ru
Feedback
TECHZONE™

TECHZONE™

Открыть в Telegram

TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news

Больше
593
Подписчики
-124 часа
-27 дней
-830 день
Архив постов
The SEC Won't Let CISOs Be: Understanding New SaaS Cybersecurity Rules https://thehackernews.com/2024/01/the-sec-wont-let-cisos-be-understanding.html The SEC isn’t giving SaaS a free pass. Applicable public companies, known as “registrants,” are now subject to cyber incident disclosure and cybersecurity readiness requirements for data stored in SaaS systems, along with the 3rd and 4th party apps connected to them.  The new cybersecurity mandates make no distinction between data exposed in a breach that was stored on-premise, in the

Chinese Hackers Exploiting VPN Flaws to Deploy KrustyLoader Malware https://thehackernews.com/2024/01/chinese-hackers-exploiting-critical-vpn.html A pair of recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) virtual private network (VPN) devices have been exploited to deliver a Rust-based payload called KrustyLoader that's used to drop the open-source Sliver adversary simulation tool. The security vulnerabilities, tracked as CVE-2023-46805 (CVSS score: 8.2) and CVE-2024-21887 (CVSS score: 9.1), could be abused

New Glibc Flaw Grants Attackers Root Access on Major Linux Distros https://thehackernews.com/2024/01/new-glibc-flaw-grants-attackers-root.html Malicious local attackers can obtain full root access on Linux machines by taking advantage of a newly disclosed security flaw in the GNU C library (aka glibc). Tracked as CVE-2023-6246, the heap-based buffer overflow vulnerability is rooted in glibc's __vsyslog_internal() function, which is used by syslog() and vsyslog() for system logging purposes. It's said to have been accidentally

ESET takes part in global operation to disrupt the Grandoreiro banking trojan https://www.welivesecurity.com/en/eset-research/eset-takes-part-global-operation-disrupt-grandoreiro-banking-trojan/ ESET provided technical analysis, statistical information, known C&C servers and was able to get a glimpse of the victimology

Brazilian Feds Dismantle Grandoreiro Banking Trojan, Arresting Top Operatives https://thehackernews.com/2024/01/brazilian-feds-dismantle-grandoreiro.html A Brazilian law enforcement operation has led to the arrest of several Brazilian operators in charge of the Grandoreiro malware. The Federal Police of Brazil said it served five temporary arrest warrants and 13 search and seizure warrants in the states of São Paulo, Santa Catarina, Pará, Goiás, and Mato Grosso. Slovak cybersecurity firm ESET, which provided additional

URGENT: Upgrade GitLab - Critical Workspace Creation Flaw Allows File Overwrite https://thehackernews.com/2024/01/urgent-upgrade-gitlab-critical.html GitLab once again released fixes to address a critical security flaw in its Community Edition (CE) and Enterprise Edition (EE) that could be exploited to write arbitrary files while creating a workspace. Tracked as CVE-2024-0402, the vulnerability has a CVSS score of 9.9 out of a maximum of 10. "An issue has been discovered in GitLab CE/EE affecting all versions from 16.0 prior to

Cyber: The Swiss army knife of tradecraft https://www.welivesecurity.com/en/cybersecurity/cyber-swiss-army-knife-tradecraft/ In today’s digitally interconnected world, advanced cyber capabilities have become an exceptionally potent and versatile tool of tradecraft for nation-states and criminals alike

China-Linked Hackers Target Myanmar's Top Ministries with Backdoor Blitz https://thehackernews.com/2024/01/china-linked-hackers-target-myanmars.html The China-based threat actor known as Mustang Panda is suspected to have targeted Myanmar's Ministry of Defence and Foreign Affairs as part of twin campaigns designed to deploy backdoors and remote access trojans. The findings come from CSIRT-CTI, which said the activities took place in November 2023 and January 2024 after artifacts in connection with the attacks were uploaded to the

Top Security Posture Vulnerabilities Revealed https://thehackernews.com/2024/01/top-security-posture-vulnerabilities.html Each New Year introduces a new set of challenges and opportunities for strengthening our cybersecurity posture. It's the nature of the field – the speed at which malicious actors carry out advanced persistent threats brings a constant, evolving battle for cyber resilience. The excitement in cybersecurity lies in this continuous adaptation and learning, always staying one step ahead of potential

Italian Data Protection Watchdog Accuses ChatGPT of Privacy Violations https://thehackernews.com/2024/01/italian-data-protection-watchdog.html Italy's data protection authority (DPA) has notified ChatGPT-maker OpenAI of supposedly violating privacy laws in the region. "The available evidence pointed to the existence of breaches of the provisions contained in the E.U. GDPR [General Data Protection Regulation]," the Garante per la protezione dei dati personali (aka the Garante) said in a statement on Monday. It also said it

