ru
Feedback
TECHZONE™

TECHZONE™

Открыть в Telegram

TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news

Больше
595
Подписчики
-124 часа
Нет данных7 дней
-930 день
Архив постов
AI-aided malvertising: Exploiting a chatbot to spread scams https://www.welivesecurity.com/en/social-media/ai-aided-malvertising-chatbot-scams/ Cybercriminals have tricked X’s AI chatbot into promoting phishing scams in a technique that has been nicknamed “Grokking”. Here’s what to know about it.

How Uber seems to know where you are – even with restricted location permissions https://www.welivesecurity.com/en/privacy/how-uber-seems-know-where-you-are-restricted-location-permissions/ Is the ride-hailing app secretly tracking you? Not really, but this iOS feature may make it feel that way.

Cybersecurity Awareness Month 2025: Passwords alone are not enough https://www.welivesecurity.com/en/videos/cybersecurity-awareness-month-2025-passwords-alone-are-not-enough/ Never rely on just a password, however strong it may be. Multi-factor authentication is essential for anyone who wants to protect their online accounts from intruders.

The case for cybersecurity: Why successful businesses are built on protection https://www.welivesecurity.com/en/business-security/case-cybersecurity-successful-businesses-built-protection/ Company leaders need to recognize the gravity of cyber risk, turn awareness into action, and put security front and center

Beware of threats lurking in booby-trapped PDF files https://www.welivesecurity.com/en/malware/threats-lurking-pdf-files/ Looks can be deceiving, so much so that the familiar icon could mask malware designed to steal your data and money.

Manufacturing under fire: Strengthening cyber-defenses amid surging threats https://www.welivesecurity.com/en/business-security/manufacturing-fire-strengthening-cyber-defenses-surging-threats/ Manufacturers operate in one of the most unforgiving threat environments and face a unique set of pressures that make attacks particularly damaging

New spyware campaigns target privacy-conscious Android users in the UAE https://www.welivesecurity.com/en/eset-research/new-spyware-campaigns-target-privacy-conscious-android-users-uae/ ESET researchers have discovered campaigns distributing spyware disguised as Android Signal and ToTok apps, targeting users in the United Arab Emirates

Cybersecurity Awareness Month 2025: Knowledge is power https://www.welivesecurity.com/en/videos/cybersecurity-awareness-month-2025-knowledge-power/ We're kicking off the month with a focus on the human element: the first line of defense, but also the path of least resistance for many cybercriminals

This month in security with Tony Anscombe – September 2025 edition https://www.welivesecurity.com/en/videos/month-security-tony-anscombe-september-2025-edition/ The past 30 days have seen no shortage of new threats and incidents that brought into sharp relief the need for well-thought-out cyber-resilience plans

Roblox executors: It’s all fun and games until someone gets hacked https://www.welivesecurity.com/en/kids-online/roblox-executors-fun-games-someone-gets-hacked/ You could be getting more than you bargained for when you download that cheat tool promising quick wins

DeceptiveDevelopment: From primitive crypto theft to sophisticated AI-based deception https://www.welivesecurity.com/en/eset-research/deceptivedevelopment-from-primitive-crypto-theft-to-sophisticated-ai-based-deception/ Malware operators collaborate with covert North Korean IT workers, posing a threat to both headhunters and job seekers

Watch out for SVG files booby-trapped with malware https://www.welivesecurity.com/en/malware/svg-files-spreading-malware/ What you see is not always what you get as cybercriminals increasingly weaponize SVG files as delivery vectors for stealthy malware

Cybercriminals Exploit Remote Monitoring Tools to Infiltrate Logistics and Freight Networks https://thehackernews.com/2025/11/cybercriminals-exploit-remote.html Bad actors are increasingly training their sights on trucking and logistics companies with an aim to infect them with remote monitoring and management (RMM) software for financial gain and ultimately steal cargo freight. The threat cluster, believed to be active since at least June 2025 according to Proofpoint, is said to be collaborating with organized crime groups to break into entities in the

⚡ Weekly Recap: Lazarus Hits Web3, Intel/AMD TEEs Cracked, Dark Web Leak Tool & More https://thehackernews.com/2025/11/weekly-recap-lazarus-hits-web3-intelamd.html Cyberattacks are getting smarter and harder to stop. This week, hackers used sneaky tools, tricked trusted systems, and quickly took advantage of new security problems—some just hours after being found. No system was fully safe. From spying and fake job scams to strong ransomware and tricky phishing, the attacks came from all sides. Even encrypted backups and secure areas were put to the test.

The Evolution of SOC Operations: How Continuous Exposure Management Transforms Security Operations https://thehackernews.com/2025/11/the-evolution-of-soc-operations-how.html Security Operations Centers (SOC) today are overwhelmed. Analysts handle thousands of alerts every day, spending much time chasing false positives and adjusting detection rules reactively. SOCs often lack the environmental context and relevant threat intelligence needed to quickly verify which alerts are truly malicious. As a result, analysts spend excessive time manually triaging alerts, the

Researchers Uncover BankBot-YNRK and DeliveryRAT Android Trojans Stealing Financial Data https://thehackernews.com/2025/11/researchers-uncover-bankbot-ynrk-and.html Cybersecurity researchers have shed light on two different Android trojans called BankBot-YNRK and DeliveryRAT that are capable of harvesting sensitive data from compromised devices. According to CYFIRMA, which analyzed three different samples of BankBot-YNRK, the malware incorporates features to sidestep analysis efforts by first checking its running within a virtualized or emulated environment

New HttpTroy Backdoor Poses as VPN Invoice in Targeted Cyberattack on South Korea https://thehackernews.com/2025/11/new-httptroy-backdoor-poses-as-vpn.html The North Korea-linked threat actor known as Kimsuky has distributed a previously undocumented backdoor codenamed HttpTroy as part of a likely spear-phishing attack targeting a single victim in South Korea. Gen Digital, which disclosed details of the activity, did not reveal any details on when the incident occurred, but noted that the phishing email contained a ZIP file ("250908_A_HK이노션

ASD Warns of Ongoing BADCANDY Attacks Exploiting Cisco IOS XE Vulnerability https://thehackernews.com/2025/11/asd-warns-of-ongoing-badcandy-attacks.html The Australian Signals Directorate (ASD) has issued a bulletin about ongoing cyber attacks targeting unpatched Cisco IOS XE devices in the country with a previously undocumented implant known as BADCANDY. The activity, per the intelligence agency, involves the exploitation of CVE-2023-20198 (CVSS score: 10.0), a critical vulnerability that allows a remote, unauthenticated attacker to create an

CISA and NSA Issue Urgent Guidance to Secure WSUS and Microsoft Exchange Servers https://thehackernews.com/2025/10/cisa-and-nsa-issue-urgent-guidance-to.html The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and National Security Agency (NSA), along with international partners from Australia and Canada, have released guidance to harden on-premise Microsoft Exchange Server instances from potential exploitation. "By restricting administrative access, implementing multi-factor authentication, enforcing strict transport security

Eclipse Foundation Revokes Leaked Open VSX Tokens Following Wiz Discovery https://thehackernews.com/2025/10/eclipse-foundation-revokes-leaked-open.html Eclipse Foundation, which maintains the open-source Open VSX project, said it has taken steps to revoke a small number of tokens that were leaked within Visual Studio Code (VS Code) extensions published in the marketplace. The action comes following a report from cloud security company Wiz earlier this month, which found several extensions from both Microsoft's VS Code Marketplace and Open VSX