TECHZONE™
Открыть в Telegram
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
Больше593
Подписчики
-124 часа
-27 дней
-830 день
Архив постов
593
6 Ways to Simplify SaaS Identity Governance
https://thehackernews.com/2024/02/6-ways-to-simplify-saas-identity.html
With SaaS applications now making up the vast majority of technology used by employees in most organizations, tasks related to identity governance need to happen across a myriad of individual SaaS apps. This presents a huge challenge for centralized IT teams who are ultimately held responsible for managing and securing app access, but can’t possibly become experts in the nuances of the native
593
Cybersecurity for Healthcare—Diagnosing the Threat Landscape and Prescribing Solutions for Recovery
https://thehackernews.com/2024/02/cybersecurity-for-healthcarediagnosing.html
On Thanksgiving Day 2023, while many Americans were celebrating, hospitals across the U.S. were doing quite the opposite. Systems were failing. Ambulances were diverted. Care was impaired. Hospitals in three states were hit by a ransomware attack, and in that moment, the real-world repercussions came to light—it wasn’t just computer networks that were brought to a halt, but actual patient
593
New 'VietCredCare' Stealer Targeting Facebook Advertisers in Vietnam
https://thehackernews.com/2024/02/new-vietcredcare-stealer-targeting.html
Facebook advertisers in Vietnam are the target of a previously unknown information stealer dubbed VietCredCare at least since August 2022.
The malware is “notable for its ability to automatically filter out Facebook session cookies and credentials stolen from compromised devices, and assess whether these accounts manage business profiles and if they maintain a positive Meta ad credit
593
Signal Introduces Usernames, Allowing Users to Keep Their Phone Numbers Private
https://thehackernews.com/2024/02/signal-introduces-usernames-allowing.html
End-to-end encrypted (E2EE) messaging app Signal said it’s piloting a new feature that allows users to create unique usernames (not to be confused with profile names) and keep the phone numbers away from prying eyes.
“If you use Signal, your phone number will no longer be visible to everyone you chat with by default,” Signal’s Randall Sarafa said. “People who have your number saved in their
593
Russian Hackers Target Ukraine with Disinformation and Credential-Harvesting Attacks
https://thehackernews.com/2024/02/russian-hackers-target-ukraine-with.html
Cybersecurity researchers have unearthed a new influence operation targeting Ukraine that leverages spam emails to propagate war-related disinformation.
The activity has been linked to Russia-aligned threat actors by Slovak cybersecurity company ESET, which also identified a spear-phishing campaign aimed at a Ukrainian defense company in October 2023 and a European Union agency in November 2023
593
VMware Alert: Uninstall EAP Now - Critical Flaw Puts Active Directory at Risk
https://thehackernews.com/2024/02/vmware-alert-uninstall-eap-now-critical.html
VMware is urging users to uninstall the deprecated Enhanced Authentication Plugin (EAP) following the discovery of a critical security flaw.
Tracked as CVE-2024-22245 (CVSS score: 9.6), the vulnerability has been described as an arbitrary authentication relay bug.
"A malicious actor could trick a target domain user with EAP installed in their web browser into requesting and relaying
593
New Migo Malware Targeting Redis Servers for Cryptocurrency Mining
https://thehackernews.com/2024/02/new-migo-malware-targeting-redis.html
A novel malware campaign has been observed targeting Redis servers for initial access with the ultimate goal of mining cryptocurrency on compromised Linux hosts.
"This particular campaign involves the use of a number of novel system weakening techniques against the data store itself," Cado security researcher Matt Muir said in a technical report.
The cryptojacking attack is facilitated
593
LockBit Ransomware Operation Shut Down; Criminals Arrested; Decryption Keys Released
https://thehackernews.com/2024/02/lockbit-ransomware-operation-shut-down.html
The U.K. National Crime Agency (NCA) on Tuesday confirmed that it obtained LockBit's source code as well as intelligence pertaining to its activities and their affiliates as part of a dedicated task force called Operation Cronos.
"Some of the data on LockBit's systems belonged to victims who had paid a ransom to the threat actors, evidencing that even when a ransom is paid, it does not
593
New Report Reveals North Korean Hackers Targeting Defense Firms Worldwide
https://thehackernews.com/2024/02/new-report-reveals-north-korean-hackers.html
The North Korean state-sponsored threat actors have been attributed to a cyber espionage campaign targeting the defense sector across the world.
In a joint advisory published by Germany's Federal Office for the Protection of the Constitution (BfV) and South Korea's National Intelligence Service (NIS), the agencies said the goal of the attacks is to plunder advanced defense technologies in a "
593
Learn How to Build an Incident Response Playbook Against Scattered Spider in Real-Time
https://thehackernews.com/2024/02/learn-how-to-build-incident-response.html
In the tumultuous landscape of cybersecurity, the year 2023 left an indelible mark with the brazen exploits of the Scattered Spider threat group. Their attacks targeted the nerve centers of major financial and insurance institutions, culminating in what stands as one of the most impactful ransomware assaults in recent memory.
