TECHZONE™
Открыть в Telegram
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
Больше595
Подписчики
Нет данных24 часа
-17 дней
-1030 день
Архив постов
595
Unsecured Tunneling Protocols Expose 4.2 Million Hosts, Including VPNs and Routers
https://thehackernews.com/2025/01/unsecured-tunneling-protocols-expose-42.html
New research has uncovered security vulnerabilities in multiple tunneling protocols that could allow attackers to perform a wide range of attacks.
"Internet hosts that accept tunneling packets without verifying the sender's identity can be hijacked to perform anonymous attacks and provide access to their networks," Top10VPN said in a study, as part of a collaboration with KU Leuven professor
595
DoNot Team Linked to New Tanzeem Android Malware Targeting Intelligence Collection
https://thehackernews.com/2025/01/donot-team-linked-to-new-tanzeem.html
The Threat actor known as DoNot Team has been linked to a new Android malware as part of highly targeted cyber attacks.
The artifacts in question, named Tanzeem (meaning "organization" in Urdu) and Tanzeem Update, were spotted in October and December 2024 by cybersecurity company Cyfirma. The apps in question have been found to incorporate identical functions, barring minor modifications to the
595
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [20 January]
https://thehackernews.com/2025/01/thn-weekly-recap-top-cybersecurity_20.html
As the digital world becomes more complicated, the lines between national security and cybersecurity are starting to fade. Recent cyber sanctions and intelligence moves show a reality where malware and fake news are used as tools in global politics. Every cyberattack now seems to have deeper political consequences. Governments are facing new, unpredictable threats that can't be fought with
595
Product Walkthrough: How Satori Secures Sensitive Data From Production to AI
https://thehackernews.com/2025/01/product-walkthrough-how-satori.html
Every week seems to bring news of another data breach, and it’s no surprise why: securing sensitive data has become harder than ever. And it’s not just because companies are dealing with orders of magnitude more data. Data flows and user roles are constantly shifting, and data is stored across multiple technologies and cloud environments. Not to mention, compliance requirements are only getting
595
Hackers Deploy Malicious npm Packages to Steal Solana Wallet Keys via Gmail SMTP
https://thehackernews.com/2025/01/hackers-deploy-malicious-npm-packages.html
Cybersecurity researchers have identified three sets of malicious packages across the npm and Python Package Index (PyPI) repository that come with capabilities to steal data and even delete sensitive data from infected systems.
The list of identified packages is below -
@async-mutex/mutex, a typosquat of async-mute (npm)
dexscreener, which masquerades as a library for accessing liquidity pool
595
TikTok Goes Dark in the U.S. as Federal Ban Takes Effect January 19, 2025
https://thehackernews.com/2025/01/tiktok-goes-dark-in-us-as-federal-ban.html
Popular video-sharing social network TikTok has officially gone dark in the United States, 2025, as a federal ban on the app comes into effect on January 19, 2025.
"We regret that a U.S. law banning TikTok will take effect on January 19 and force us to make our services temporarily unavailable," the company said in a pop-up message. "We're working to restore our service in the U.S. as soon as
595
U.S. Sanctions Chinese Cybersecurity Firm Over Treasury Hack Tied to Silk Typhoon
https://thehackernews.com/2025/01/us-sanctions-chinese-cybersecurity-firm.html
The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) has imposed sanctions against a Chinese cybersecurity company and a Shanghai-based cyber actor for their alleged links to the Salt Typhoon group and the recent compromise of the federal agency.
"People's Republic of China-linked (PRC) malicious cyber actors continue to target U.S. government systems, including the recent
595
Has the TikTok Ban Already Backfired on US Cybersecurity?
https://www.darkreading.com/threat-intelligence/tiktok-ban-backfired-us-cybersecurity
595
Employees Enter Sensitive Data Into GenAI Prompts Far Too Often
https://www.darkreading.com/threat-intelligence/employees-sensitive-data-genai-prompts
595
15K Fortinet Device Configs Leaked to the Dark Web
https://www.darkreading.com/endpoint-security/15k-fortinet-device-configs-leaked-dark-web
595
Critical Flaws in WGS-804HPT Switches Enable RCE and Network Exploitation
https://thehackernews.com/2025/01/critical-flaws-in-wgs-804hpt-switches.html
Cybersecurity researchers have disclosed three security flaws in Planet Technology's WGS-804HPT industrial switches that could be chained to achieve pre-authentication remote code execution on susceptible devices.
