TECHZONE™
Открыть в Telegram
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
Больше593
Подписчики
-124 часа
-27 дней
-830 день
Архив постов
593
U.S. Sanctions Russians Behind 'Doppelganger' Cyber Influence Campaign
https://thehackernews.com/2024/03/us-sanctions-russians-behind.html
The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) on Wednesday announced sanctions against two 46-year-old Russian nationals and the respective companies they own for engaging in cyber influence operations.
Ilya Andreevich Gambashidze (Gambashidze), the founder of the Moscow-based company Social Design Agency (SDA), and Nikolai Aleksandrovich Tupikin (Tupikin), the CEO and
593
Rescoms rides waves of AceCryptor spam
https://www.welivesecurity.com/en/eset-research/rescoms-rides-waves-acecryptor-spam/
Insight into ESET telemetry statistics about AceCryptor in H2 2023 with a focus on Rescoms campaigns in European countries
593
Ivanti Releases Urgent Fix for Critical Sentry RCE Vulnerability
https://thehackernews.com/2024/03/ivanti-releases-urgent-fix-for-critical.html
Ivanti has disclosed details of a critical remote code execution flaw impacting Standalone Sentry, urging customers to apply the fixes immediately to stay protected against potential cyber threats.
Tracked as CVE-2023-41724, the vulnerability carries a CVSS score of 9.6.
"An unauthenticated threat actor can execute arbitrary commands on the underlying operating system of the appliance
593
Atlassian Releases Fixes for Over 2 Dozen Flaws, Including Critical Bamboo Bug
https://thehackernews.com/2024/03/atlassian-releases-fixes-for-over-2.html
Atlassian has released patches for more than two dozen security flaws, including a critical bug impacting Bamboo Data Center and Server that could be exploited without requiring user interaction.
Tracked as CVE-2024-1597, the vulnerability carries a CVSS score of 10.0, indicating maximum severity.
Described as an SQL injection flaw, it's rooted in a dependency called org.postgresql:
593
New 'Loop DoS' Attack Impacts Hundreds of Thousands of Systems
https://thehackernews.com/2024/03/new-loop-dos-attack-impacts-hundreds-of.html
A novel denial-of-service (DoS) attack vector has been found to target application-layer protocols based on User Datagram Protocol (UDP), putting hundreds of thousands of hosts likely at risk.
Called Loop DoS attacks, the approach pairs "servers of these protocols in such a way that they communicate with each other indefinitely," researchers from the CISPA Helmholtz-Center for
593
Generative AI Security - Secure Your Business in a World Powered by LLMs
https://thehackernews.com/2024/03/generative-ai-security-secure-your.html
Did you know that 79% of organizations are already leveraging Generative AI technologies? Much like the internet defined the 90s and the cloud revolutionized the 2010s, we are now in the era of Large Language Models (LLMs) and Generative AI.
The potential of Generative AI is immense, yet it brings significant challenges, especially in security integration. Despite their powerful capabilities,
593
TeamCity Flaw Leads to Surge in Ransomware, Cryptomining, and RAT Attacks
https://thehackernews.com/2024/03/teamcity-flaw-leads-to-surge-in.html
Multiple threat actors are exploiting the recently disclosed security flaws in JetBrains TeamCity software to deploy ransomware, cryptocurrency miners, Cobalt Strike beacons, and a Golang-based remote access trojan called Spark RAT.
The attacks entail the exploitation of CVE-2024-27198 (CVSS score: 9.8) that enables an adversary to bypass authentication measures and gain administrative
593
New BunnyLoader Malware Variant Surfaces with Modular Attack Features
https://thehackernews.com/2024/03/new-bunnyloader-malware-variant.html
Cybersecurity researchers have discovered an updated variant of a stealer and malware loader called BunnyLoader that modularizes its various functions as well as allow it to evade detection.
"BunnyLoader is dynamically developing malware with the capability to steal information, credentials and cryptocurrency, as well as deliver additional malware to its victims," Palo Alto Networks
593
A prescription for privacy protection: Exercise caution when using a mobile health app
https://www.welivesecurity.com/en/privacy/prescription-privacy-protection-exercise-caution-mobile-health-app/
Given the unhealthy data-collection habits of some mHealth apps, you’re well advised to tread carefully when choosing with whom you share some of your most sensitive data
593
Ukraine Arrests Trio for Hijacking Over 100 Million Email and Instagram Accounts
https://thehackernews.com/2024/03/ukraine-arrests-trio-for-hijacking-over.html
The Cyber Police of Ukraine has arrested three individuals on suspicion of hijacking more than 100 million emails and Instagram accounts from users across the world.
The suspects, aged between 20 and 40, are said to be part of an organized criminal group living in different parts of the country. If convicted, they face up to 15 years in prison.
The accounts, authorities said, were
593
U.S. EPA Forms Task Force to Protect Water Systems from Cyberattacks
https://thehackernews.com/2024/03/us-epa-forms-task-force-to-protect.html
The U.S. Environmental Protection Agency (EPA) said it's forming a new "Water Sector Cybersecurity Task Force" to devise methods to counter the threats faced by the water sector in the country.
