TECHZONE™
Открыть в Telegram
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
Больше595
Подписчики
-124 часа
Нет данных7 дней
-930 день
Архив постов
595
AI-aided malvertising: Exploiting a chatbot to spread scams
https://www.welivesecurity.com/en/social-media/ai-aided-malvertising-chatbot-scams/
Cybercriminals have tricked X’s AI chatbot into promoting phishing scams in a technique that has been nicknamed “Grokking”. Here’s what to know about it.
595
How Uber seems to know where you are – even with restricted location permissions
https://www.welivesecurity.com/en/privacy/how-uber-seems-know-where-you-are-restricted-location-permissions/
Is the ride-hailing app secretly tracking you? Not really, but this iOS feature may make it feel that way.
595
Cybersecurity Awareness Month 2025: Passwords alone are not enough
https://www.welivesecurity.com/en/videos/cybersecurity-awareness-month-2025-passwords-alone-are-not-enough/
Never rely on just a password, however strong it may be. Multi-factor authentication is essential for anyone who wants to protect their online accounts from intruders.
595
The case for cybersecurity: Why successful businesses are built on protection
https://www.welivesecurity.com/en/business-security/case-cybersecurity-successful-businesses-built-protection/
Company leaders need to recognize the gravity of cyber risk, turn awareness into action, and put security front and center
595
Beware of threats lurking in booby-trapped PDF files
https://www.welivesecurity.com/en/malware/threats-lurking-pdf-files/
Looks can be deceiving, so much so that the familiar icon could mask malware designed to steal your data and money.
595
Manufacturing under fire: Strengthening cyber-defenses amid surging threats
https://www.welivesecurity.com/en/business-security/manufacturing-fire-strengthening-cyber-defenses-surging-threats/
Manufacturers operate in one of the most unforgiving threat environments and face a unique set of pressures that make attacks particularly damaging
595
New spyware campaigns target privacy-conscious Android users in the UAE
https://www.welivesecurity.com/en/eset-research/new-spyware-campaigns-target-privacy-conscious-android-users-uae/
ESET researchers have discovered campaigns distributing spyware disguised as Android Signal and ToTok apps, targeting users in the United Arab Emirates
595
Cybersecurity Awareness Month 2025: Knowledge is power
https://www.welivesecurity.com/en/videos/cybersecurity-awareness-month-2025-knowledge-power/
We're kicking off the month with a focus on the human element: the first line of defense, but also the path of least resistance for many cybercriminals
595
This month in security with Tony Anscombe – September 2025 edition
https://www.welivesecurity.com/en/videos/month-security-tony-anscombe-september-2025-edition/
The past 30 days have seen no shortage of new threats and incidents that brought into sharp relief the need for well-thought-out cyber-resilience plans
595
Roblox executors: It’s all fun and games until someone gets hacked
https://www.welivesecurity.com/en/kids-online/roblox-executors-fun-games-someone-gets-hacked/
You could be getting more than you bargained for when you download that cheat tool promising quick wins
595
DeceptiveDevelopment: From primitive crypto theft to sophisticated AI-based deception
https://www.welivesecurity.com/en/eset-research/deceptivedevelopment-from-primitive-crypto-theft-to-sophisticated-ai-based-deception/
Malware operators collaborate with covert North Korean IT workers, posing a threat to both headhunters and job seekers
595
Watch out for SVG files booby-trapped with malware
https://www.welivesecurity.com/en/malware/svg-files-spreading-malware/
What you see is not always what you get as cybercriminals increasingly weaponize SVG files as delivery vectors for stealthy malware
595
Cybercriminals Exploit Remote Monitoring Tools to Infiltrate Logistics and Freight Networks
https://thehackernews.com/2025/11/cybercriminals-exploit-remote.html
Bad actors are increasingly training their sights on trucking and logistics companies with an aim to infect them with remote monitoring and management (RMM) software for financial gain and ultimately steal cargo freight.
The threat cluster, believed to be active since at least June 2025 according to Proofpoint, is said to be collaborating with organized crime groups to break into entities in the
595
⚡ Weekly Recap: Lazarus Hits Web3, Intel/AMD TEEs Cracked, Dark Web Leak Tool & More
https://thehackernews.com/2025/11/weekly-recap-lazarus-hits-web3-intelamd.html
Cyberattacks are getting smarter and harder to stop. This week, hackers used sneaky tools, tricked trusted systems, and quickly took advantage of new security problems—some just hours after being found. No system was fully safe.
From spying and fake job scams to strong ransomware and tricky phishing, the attacks came from all sides. Even encrypted backups and secure areas were put to the test.
595
The Evolution of SOC Operations: How Continuous Exposure Management Transforms Security Operations
https://thehackernews.com/2025/11/the-evolution-of-soc-operations-how.html
Security Operations Centers (SOC) today are overwhelmed. Analysts handle thousands of alerts every day, spending much time chasing false positives and adjusting detection rules reactively. SOCs often lack the environmental context and relevant threat intelligence needed to quickly verify which alerts are truly malicious. As a result, analysts spend excessive time manually triaging alerts, the
595
Researchers Uncover BankBot-YNRK and DeliveryRAT Android Trojans Stealing Financial Data
https://thehackernews.com/2025/11/researchers-uncover-bankbot-ynrk-and.html
Cybersecurity researchers have shed light on two different Android trojans called BankBot-YNRK and DeliveryRAT that are capable of harvesting sensitive data from compromised devices.
According to CYFIRMA, which analyzed three different samples of BankBot-YNRK, the malware incorporates features to sidestep analysis efforts by first checking its running within a virtualized or emulated environment
595
New HttpTroy Backdoor Poses as VPN Invoice in Targeted Cyberattack on South Korea
https://thehackernews.com/2025/11/new-httptroy-backdoor-poses-as-vpn.html
The North Korea-linked threat actor known as Kimsuky has distributed a previously undocumented backdoor codenamed HttpTroy as part of a likely spear-phishing attack targeting a single victim in South Korea.
Gen Digital, which disclosed details of the activity, did not reveal any details on when the incident occurred, but noted that the phishing email contained a ZIP file ("250908_A_HK이노션
595
ASD Warns of Ongoing BADCANDY Attacks Exploiting Cisco IOS XE Vulnerability
https://thehackernews.com/2025/11/asd-warns-of-ongoing-badcandy-attacks.html
The Australian Signals Directorate (ASD) has issued a bulletin about ongoing cyber attacks targeting unpatched Cisco IOS XE devices in the country with a previously undocumented implant known as BADCANDY.
The activity, per the intelligence agency, involves the exploitation of CVE-2023-20198 (CVSS score: 10.0), a critical vulnerability that allows a remote, unauthenticated attacker to create an
595
CISA and NSA Issue Urgent Guidance to Secure WSUS and Microsoft Exchange Servers
https://thehackernews.com/2025/10/cisa-and-nsa-issue-urgent-guidance-to.html
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and National Security Agency (NSA), along with international partners from Australia and Canada, have released guidance to harden on-premise Microsoft Exchange Server instances from potential exploitation.
"By restricting administrative access, implementing multi-factor authentication, enforcing strict transport security
595
Eclipse Foundation Revokes Leaked Open VSX Tokens Following Wiz Discovery
https://thehackernews.com/2025/10/eclipse-foundation-revokes-leaked-open.html
Eclipse Foundation, which maintains the open-source Open VSX project, said it has taken steps to revoke a small number of tokens that were leaked within Visual Studio Code (VS Code) extensions published in the marketplace.
The action comes following a report from cloud security company Wiz earlier this month, which found several extensions from both Microsoft's VS Code Marketplace and Open VSX
