ru
Feedback
TECHZONE™

TECHZONE™

Открыть в Telegram

TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news

Больше
596
Подписчики
Нет данных24 часа
Нет данных7 дней
-930 день
Архив постов
Critical Flaw in WordPress LiteSpeed Cache Plugin Allows Hackers Admin Access https://thehackernews.com/2024/08/critical-flaw-in-wordpress-litespeed.html Cybersecurity researchers have disclosed a critical security flaw in the LiteSpeed Cache plugin for WordPress that could permit unauthenticated users to gain administrator privileges. "The plugin suffers from an unauthenticated privilege escalation vulnerability which allows any unauthenticated visitor to gain Administrator level access after which malicious plugins could be uploaded and

GitHub Patches Critical Security Flaw in Enterprise Server Granting Admin Privileges https://thehackernews.com/2024/08/github-patches-critical-security-flaw.html GitHub has released fixes to address a set of three security flaws impacting its Enterprise Server product, including one critical bug that could be abused to gain site administrator privileges. The most severe of the shortcomings has been assigned the CVE identifier CVE-2024-6800, and carries a CVSS score of 9.5. "On GitHub Enterprise Server instances that use SAML single sign-on (SSO)

New Malware PG_MEM Targets PostgreSQL Databases for Crypto Mining https://thehackernews.com/2024/08/new-malware-pgmem-targets-postgresql.html Cybersecurity researchers have unpacked a new malware strain dubbed PG_MEM that's designed to mine cryptocurrency after brute-forcing their way into PostgreSQL database instances. "Brute-force attacks on Postgres involve repeatedly attempting to guess the database credentials until access is gained, exploiting weak passwords," Aqua security researcher Assaf Morag said in a technical report. "

Microsoft Patches Critical Copilot Studio Vulnerability Exposing Sensitive Data https://thehackernews.com/2024/08/microsoft-patches-critical-copilot.html Cybersecurity researchers have disclosed a critical security flaw impacting Microsoft's Copilot Studio that could be exploited to access sensitive information. Tracked as CVE-2024-38206 (CVSS score: 8.5), the vulnerability has been described as an information disclosure bug stemming from a server-side request forgery (SSRF) attack. "An authenticated attacker can bypass Server-Side Request

North Korean Hackers Deploy New MoonPeak Trojan in Cyber Campaign https://thehackernews.com/2024/08/north-korean-hackers-deploy-new.html A new remote access trojan called MoonPeak has been discovered as being used by a state-sponsored North Korean threat activity cluster as part of a new campaign. Cisco Talos attributed the malicious cyber campaign to a hacking group it tracks as UAT-5394, which it said exhibits some level of tactical overlaps with a known nation-state actor codenamed Kimsuky. MoonPeak, under active development

It's Time To Untangle the SaaS Ball of Yarn https://thehackernews.com/2024/08/its-time-to-untangle-saas-ball-of-yarn.html It's no great revelation to say that SaaS applications have changed the way we operate, both in our personal and professional lives. We routinely rely on cloud-based and remote applications to conduct our basic functions, with the result that the only true perimeter of our networks has become the identities with which we log into these services. Unfortunately – as is so often the case – our

Styx Stealer Creator's OPSEC Fail Leaks Client List and Profit Details https://thehackernews.com/2024/08/styx-stealer-creators-opsec-fail-leaks.html In what's a case of an operational security (OPSEC) lapse, the operator behind a new information stealer called Styx Stealer leaked data from their own computer, including details related to the clients, profit information, nicknames, phone numbers, and email addresses. Styx Stealer, a derivative of the Phemedrone Stealer, is capable of stealing browser data, instant messenger sessions from

New macOS Malware TodoSwift Linked to North Korean Hacking Groups https://thehackernews.com/2024/08/new-macos-malware-todoswift-linked-to.html Cybersecurity researchers have uncovered a new macOS malware strain dubbed TodoSwift that they say exhibits commonalities with known malicious software used by North Korean hacking groups. "This application shares several behaviors with malware we've seen that originated in North Korea (DPRK) — specifically the threat actor known as BlueNoroff — such as KANDYKORN and RustBucket," Kandji security

Be careful what you pwish for – Phishing in PWA applications https://www.welivesecurity.com/en/eset-research/be-careful-what-you-pwish-for-phishing-in-pwa-applications/ ESET analysts dissect a novel phishing method tailored to Android and iOS users

CERT-UA Warns of New Vermin-Linked Phishing Attacks with PoW Bait https://thehackernews.com/2024/08/cert-ua-warns-of-new-vermin-linked.html The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of new phishing attacks that aim to infect devices with malware. The activity has been attributed to a threat cluster it tracks as UAC-0020, which is also known as Vermin. The exact scale and scope of the attacks are presently unknown. The attack chains commence with phishing messages with photos of alleged prisoners of war (

