fa
Feedback
TECHZONE™

TECHZONE™

رفتن به کانال در Telegram

TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news

نمایش بیشتر
595
مشترکین
-124 ساعت
اطلاعاتی وجود ندارد7 روز
-930 روز
آرشیو پست ها
Meta Settles for $1.4 Billion with Texas Over Illegal Biometric Data Collection https://thehackernews.com/2024/07/meta-settles-for-14-billion-with-texas.html Meta, the parent company of Facebook, Instagram, and WhatsApp, agreed to a record $1.4 billion settlement with the U.S. state of Texas over allegations that it illegally collected biometric data of millions of users without their permission, marking one of the largest penalties levied by regulators against the tech giant. "This historic settlement demonstrates our commitment to standing up to

Phishing targeting Polish SMBs continues via ModiLoader https://www.welivesecurity.com/en/eset-research/phishing-targeting-polish-smbs-continues-modiloader/ ESET researchers detected multiple, widespread phishing campaigns targeting SMBs in Poland during May 2024, distributing various malware families

New Mandrake Spyware Found in Google Play Store Apps After Two Years https://thehackernews.com/2024/07/new-mandrake-spyware-found-in-google.html A new iteration of a sophisticated Android spyware called Mandrake has been discovered in five applications that were available for download from the Google Play Store and remained undetected for two years. The applications attracted a total of more than 32,000 installations before being pulled from the app storefront, Kaspersky said in a Monday write-up. A majority of the downloads originated

The Power and Peril of RMM Tools https://thehackernews.com/2024/07/the-power-and-peril-of-rmm-tools.html As more people work remotely, IT departments must manage devices distributed over different cities and countries relying on VPNs and remote monitoring and management (RMM) tools for system administration.  However, like any new technology, RMM tools can also be used maliciously. Threat actors can establish connections to a victim's device and run commands, exfiltrate data, and stay

Cybercriminals Target Polish Businesses with Agent Tesla and Formbook Malware https://thehackernews.com/2024/07/cybercriminals-target-polish-businesses.html Cybersecurity researchers have detailed widespread phishing campaigns targeting small and medium-sized businesses (SMBs) in Poland during May 2024 that led to the deployment of several malware families like Agent Tesla, Formbook, and Remcos RAT. Some of the other regions targeted by the campaigns include Italy and Romania, according to cybersecurity firm ESET. "Attackers used previously

Cyber Threat Intelligence: Illuminating the Deep, Dark Cybercriminal Underground https://thehackernews.com/2024/07/cyber-threat-intelligence-illuminating.html Learn about critical threats that can impact your organization and the bad actors behind them from Cybersixgill’s threat experts. Each story shines a light on underground activities, the threat actors involved, and why you should care, along with what you can do to mitigate risk.  The deep and dark web, otherwise known as the cybercriminal underground, is where malicious actors gather to

New SideWinder Cyber Attacks Target Maritime Facilities in Multiple Countries https://thehackernews.com/2024/07/new-sidewinder-cyber-attacks-target.html The nation-state threat actor known as SideWinder has been attributed to a new cyber espionage campaign targeting ports and maritime facilities in the Indian Ocean and Mediterranean Sea. The BlackBerry Research and Intelligence Team, which discovered the activity, said targets of the spear-phishing campaign include countries like Pakistan, Egypt, Sri Lanka, Bangladesh, Myanmar, Nepal, and the

Beware of fake AI tools masking very real malware threats https://www.welivesecurity.com/en/cybersecurity/beware-fake-ai-tools-masking-very-real-malware-threat/ Ever attuned to the latest trends, cybercriminals distribute malicious tools that pose as ChatGPT, Midjourney and other generative AI assistants

OneDrive Phishing Scam Tricks Users into Running Malicious PowerShell Script https://thehackernews.com/2024/07/onedrive-phishing-scam-tricks-users.html Cybersecurity researchers are warning about a new phishing campaign that targets Microsoft OneDrive users with the aim of executing a malicious PowerShell script. "This campaign heavily relies on social engineering tactics to deceive users into executing a PowerShell script, thereby compromising their systems," Trellix security researcher Rafael Pena said in a Monday analysis. The cybersecurity

VMware ESXi Flaw Exploited by Ransomware Groups for Admin Access https://thehackernews.com/2024/07/vmware-esxi-flaw-exploited-by.html A recently patched security flaw impacting VMware ESXi hypervisors has been actively exploited by "several" ransomware groups to gain elevated permissions and deploy file-encrypting malware. The attacks involve the exploitation of CVE-2024-37085 (CVSS score: 6.8), an Active Directory integration authentication bypass that allows an attacker to obtain administrative access to the host. "A