When organizations have no response plan in place for such an
593
SaaS Compliance through the NIST Cybersecurity Framework
https://thehackernews.com/2024/02/saas-compliance-through-nist.html
The US National Institute of Standards and Technology (NIST) cybersecurity framework is one of the world's most important guidelines for securing networks. It can be applied to any number of applications, including SaaS.
One of the challenges facing those tasked with securing SaaS applications is the different settings found in each application. It makes it difficult to develop a
593
Critical Flaws Found in ConnectWise ScreenConnect Software - Patch Now
https://thehackernews.com/2024/02/critical-flaws-found-in-connectwise.html
ConnectWise has released software updates to address two security flaws in its ScreenConnect remote desktop and access software, including a critical bug that could enable remote code execution on affected systems.
The vulnerabilities, which currently lack CVE identifiers, are listed below -
Authentication bypass using an alternate path or channel (CVSS score: 10.0)
Improper limitation of
593
WordPress Bricks Theme Under Active Attack: Critical Flaw Impacts 25,000+ Sites
https://thehackernews.com/2024/02/wordpress-bricks-theme-under-active.html
A critical security flaw in the Bricks theme for WordPress is being actively exploited by threat actors to run arbitrary PHP code on susceptible installations.
The flaw, tracked as CVE-2024-25600 (CVSS score: 9.8), enables unauthenticated attackers to achieve remote code execution. It impacts all versions of the Bricks up to and including 1.9.6.
It has been addressed by the theme developers in&
593
Iran and Hezbollah Hackers Launch Attacks to Influence Israel-Hamas Narrative
https://thehackernews.com/2024/02/iran-and-hezbollah-hackers-launch.html
Hackers backed by Iran and Hezbollah staged cyber attacks designed to undercut public support for the Israel-Hamas war after October 2023.
This includes destructive attacks against key Israeli organizations, hack-and-leak operations targeting entities in Israel and the U.S., phishing campaigns designed to steal intelligence, and information operations to turn public opinion against Israel.
Iran
593
LockBit Ransomware's Darknet Domains Seized in Global Law Enforcement Raid
https://thehackernews.com/2024/02/lockbit-ransomwares-darknet-domains.html
An international law enforcement operation has led to the seizure of multiple darknet domains operated by LockBit, one of the most prolific ransomware groups, marking the latest in a long list of digital takedowns.
While the full extent of the effort, codenamed Operation Cronos, is presently unknown, visiting the group's .onion website displays a seizure banner containing the message "
593
Meta Warns of 8 Spyware Firms Targeting iOS, Android, and Windows Devices
https://thehackernews.com/2024/02/meta-warns-of-8-spyware-firms-targeting.html
Meta Platforms said it took a series of steps to curtail malicious activity from eight different firms based in Italy, Spain, and the United Arab Emirates (U.A.E.) operating in the surveillance-for-hire industry.
The findings are part of its Adversarial Threat Report for the fourth quarter of 2023. The spyware targeted iOS, Android, and Windows devices.
"Their various malware included
593
How to Achieve the Best Risk-Based Alerting (Bye-Bye SIEM)
https://thehackernews.com/2024/02/bye-bye-siem-hello-risk-based-alerting.html
Did you know that Network Detection and Response (NDR) has become the most effective technology to detect cyber threats? In contrast to SIEM, NDR offers adaptive cybersecurity with reduced false alerts and efficient threat response.
Are you aware of Network Detection and Response (NDR) and how it’s become the most effective technology to detect cyber threats?
NDR massively
593
Anatsa Android Trojan Bypasses Google Play Security, Expands Reach to New Countries
https://thehackernews.com/2024/02/anatsa-android-trojan-bypasses-google.html
The Android banking trojan known as Anatsa has expanded its focus to include Slovakia, Slovenia, and Czechia as part of a new campaign observed in November 2023.
"Some of the droppers in the campaign successfully exploited the accessibility service, despite Google Play's enhanced detection and protection mechanisms," ThreatFabric said in a report shared with The Hacker News.
593
Russian-Linked Hackers Breach 80+ Organizations via Roundcube Flaws
https://thehackernews.com/2024/02/russian-linked-hackers-breach-80.html
Threat actors operating with interests aligned to Belarus and Russia have been linked to a new cyber espionage campaign that likely exploited cross-site scripting (XSS) vulnerabilities in Roundcube webmail servers to target over 80 organizations.
These entities are primarily located in Georgia, Poland, and Ukraine, according to Recorded Future, which attributed the intrusion set to a threat
593
Iranian Hackers Target Middle East Policy Experts with New BASICSTAR Backdoor
https://thehackernews.com/2024/02/iranian-hackers-target-middle-east.html
The Iranian-origin threat actor known as Charming Kitten has been linked to a new set of attacks aimed at Middle East policy experts with a new backdoor called BASICSTAR by creating a fake webinar portal.
Charming Kitten, also called APT35, CharmingCypress, Mint Sandstorm, TA453, and Yellow Garuda, has a history of orchestrating a wide range of social engineering campaigns that cast a
