TECHZONE™
Открыть в Telegram
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
Больше593
Подписчики
-124 часа
-27 дней
-830 день
Архив постов
593
The SEC Won't Let CISOs Be: Understanding New SaaS Cybersecurity Rules
https://thehackernews.com/2024/01/the-sec-wont-let-cisos-be-understanding.html
The SEC isn’t giving SaaS a free pass. Applicable public companies, known as “registrants,” are now subject to cyber incident disclosure and cybersecurity readiness requirements for data stored in SaaS systems, along with the 3rd and 4th party apps connected to them.
The new cybersecurity mandates make no distinction between data exposed in a breach that was stored on-premise, in the
593
Chinese Hackers Exploiting VPN Flaws to Deploy KrustyLoader Malware
https://thehackernews.com/2024/01/chinese-hackers-exploiting-critical-vpn.html
A pair of recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) virtual private network (VPN) devices have been exploited to deliver a Rust-based payload called KrustyLoader that's used to drop the open-source Sliver adversary simulation tool.
The security vulnerabilities, tracked as CVE-2023-46805 (CVSS score: 8.2) and CVE-2024-21887 (CVSS score: 9.1), could be abused
593
New Glibc Flaw Grants Attackers Root Access on Major Linux Distros
https://thehackernews.com/2024/01/new-glibc-flaw-grants-attackers-root.html
Malicious local attackers can obtain full root access on Linux machines by taking advantage of a newly disclosed security flaw in the GNU C library (aka glibc).
Tracked as CVE-2023-6246, the heap-based buffer overflow vulnerability is rooted in glibc's __vsyslog_internal() function, which is used by syslog() and vsyslog() for system logging purposes. It's said to have been accidentally
593
ESET takes part in global operation to disrupt the Grandoreiro banking trojan
https://www.welivesecurity.com/en/eset-research/eset-takes-part-global-operation-disrupt-grandoreiro-banking-trojan/
ESET provided technical analysis, statistical information, known C&C servers and was able to get a glimpse of the victimology
593
Brazilian Feds Dismantle Grandoreiro Banking Trojan, Arresting Top Operatives
https://thehackernews.com/2024/01/brazilian-feds-dismantle-grandoreiro.html
A Brazilian law enforcement operation has led to the arrest of several Brazilian operators in charge of the Grandoreiro malware.
The Federal Police of Brazil said it served five temporary arrest warrants and 13 search and seizure warrants in the states of São Paulo, Santa Catarina, Pará, Goiás, and Mato Grosso.
Slovak cybersecurity firm ESET, which provided additional
593
URGENT: Upgrade GitLab - Critical Workspace Creation Flaw Allows File Overwrite
https://thehackernews.com/2024/01/urgent-upgrade-gitlab-critical.html
GitLab once again released fixes to address a critical security flaw in its Community Edition (CE) and Enterprise Edition (EE) that could be exploited to write arbitrary files while creating a workspace.
Tracked as CVE-2024-0402, the vulnerability has a CVSS score of 9.9 out of a maximum of 10.
"An issue has been discovered in GitLab CE/EE affecting all versions from 16.0 prior to
593
Cyber: The Swiss army knife of tradecraft
https://www.welivesecurity.com/en/cybersecurity/cyber-swiss-army-knife-tradecraft/
In today’s digitally interconnected world, advanced cyber capabilities have become an exceptionally potent and versatile tool of tradecraft for nation-states and criminals alike
593
China-Linked Hackers Target Myanmar's Top Ministries with Backdoor Blitz
https://thehackernews.com/2024/01/china-linked-hackers-target-myanmars.html
The China-based threat actor known as Mustang Panda is suspected to have targeted Myanmar's Ministry of Defence and Foreign Affairs as part of twin campaigns designed to deploy backdoors and remote access trojans.
The findings come from CSIRT-CTI, which said the activities took place in November 2023 and January 2024 after artifacts in connection with the attacks were uploaded to the
593
Top Security Posture Vulnerabilities Revealed
https://thehackernews.com/2024/01/top-security-posture-vulnerabilities.html
Each New Year introduces a new set of challenges and opportunities for strengthening our cybersecurity posture. It's the nature of the field – the speed at which malicious actors carry out advanced persistent threats brings a constant, evolving battle for cyber resilience. The excitement in cybersecurity lies in this continuous adaptation and learning, always staying one step ahead of potential
593
Italian Data Protection Watchdog Accuses ChatGPT of Privacy Violations
https://thehackernews.com/2024/01/italian-data-protection-watchdog.html
Italy's data protection authority (DPA) has notified ChatGPT-maker OpenAI of supposedly violating privacy laws in the region.
"The available evidence pointed to the existence of breaches of the provisions contained in the E.U. GDPR [General Data Protection Regulation]," the Garante per la protezione dei dati personali (aka the Garante) said in a statement on Monday.