Critical Flaw in Acronis Cyber Infrastructure Exploited in the Wild https://thehackernews.com/2024/07/critical-flaw-in-acronis-cyber.html Cybersecurity company Acronis is warning that a now-patched critical security flaw impacting its Cyber Infrastructure (ACI) product has been exploited in the wild. The vulnerability, tracked as CVE-2023-45249 (CVSS score: 9.8), concerns a case of remote code execution that stems from the use of default passwords. The flaw impacts the following versions of Acronis Cyber Infrastructure (ACI) - &

Proofpoint Email Routing Flaw Exploited to Send Millions of Spoofed Phishing Emails https://thehackernews.com/2024/07/proofpoint-email-routing-flaw-exploited.html An unknown threat actor has been linked to a massive scam campaign that exploited an email routing misconfiguration in email security vendor Proofpoint's defenses to send millions of messages spoofing various legitimate companies. "These emails echoed from official Proofpoint email relays with authenticated SPF and DKIM signatures, thus bypassing major security protections — all to deceive

How Searchable Encryption Changes the Data Security Game https://thehackernews.com/2024/07/how-searchable-encryption-changes-data.html Searchable Encryption has long been a mystery. An oxymoron. An unattainable dream of cybersecurity professionals everywhere. Organizations know they must encrypt their most valuable, sensitive data to prevent data theft and breaches. They also understand that organizational data exists to be used. To be searched, viewed, and modified to keep businesses running. Unfortunately, our Network and

'Stargazer Goblin' Creates 3,000 Fake GitHub Accounts for Malware Spread https://thehackernews.com/2024/07/stargazer-goblin-creates-3000-fake.html A threat actor known as Stargazer Goblin has set up a network of inauthentic GitHub accounts to fuel a Distribution-as-a-Service (DaaS) that propagates a variety of information-stealing malware and netting them $100,000 in illicit profits over the past year. The network, which comprises over 3,000 accounts on the cloud-based code hosting platform, spans thousands of repositories that are used to

Gh0st RAT Trojan Targets Chinese Windows Users via Fake Chrome Site https://thehackernews.com/2024/07/gh0st-rat-trojan-targets-chinese.html The remote access trojan known as Gh0st RAT has been observed being delivered by an "evasive dropper" called Gh0stGambit as part of a drive-by download scheme targeting Chinese-speaking Windows users. These infections stem from a fake website ("chrome-web[.]com") serving malicious installer packages masquerading as Google's Chrome browser, indicating that users searching for the software on the

Telegram for Android hit by a zero-day exploit – Week in security with Tony Anscombe https://www.welivesecurity.com/en/videos/telegram-android-hit-zero-day-exploit-week-security-tony-anscombe/ Attackers abusing the "EvilVideo" vulnerability could share malicious Android payloads via Telegram channels, groups, and chats, all while making them appear as legitimate multimedia files

French Authorities Launch Operation to Remove PlugX Malware from Infected Systems https://thehackernews.com/2024/07/french-authorities-launch-operation-to.html French judicial authorities, in collaboration with Europol, have launched a so-called "disinfection operation" to rid compromised hosts of a known malware called PlugX. The Paris Prosecutor's Office, Parquet de Paris, said the initiative was launched on July 18 and that it's expected to continue for "several months." It further said around a hundred victims located in France, Malta, Portugal,

Malicious PyPI Package Targets macOS to Steal Google Cloud Credentials https://thehackernews.com/2024/07/malicious-pypi-package-targets-macos-to.html Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that targets Apple macOS systems with the goal of stealing users' Google Cloud credentials from a narrow pool of victims. The package, named "lr-utils-lib," attracted a total of 59 downloads before it was taken down. It was uploaded to the registry in early June 2024. "The malware uses a

This AI-Powered Cybercrime Service Bundles Phishing Kits with Malicious Android Apps https://thehackernews.com/2024/07/spanish-hackers-bundle-phishing-kits.html A Spanish-speaking cybercrime group named GXC Team has been observed bundling phishing kits with malicious Android applications, taking malware-as-a-service (MaaS) offerings to the next level. Singaporean cybersecurity company Group-IB, which has been tracking the e-crime actor since January 2023, described the crimeware solution as a "sophisticated AI-powered phishing-as-a-service platform"

Offensive AI: The Sine Qua Non of Cybersecurity https://thehackernews.com/2024/07/offensive-ai-sine-qua-non-of.html "Peace is the virtue of civilization. War is its crime. Yet it is often in the furnace of war that the sharpest tools of peace are forged." - Victor Hugo. In 1971, an unsettling message started appearing on several computers that comprised ARPANET, the precursor to what we now know as the Internet. The message, which read "I'm the Creeper: catch me if you can." was the output of a program named