New ZLoader Malware Variant Surfaces with 64-bit Windows Compatibility https://thehackernews.com/2024/01/new-zloader-malware-variant-surfaces.html Threat hunters have identified a new campaign that delivers the ZLoader malware, resurfacing nearly two years after the botnet's infrastructure was dismantled in April 2022. A new variant of the malware is said to have been in development since September 2023, Zscaler ThreatLabz said in an analysis published this month. "The new version of Zloader made significant changes to the loader

Juniper Networks Releases Urgent Junos OS Updates for High-Severity Flaws https://thehackernews.com/2024/01/juniper-networks-releases-urgent-junos.html Juniper Networks has released out-of-band updates to address high-severity flaws in SRX Series and EX Series that could be exploited by a threat actor to take control of susceptible systems. The vulnerabilities, tracked as CVE-2024-21619 and CVE-2024-21620, are rooted in the J-Web component and impact all versions of Junos OS. Two other shortcomings, CVE-2023-36846 and

Researchers Uncover How Outlook Vulnerability Could Leak Your NTLM Passwords https://thehackernews.com/2024/01/researchers-uncover-outlook.html A now-patched security flaw in Microsoft Outlook could be exploited by threat actors to access NT LAN Manager (NTLM) v2 hashed passwords when opening a specially crafted file. The issue, tracked as CVE-2023-35636 (CVSS score: 6.5), was addressed by the tech giant as part of its Patch Tuesday updates for December 2023. "In an email attack scenario, an attacker could exploit the

493 Companies Share Their SaaS Security Battles – Get Insights in this Webinar https://thehackernews.com/2024/01/493-companies-share-their-saas-security.html In today's digital world, security risks are more prevalent than ever, especially when it comes to Software as a Service (SaaS) applications. Did you know that an alarming 97% of companies face serious risks from unsecured SaaS applications?Moreover, about 20% of these organizations are struggling with internal data threats. These statistics aren't just numbers; they're a wake-up call. We're

Riding the AI Waves: The Rise of Artificial Intelligence to Combat Cyber Threats https://thehackernews.com/2024/01/riding-ai-waves-rise-of-artificial.html In nearly every segment of our lives, AI (artificial intelligence) now makes a significant impact: It can deliver better healthcare diagnoses and treatments; detect and reduce the risk of financial fraud; improve inventory management; and serve up the right recommendation for a streaming movie on Friday night. However, one can also make a strong case that some of AI’s most significant impacts

Albabat, Kasseika, Kuiper: New Ransomware Gangs Rise with Rust and Golang https://thehackernews.com/2024/01/albabat-kasseika-kuiper-new-ransomware.html Cybersecurity researchers have detected in the wild yet another variant of the Phobos ransomware family known as Faust. Fortinet FortiGuard Labs, which detailed the latest iteration of the ransomware, said it's being propagated by means of an infection that delivers a Microsoft Excel document (.XLAM) containing a VBA script. "The attackers utilized the Gitea service to store several files

NSA Admits Secretly Buying Your Internet Browsing Data without Warrants https://thehackernews.com/2024/01/nsa-admits-secretly-buying-your.html The U.S. National Security Agency (NSA) has admitted to buying internet browsing records from data brokers to identify the websites and apps Americans use that would otherwise require a court order, U.S. Senator Ron Wyden said last week. "The U.S. government should not be funding and legitimizing a shady industry whose flagrant violations of Americans' privacy are not just unethical, but illegal

Malicious PyPI Packages Slip WhiteSnake InfoStealer Malware onto Windows Machines https://thehackernews.com/2024/01/malicious-pypi-packages-slip-whitesnake.html Cybersecurity researchers have identified malicious packages on the open-source Python Package Index (PyPI) repository that deliver an information stealing malware called WhiteSnake Stealer on Windows systems. The malware-laced packages are named nigpal, figflix, telerer, seGMM, fbdebug, sGMM, myGens, NewGends, and TestLibs111. They have been uploaded by a threat actor named "WS." "These

Blackwood hijacks software updates to deploy NSPX30 – Week in security with Tony Anscombe https://www.welivesecurity.com/en/videos/blackwood-software-updates-nspx30-week-security-tony-anscombe/ The previously unknown threat actor used the implant to target Chinese and Japanese companies, as well as individuals in China, Japan, and the UK

AllaKore RAT Malware Targeting Mexican Firms with Financial Fraud Tricks https://thehackernews.com/2024/01/allakore-rat-malware-targeting-mexican.html Mexican financial institutions are under the radar of a new spear-phishing campaign that delivers a modified version of an open-source remote access trojan called AllaKore RAT. The BlackBerry Research and Intelligence Team attributed the activity to an unknown Latin American-based financially motivated threat actor. The campaign has been active since at least 2021. "Lures use Mexican Social