernews.com/2024/08/google-chrome-adds-app-bound-encryption.html Google has announced that it's adding a new layer of protection to its Chrome browser through what's called app-bound encryption to prevent information-stealing malware from grabbing cookies on Windows systems. "On Windows, Chrome uses the Data Protection API (DPAPI) which protects the data at rest from other users on the system or cold boot attacks," Will Harris from the Chrome security team

Facebook Ads Lead to Fake Websites Stealing Credit Card Information https://thehackernews.com/2024/08/facebook-ads-lead-to-fake-websites.html Facebook users are the target of a scam e-commerce network that uses hundreds of fake websites to steal personal and financial data using brand impersonation and malvertising tricks. Recorded Future's Payment Fraud Intelligence team, which detected the campaign on April 17, 2024, has given it the name ERIAKOS owing to the use of the same content delivery network (CDN) oss.eriakos[.]com. "These

DigiCert to Revoke 83,000+ SSL Certificates Due to Domain Validation Oversight https://thehackernews.com/2024/07/digicert-to-revoke-83000-ssl.html Certificate authority (CA) DigiCert has warned that it will be revoking a subset of SSL/TLS certificates within 24 hours due to an oversight with how it verified if a digital certificate is issued to the rightful owner of a domain. The company said it will be taking the step of revoking certificates that do not have proper Domain Control Validation (DCV). "Before issuing a certificate to a

North Korea-Linked Malware Targets Developers on Windows, Linux, and macOS https://thehackernews.com/2024/07/north-korea-linked-malware-targets.html The threat actors behind an ongoing malware campaign targeting software developers have demonstrated new malware and tactics, expanding their focus to include Windows, Linux, and macOS systems. The activity cluster, dubbed DEV#POPPER and linked to North Korea, has been found to have singled out victims across South Korea, North America, Europe, and the Middle East. "This form of attack is an

Chinese Hackers Target Japanese Firms with LODEINFO and NOOPDOOR Malware https://thehackernews.com/2024/07/chinese-hackers-target-japanese-firms.html Japanese organizations are the target of a Chinese nation-state threat actor that leverages malware families like LODEINFO and NOOPDOOR to harvest sensitive information from compromised hosts while stealthily remaining under the radar in some cases for a time period ranging from two to three years. Israeli cybersecurity company Cybereason is tracking the campaign under the name Cuckoo Spear,

How To Get the Most From Your Security Team’s Email Alert Budget https://thehackernews.com/2024/07/how-to-get-most-from-your-security.html We’ll TL;DR the FUDdy introduction: we all know that phishing attacks are on the rise in scale and complexity, that AI is enabling more sophisticated attacks that evade traditional defenses, and the never-ending cybersecurity talent gap means we’re all struggling to keep security teams fully staffed.  Given that reality, security teams need to be able to monitor and respond to threats

Cybercriminals Deploy 100K+ Malware Android Apps to Steal OTP Codes https://thehackernews.com/2024/07/cybercriminals-deploy-100k-malware.html A new malicious campaign has been observed making use of malicious Android apps to steal users' SMS messages since at least February 2022 as part of a large-scale campaign. The malicious apps, spanning over 107,000 unique samples, are designed to intercept one-time passwords (OTPs) used for online account verification to commit identity fraud. "Of those 107,000 malware samples, over 99,000 of

Cyber Espionage Group XDSpy Targets Companies in Russia and Moldova https://thehackernews.com/2024/07/cyber-espionage-group-xdspy-targets.html Companies in Russia and Moldova have been the target of a phishing campaign orchestrated by a little-known cyber espionage group known as XDSpy. The findings come from cybersecurity firm F.A.C.C.T., which said the infection chains lead to the deployment of a malware called DSDownloader. The activity was observed this month, it added. XDSpy is a threat actor of indeterminate origin that was first