It also said it
593
New ZLoader Malware Variant Surfaces with 64-bit Windows Compatibility
https://thehackernews.com/2024/01/new-zloader-malware-variant-surfaces.html
Threat hunters have identified a new campaign that delivers the ZLoader malware, resurfacing nearly two years after the botnet's infrastructure was dismantled in April 2022.
A new variant of the malware is said to have been in development since September 2023, Zscaler ThreatLabz said in an analysis published this month.
"The new version of Zloader made significant changes to the loader
593
Juniper Networks Releases Urgent Junos OS Updates for High-Severity Flaws
https://thehackernews.com/2024/01/juniper-networks-releases-urgent-junos.html
Juniper Networks has released out-of-band updates to address high-severity flaws in SRX Series and EX Series that could be exploited by a threat actor to take control of susceptible systems.
The vulnerabilities, tracked as CVE-2024-21619 and CVE-2024-21620, are rooted in the J-Web component and impact all versions of Junos OS. Two other shortcomings, CVE-2023-36846 and
593
Researchers Uncover How Outlook Vulnerability Could Leak Your NTLM Passwords
https://thehackernews.com/2024/01/researchers-uncover-outlook.html
A now-patched security flaw in Microsoft Outlook could be exploited by threat actors to access NT LAN Manager (NTLM) v2 hashed passwords when opening a specially crafted file.
The issue, tracked as CVE-2023-35636 (CVSS score: 6.5), was addressed by the tech giant as part of its Patch Tuesday updates for December 2023.
"In an email attack scenario, an attacker could exploit the
593
493 Companies Share Their SaaS Security Battles – Get Insights in this Webinar
https://thehackernews.com/2024/01/493-companies-share-their-saas-security.html
In today's digital world, security risks are more prevalent than ever, especially when it comes to Software as a Service (SaaS) applications. Did you know that an alarming 97% of companies face serious risks from unsecured SaaS applications?Moreover, about 20% of these organizations are struggling with internal data threats. These statistics aren't just numbers; they're a wake-up call.
We're
593
Riding the AI Waves: The Rise of Artificial Intelligence to Combat Cyber Threats
https://thehackernews.com/2024/01/riding-ai-waves-rise-of-artificial.html
In nearly every segment of our lives, AI (artificial intelligence) now makes a significant impact: It can deliver better healthcare diagnoses and treatments; detect and reduce the risk of financial fraud; improve inventory management; and serve up the right recommendation for a streaming movie on Friday night. However, one can also make a strong case that some of AI’s most significant impacts
593
Albabat, Kasseika, Kuiper: New Ransomware Gangs Rise with Rust and Golang
https://thehackernews.com/2024/01/albabat-kasseika-kuiper-new-ransomware.html
Cybersecurity researchers have detected in the wild yet another variant of the Phobos ransomware family known as Faust.
Fortinet FortiGuard Labs, which detailed the latest iteration of the ransomware, said it's being propagated by means of an infection that delivers a Microsoft Excel document (.XLAM) containing a VBA script.
"The attackers utilized the Gitea service to store several files
593
NSA Admits Secretly Buying Your Internet Browsing Data without Warrants
https://thehackernews.com/2024/01/nsa-admits-secretly-buying-your.html
The U.S. National Security Agency (NSA) has admitted to buying internet browsing records from data brokers to identify the websites and apps Americans use that would otherwise require a court order, U.S. Senator Ron Wyden said last week.
"The U.S. government should not be funding and legitimizing a shady industry whose flagrant violations of Americans' privacy are not just unethical, but illegal
593
Malicious PyPI Packages Slip WhiteSnake InfoStealer Malware onto Windows Machines
https://thehackernews.com/2024/01/malicious-pypi-packages-slip-whitesnake.html
Cybersecurity researchers have identified malicious packages on the open-source Python Package Index (PyPI) repository that deliver an information stealing malware called WhiteSnake Stealer on Windows systems.
The malware-laced packages are named nigpal, figflix, telerer, seGMM, fbdebug, sGMM, myGens, NewGends, and TestLibs111. They have been uploaded by a threat actor named "WS."
"These
593
Blackwood hijacks software updates to deploy NSPX30 – Week in security with Tony Anscombe
https://www.welivesecurity.com/en/videos/blackwood-software-updates-nspx30-week-security-tony-anscombe/
The previously unknown threat actor used the implant to target Chinese and Japanese companies, as well as individuals in China, Japan, and the UK
593
AllaKore RAT Malware Targeting Mexican Firms with Financial Fraud Tricks
https://thehackernews.com/2024/01/allakore-rat-malware-targeting-mexican.html
Mexican financial institutions are under the radar of a new spear-phishing campaign that delivers a modified version of an open-source remote access trojan called AllaKore RAT.
The BlackBerry Research and Intelligence Team attributed the activity to an unknown Latin American-based financially motivated threat actor. The campaign has been active since at least 2021.
"Lures use Mexican Social