GiveWP WordPress Plugin Vulnerability Puts 100,000+ Websites at Risk https://thehackernews.com/2024/08/givewp-wordpress-plugin-vulnerability.html A maximum-severity security flaw has been disclosed in the WordPress GiveWP donation and fundraising plugin that exposes more than 100,000 websites to remote code execution attacks. The flaw, tracked as CVE-2024-5932 (CVSS score: 10.0), impacts all versions of the plugin prior to version 3.14.2, which was released on August 7, 2024. A security researcher, who goes by the online alias villu164,

Detecting AWS Account Compromise: Key Indicators in CloudTrail Logs for Stolen API Keys https://thehackernews.com/2024/08/detecting-aws-account-compromise-key.html As cloud infrastructure becomes the backbone of modern enterprises, ensuring the security of these environments is paramount. With AWS (Amazon Web Services) still being the dominant cloud it is important for any security professional to know where to look for signs of compromise. AWS CloudTrail stands out as an essential tool for tracking and logging API activity, providing a comprehensive

Czech Mobile Users Targeted in New Banking Credential Theft Scheme https://thehackernews.com/2024/08/czech-mobile-users-targeted-in-new.html Mobile users in the Czech Republic are the target of a novel phishing campaign that leverages a Progressive Web Application (PWA) in an attempt to steal their banking account credentials. The attacks have targeted the Czech-based Československá obchodní banka (CSOB), as well as the Hungarian OTP Bank and the Georgian TBC Bank, according to Slovak cybersecurity company ESET. "The phishing

Hackers Exploit PHP Vulnerability to Deploy Stealthy Msupedge Backdoor https://thehackernews.com/2024/08/hackers-exploit-php-vulnerability-to.html A previously undocumented backdoor named Msupedge has been put to use against a cyber attack targeting an unnamed university in Taiwan. "The most notable feature of this backdoor is that it communicates with a command-and-control (C&C) server via DNS traffic," the Symantec Threat Hunter Team, part of Broadcom, said in a report shared with The Hacker News. The origins of the backdoor are

Anatomy of an Attack https://thehackernews.com/2024/08/anatomy-of-attack.html In today's rapidly evolving cyber threat landscape, organizations face increasingly sophisticated attacks targeting their applications. Understanding these threats and the technologies designed to combat them is crucial. This article delves into the mechanics of a common application attack, using the infamous Log4Shell vulnerability as an example, and demonstrates how Application Detection and

Researchers Uncover TLS Bootstrap Attack on Azure Kubernetes Clusters https://thehackernews.com/2024/08/researchers-uncover-tls-bootstrap.html Cybersecurity researchers have disclosed a security flaw impacting Microsoft Azure Kubernetes Services that, if successfully exploited, could allow an attacker to escalate their privileges and access credentials for services used by the cluster. "An attacker with command execution in a Pod running within an affected Azure Kubernetes Services cluster could download the configuration used to

Iranian Cyber Group TA453 Targets Jewish Leader with New AnvilEcho Malware https://thehackernews.com/2024/08/iranian-cyber-group-ta453-targets.html Iranian state-sponsored threat actors have been observed orchestrating spear-phishing campaigns targeting a prominent Jewish figure starting in late July 2024 with the goal of delivering a new intelligence-gathering tool called AnvilEcho. Enterprise security company Proofpoint is tracking the activity under the name TA453, which overlaps with activity tracked by the broader cybersecurity

Blind Eagle Hackers Exploit Spear-Phishing to Deploy RATs in Latin America https://thehackernews.com/2024/08/blind-eagle-hackers-exploit-spear.html Cybersecurity researchers have shed light on a threat actor known as Blind Eagle that has persistently targeted entities and individuals in Colombia, Ecuador, Chile, Panama, and other Latin American nations. Targets of these attacks span several sectors, including governmental institutions, financial companies, energy and oil and gas companies. "Blind Eagle has demonstrated adaptability in

Thousands of Oracle NetSuite Sites at Risk of Exposing Customer Information https://thehackernews.com/2024/08/thousands-of-oracle-netsuite-sites-at.html Cybersecurity researchers are warning about the discovery of thousands of externally-facing Oracle NetSuite e-commerce sites that have been found susceptible to leaking sensitive customer information. "A potential issue in NetSuite's SuiteCommerce platform could allow attackers to access sensitive data due to misconfigured access controls on custom record types (CRTs)," AppOmni's Aaron Costello

CISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks https://thehackernews.com/2024/08/cisa-warns-of-critical-jenkins.html The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security flaw impacting Jenkins to its Known Exploited Vulnerabilities (KEV) catalog, following its exploitation in ransomware attacks. The vulnerability, tracked as CVE-2024-23897 (CVSS score: 9.8), is a path traversal flaw that could lead to code execution. "Jenkins Command Line Interface (CLI) contains a

TECHZONE™ - Статистика и аналитика Telegram-канала @techzoner