"In addition to considering the prevalent vulnerabilities of water systems to cyberattacks and the challenges experienced by some systems in adopting best practices, this Task Force in its deliberations
593
APIs Drive the Majority of Internet Traffic and Cybercriminals are Taking Advantage
https://thehackernews.com/2024/03/apis-drive-majority-of-internet-traffic.html
Application programming interfaces (APIs) are the connective tissue behind digital modernization, helping applications and databases exchange data more effectively. The State of API Security in 2024 Report from Imperva, a Thales company, found that the majority of internet traffic (71%) in 2023 was API calls. What’s more, a typical enterprise site saw an average of 1.5 billion API
593
From Deepfakes to Malware: AI's Expanding Role in Cyber Attacks
https://thehackernews.com/2024/03/from-deepfakes-to-malware-ais-expanding.html
Large language models (LLMs) powering artificial intelligence (AI) tools today could be exploited to develop self-augmenting malware capable of bypassing YARA rules.
"Generative AI can be used to evade string-based YARA rules by augmenting the source code of small malware variants, effectively lowering detection rates," Recorded Future said in a new report shared with The Hacker News.
593
Crafting and Communicating Your Cybersecurity Strategy for Board Buy-In
https://thehackernews.com/2024/03/crafting-and-communicating-your.html
In an era where digital transformation drives business across sectors, cybersecurity has transcended its traditional operational role to become a cornerstone of corporate strategy and risk management. This evolution demands a shift in how cybersecurity leaders—particularly Chief Information Security Officers (CISOs)—articulate the value and urgency of cybersecurity investments to their boards.&
593
Hackers Exploiting Popular Document Publishing Sites for Phishing Attacks
https://thehackernews.com/2024/03/hackers-exploiting-popular-document.html
Threat actors are leveraging digital document publishing (DDP) sites hosted on platforms like FlipSnack, Issuu, Marq, Publuu, RelayTo, and Simplebooklet for carrying out phishing, credential harvesting, and session token theft, once again underscoring how threat actors are repurposing legitimate services for malicious ends.
"Hosting phishing lures on DDP sites increases the likelihood
593
Suspected Russian Data-Wiping 'AcidPour' Malware Targeting Linux x86 Devices
https://thehackernews.com/2024/03/suspected-russian-data-wiping-acidpour.html
A new variant of a data wiping malware called AcidRain has been detected in the wild that's specifically designed for targeting Linux x86 devices.
The malware, dubbed AcidPour, is compiled for Linux x86 devices, SentinelOne's Juan Andres Guerrero-Saade said in a series of posts on X.
"The new variant [...] is an ELF binary compiled for x86 (not MIPS) and while it refers to similar devices/
593
New Phishing Attack Uses Clever Microsoft Office Trick to Deploy NetSupport RAT
https://thehackernews.com/2024/03/new-phishing-attack-uses-clever.html
A new phishing campaign is targeting U.S. organizations with the intent to deploy a remote access trojan called NetSupport RAT.
Israeli cybersecurity company Perception Point is tracking the activity under the moniker Operation PhantomBlu.
"The PhantomBlu operation introduces a nuanced exploitation method, diverging from NetSupport RAT’s typical delivery mechanism by leveraging OLE (Object
593
E-Root Marketplace Admin Sentenced to 42 Months for Selling 350K Stolen Credentials
https://thehackernews.com/2024/03/e-root-marketplace-admin-sentenced-to.html
A 31-year-old Moldovan national has been sentenced to 42 months in prison in the U.S. for operating an illicit marketplace called E-Root Marketplace that offered for sale hundreds of thousands of compromised credentials, the Department of Justice (DoJ) announced.
Sandu Boris Diaconu was charged with conspiracy to commit access device and computer fraud and possession of 15 or more unauthorized
593
New DEEP#GOSU Malware Campaign Targets Windows Users with Advanced Tactics
https://thehackernews.com/2024/03/new-deepgosu-malware-campaign-targets.html
A new elaborate attack campaign has been observed employing PowerShell and VBScript malware to infect Windows systems and harvest sensitive information.
Cybersecurity company Securonix, which dubbed the campaign DEEP#GOSU, said it's likely associated with the North Korean state-sponsored group tracked as Kimsuky.
"The malware payloads used in the DEEP#GOSU represent a
593
Fortra Patches Critical RCE Vulnerability in FileCatalyst Transfer Tool
https://thehackernews.com/2024/03/fortra-patches-critical-rce.html
Fortra has released details of a now-patched critical security flaw impacting its FileCatalyst file transfer solution that could allow unauthenticated attackers to gain remote code execution on susceptible servers.
Tracked as CVE-2024-25153, the shortcoming carries a CVSS score of 9.8 out of a maximum of 10.
"A directory traversal within the 'ftpservlet' of the FileCatalyst Workflow
