TECHZONE™
Открыть в Telegram
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
Больше593
Подписчики
-124 часа
-27 дней
-830 день
Архив постов
593
APT-C-60 Hackers Exploit StatCounter and Bitbucket in SpyGlace Malware Campaign
https://thehackernews.com/2024/11/apt-c-60-exploits-wps-office.html
The threat actor known as APT-C-60 has been linked to a cyber attack targeting an unnamed organization in Japan that used a job application-themed lure to deliver the SpyGlace backdoor.
That's according to findings from JPCERT/CC, which said the intrusion leveraged legitimate services like Google Drive, Bitbucket, and StatCounter. The attack was carried out around August 2024.
"In this attack,
593
INTERPOL Busts African Cybercrime: 1,006 Arrests, 134,089 Malicious Networks Dismantled
https://thehackernews.com/2024/11/interpol-busts-african-cybercrime-1006.html
An INTERPOL-led operation has led to the arrest of 1,006 suspects across 19 African countries and the takedown of 134,089 malicious infrastructures and networks as part of a coordinated effort to disrupt cybercrime in the continent.
Dubbed Serengeti, the law enforcement exercise took place between September 2 and October 31, 2024, and targeted criminals behind ransomware, business email
593
Matrix Botnet Exploits IoT Devices in Widespread DDoS Botnet Campaign
https://thehackernews.com/2024/11/matrix-botnet-exploits-iot-devices-in.html
A threat actor named Matrix has been linked to a widespread distributed denial-of-service (DoD) campaign that leverages vulnerabilities and misconfigurations in Internet of Things (IoT) devices to co-opt them into a disruptive botnet.
"This operation serves as a comprehensive one-stop shop for scanning, exploiting vulnerabilities, deploying malware, and setting up shop kits, showcasing a
593
Critical WordPress Anti-Spam Plugin Flaws Expose 200,000+ Sites to Remote Attacks
https://thehackernews.com/2024/11/critical-wordpress-anti-spam-plugin.html
Two critical security flaws impacting the Spam protection, Anti-Spam, and FireWall plugin WordPress could allow an unauthenticated attacker to install and enable malicious plugins on susceptible sites and potentially achieve remote code execution.
The vulnerabilities, tracked as CVE-2024-10542 and CVE-2024-10781, carry a CVSS score of 9.8 out of a maximum of 10.0. They were addressed in versions
593
Intruder Launches Intel: A Free Vulnerability Intelligence Platform For Staying Ahead of the Latest Threats
https://thehackernews.com/2024/11/intruder-launches-intel-free.html
When CVEs go viral, separating critical vulnerabilities from the noise is essential to protecting your organization. That’s why Intruder, a leader in attack surface management, built Intel - a free vulnerability intelligence platform designed to help you act fast and prioritize real threats.
What is Intel?
Intel was created to fill a gap in the resources available for tracking emerging
593
RomCom Exploits Zero-Day Firefox and Windows Flaws in Sophisticated Cyberattacks
https://thehackernews.com/2024/11/romcom-exploits-zero-day-firefox-and.html
The Russia-aligned threat actor known as RomCom has been linked to the zero-day exploitation of two security flaws, one in Mozilla Firefox and the other in Microsoft Windows, as part of attacks designed to deliver the eponymous backdoor on victim systems.
"In a successful attack, if a victim browses a web page containing the exploit, an adversary can run arbitrary code – without any user
593
Chinese Hackers Use GHOSTSPIDER Malware to Hack Telecoms Across 12+ Countries
https://thehackernews.com/2024/11/chinese-hackers-use-ghostspider-malware.html
The China-linked threat actor known as Earth Estries has been observed using a previously undocumented backdoor called GHOSTSPIDER as part of its attacks targeting Southeast Asian telecommunications companies.
Trend Micro, which described the hacking group as an aggressive advanced persistent threat (APT), said the intrusions also involved the use of another cross-platform backdoor dubbed
593
CISA Urges Agencies to Patch Critical "Array Networks" Flaw Amid Active Attacks
https://thehackernews.com/2024/11/cisa-urges-agencies-to-patch-critical.html
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a now-patched critical security flaw impacting Array Networks AG and vxAG secure access gateways to its Known Exploited Vulnerabilities (KEV) catalog following reports of active exploitation in the wild.
The vulnerability, tracked as CVE-2023-28461 (CVSS score: 9.8), concerns a case of missing authentication that
593
Google's New Restore Credentials Tool Simplifies App Login After Android Migration
https://thehackernews.com/2024/11/googles-new-restore-credentials-tool.html
Google has introduced a new feature called Restore Credentials to help users restore their account access to third-party apps securely after migrating to a new Android device.
Part of Android's Credential Manager API, the feature aims to reduce the hassle of re-entering the login credentials for every app during the handset replacement.
"With Restore Credentials, apps can seamlessly onboard
593
PyPI Python Library "aiocpa" Found Exfiltrating Crypto Keys via Telegram Bot
https://thehackernews.com/2024/11/pypi-python-library-aiocpa-found.html
The administrators of the Python Package Index (PyPI) repository have quarantined the package "aiocpa" following a new update that included malicious code to exfiltrate private keys via Telegram.
The package in question is described as a synchronous and asynchronous Crypto Pay API client. The package, originally released in September 2024, has been downloaded 12,100 times to date.