"These switches are widely used in building and home automation systems for a variety of networking applications," Claroty's Tomer Goldschmidt said in a Thursday report. "An attacker
595
Leveraging Behavioral Insights to Counter LLM-Enabled Hacking
https://www.darkreading.com/vulnerabilities-threats/leveraging-behavioral-insights-counter-llm-enabled-hacking
595
Python-Based Bots Exploiting PHP Servers Fuel Gambling Platform Proliferation
https://thehackernews.com/2025/01/python-based-bots-exploiting-php.html
Cybersecurity researchers have exposed a new campaign that targets web servers running PHP-based applications to promote gambling platforms in Indonesia.
"Over the past two months, a significant volume of attacks from Python-based bots has been observed, suggesting a coordinated effort to exploit thousands of web apps," Imperva researcher Daniel Johnston said in an analysis. "These attacks
595
How to Bring Zero Trust to Wi-Fi Security with a Cloud-based Captive Portal?
https://thehackernews.com/2025/01/how-to-bring-zero-trust-to-wi-fi.html
Recent data breaches have highlighted the critical need to improve guest Wi-Fi infrastructure security in modern business environments. Organizations face increasing pressure to protect their networks while providing convenient access to visitors, contractors, temporary staff, and employees with BYOD. Implementing secure guest Wi-Fi infrastructure has become essential for authenticating access,
595
U.S. Sanctions North Korean IT Worker Network Supporting WMD Programs
https://thehackernews.com/2025/01/us-sanctions-north-korean-it-worker.html
The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) sanctioned two individuals and four entities for their alleged involvement in illicit revenue generation schemes for the Democratic People's Republic of Korea (DPRK) by dispatching IT workers around the world to obtain employment and draw a steady source of income for the regime in violation of international sanctions.
"These
595
New 'Sneaky 2FA' Phishing Kit Targets Microsoft 365 Accounts with 2FA Code Bypass
https://thehackernews.com/2025/01/new-sneaky-2fa-phishing-kit-targets.html
Cybersecurity researchers have detailed a new adversary-in-the-middle (AitM) phishing kit that's capable of Microsoft 365 accounts with an aim to steal credentials and two-factor authentication (2FA) codes since at least October 2024.
The nascent phishing kit has been dubbed Sneaky 2FA by French cybersecurity company Sekoia, which detected it in the wild in December. Nearly 100 domains hosting
595
Russian APT Phishes Kazakh Gov't for Strategic Intel
https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-phishes-kazakh-govt-strategic-intel
595
European Privacy Group Sues TikTok and AliExpress for Illicit Data Transfers to China
https://thehackernews.com/2025/01/european-privacy-group-sues-tiktok-and.html
Austrian privacy non-profit None of Your Business (noyb) has filed complaints accusing companies like TikTok, AliExpress, SHEIN, Temu, WeChat, and Xiaomi of violating data protection regulations in the European Union by unlawfully transferring users' data to China.
The advocacy group is seeking an immediate suspension of such transfers, stating the companies in question cannot shield user data
595
Biden's Cybersecurity EO Leaves Trump a Comprehensive Blueprint for Defense
https://www.darkreading.com/threat-intelligence/biden-cybersecurity-eo-trump-blueprint-defense
595
Russian Star Blizzard Shifts Tactics to Exploit WhatsApp QR Codes for Credential Harvesting
https://thehackernews.com/2025/01/russian-star-blizzard-shifts-tactics-to.html
The Russian threat actor known as Star Blizzard has been linked to a new spear-phishing campaign that targets victims' WhatsApp accounts, signaling a departure from its longstanding tradecraft in a likely attempt to evade detection.
"Star Blizzard's targets are most commonly related to government or diplomacy (both incumbent and former position holders), defense policy or international relations
Уже доступно! Исследование Telegram 2025 — ключевые инсайты года 