By putting the
593
Flying Under the Radar - Security Evasion Techniques
https://thehackernews.com/2024/11/flying-under-radar-security-evasion.html
Dive into the evolution of phishing and malware evasion techniques and understand how attackers are using increasingly sophisticated methods to bypass security measures.
The Evolution of Phishing Attacks
“I really like the saying that ‘This is out of scope’ said no hacker ever. Whether it’s tricks, techniques or technologies, hackers will do anything to evade detection and make sure their
593
THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 18 - Nov 24)
https://thehackernews.com/2024/11/thn-recap-top-cybersecurity-threats_25.html
We hear terms like “state-sponsored attacks” and “critical vulnerabilities” all the time, but what’s really going on behind those words? This week’s cybersecurity news isn’t just about hackers and headlines—it’s about how digital risks shape our lives in ways we might not even realize.
For instance, telecom networks being breached isn’t just about stolen data—it’s about power. Hackers are
593
Researchers Uncover Malware Using BYOVD to Bypass Antivirus Protections
https://thehackernews.com/2024/11/researchers-uncover-malware-using-byovd.html
Cybersecurity researchers have uncovered a new malicious campaign that leverages a technique called Bring Your Own Vulnerable Driver (BYOVD) to disarm security protections and ultimately gain access to the infected system.
"This malware takes a more sinister route: it drops a legitimate Avast Anti-Rootkit driver (aswArPot.sys) and manipulates it to carry out its destructive agenda," Trellix
593
Google Exposes GLASSBRIDGE: A Pro-China Influence Network of Fake News Sites
https://thehackernews.com/2024/11/google-exposes-glassbridge-pro-china.html
Government agencies and non-governmental organizations in the United States have become the target of a nascent China state threat actor known as Storm-2077.
The adversary, believed to be active since at least January 2024, has also conducted cyber attacks against the Defense Industrial Base (DIB), aviation, telecommunications, and financial and legal services across the world, Microsoft said.
593
North Korean Hackers Steal $10M with AI-Driven Scams and Malware on LinkedIn
https://thehackernews.com/2024/11/north-korean-hackers-steal-10m-with-ai.html
The North Korea-linked threat actor known as Sapphire Sleet is estimated to have stolen more than $10 million worth of cryptocurrency as part of social engineering campaigns orchestrated over a six-month period.
These findings come from Microsoft, which said that multiple threat activity clusters with ties to the country have been observed creating fake profiles on LinkedIn, posing as both
593
APT-K-47 Uses Hajj-Themed Lures to Deliver Advanced Asyncshell Malware
https://thehackernews.com/2024/11/apt-k-47-uses-hajj-themed-lures-to.html
The threat actor known as Mysterious Elephant has been observed using an advanced version of malware called Asynshell.
The attack campaign is said to have used Hajj-themed lures to trick victims into executing a malicious payload under the guise of a Microsoft Compiled HTML Help (CHM) file, the Knownsec 404 team said in an analysis published today.
Mysterious Elephant, which is also known as
593
Russian Hackers Deploy HATVIBE and CHERRYSPY Malware Across Europe and Asia
https://thehackernews.com/2024/11/russian-hackers-deploy-hatvibe-and.html
Threat actors with ties to Russia have been linked to a cyber espionage campaign aimed at organizations in Central Asia, East Asia, and Europe.
Recorded Future's Insikt Group, which has assigned the activity cluster the name TAG-110, said it overlaps with a threat group tracked by the Computer Emergency Response Team of Ukraine (CERT-UA) as UAC-0063, which, in turn, overlaps with APT28. The
593
Unlocking Google Workspace Security: Are You Doing Enough to Protect Your Data?
https://thehackernews.com/2024/11/the-importance-of%20having-a-google-workspace-backup-solution.html
Google Workspace has quickly become the productivity backbone for businesses worldwide, offering an all-in-one suite with email, cloud storage and collaboration tools. This single-platform approach makes it easy for teams to connect and work efficiently, no matter where they are, enabling seamless digital transformation that’s both scalable and adaptable.
As companies shift from traditional,
593
Microsoft, Meta, and DOJ Disrupt Global Cybercrime and Fraudulent Networks
https://thehackernews.com/2024/11/microsoft-meta-and-doj-disrupt-global.html
Meta Platforms, Microsoft, and the U.S. Department of Justice (DoJ) have announced independent actions to tackle cybercrime and disrupt services that enable scams, fraud, and phishing attacks.
To that end, Microsoft's Digital Crimes Unit (DCU) said it seized 240 fraudulent websites associated with an Egypt-based cybercrime facilitator named Abanoub Nady (aka MRxC0DER and mrxc0derii), who
593
PyPI Attack: ChatGPT, Claude Impersonators Deliver JarkaStealer via Python Libraries
https://thehackernews.com/2024/11/pypi-attack-chatgpt-claude.html
Cybersecurity researchers have discovered two malicious packages uploaded to the Python Package Index (PyPI) repository that impersonated popular artificial intelligence (AI) models like OpenAI ChatGPT and Anthropic Claude to deliver an information stealer called JarkaStealer.
The packages, named gptplus and claudeai-eng, were uploaded by a user named "Xeroline" in November 2023, attracting
