TECHZONE™
Открыть в Telegram
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
Больше595
Подписчики
-124 часа
Нет данных7 дней
-930 день
Архив постов
595
Meta Settles for $1.4 Billion with Texas Over Illegal Biometric Data Collection
https://thehackernews.com/2024/07/meta-settles-for-14-billion-with-texas.html
Meta, the parent company of Facebook, Instagram, and WhatsApp, agreed to a record $1.4 billion settlement with the U.S. state of Texas over allegations that it illegally collected biometric data of millions of users without their permission, marking one of the largest penalties levied by regulators against the tech giant.
"This historic settlement demonstrates our commitment to standing up to
595
Phishing targeting Polish SMBs continues via ModiLoader
https://www.welivesecurity.com/en/eset-research/phishing-targeting-polish-smbs-continues-modiloader/
ESET researchers detected multiple, widespread phishing campaigns targeting SMBs in Poland during May 2024, distributing various malware families
595
New Mandrake Spyware Found in Google Play Store Apps After Two Years
https://thehackernews.com/2024/07/new-mandrake-spyware-found-in-google.html
A new iteration of a sophisticated Android spyware called Mandrake has been discovered in five applications that were available for download from the Google Play Store and remained undetected for two years.
The applications attracted a total of more than 32,000 installations before being pulled from the app storefront, Kaspersky said in a Monday write-up. A majority of the downloads originated
595
The Power and Peril of RMM Tools
https://thehackernews.com/2024/07/the-power-and-peril-of-rmm-tools.html
As more people work remotely, IT departments must manage devices distributed over different cities and countries relying on VPNs and remote monitoring and management (RMM) tools for system administration.
However, like any new technology, RMM tools can also be used maliciously. Threat actors can establish connections to a victim's device and run commands, exfiltrate data, and stay
595
Cybercriminals Target Polish Businesses with Agent Tesla and Formbook Malware
https://thehackernews.com/2024/07/cybercriminals-target-polish-businesses.html
Cybersecurity researchers have detailed widespread phishing campaigns targeting small and medium-sized businesses (SMBs) in Poland during May 2024 that led to the deployment of several malware families like Agent Tesla, Formbook, and Remcos RAT.
Some of the other regions targeted by the campaigns include Italy and Romania, according to cybersecurity firm ESET.
"Attackers used previously
595
Cyber Threat Intelligence: Illuminating the Deep, Dark Cybercriminal Underground
https://thehackernews.com/2024/07/cyber-threat-intelligence-illuminating.html
Learn about critical threats that can impact your organization and the bad actors behind them from Cybersixgill’s threat experts. Each story shines a light on underground activities, the threat actors involved, and why you should care, along with what you can do to mitigate risk.
The deep and dark web, otherwise known as the cybercriminal underground, is where malicious actors gather to
595
New SideWinder Cyber Attacks Target Maritime Facilities in Multiple Countries
https://thehackernews.com/2024/07/new-sidewinder-cyber-attacks-target.html
The nation-state threat actor known as SideWinder has been attributed to a new cyber espionage campaign targeting ports and maritime facilities in the Indian Ocean and Mediterranean Sea.
The BlackBerry Research and Intelligence Team, which discovered the activity, said targets of the spear-phishing campaign include countries like Pakistan, Egypt, Sri Lanka, Bangladesh, Myanmar, Nepal, and the
595
Beware of fake AI tools masking very real malware threats
https://www.welivesecurity.com/en/cybersecurity/beware-fake-ai-tools-masking-very-real-malware-threat/
Ever attuned to the latest trends, cybercriminals distribute malicious tools that pose as ChatGPT, Midjourney and other generative AI assistants
595
OneDrive Phishing Scam Tricks Users into Running Malicious PowerShell Script
https://thehackernews.com/2024/07/onedrive-phishing-scam-tricks-users.html
Cybersecurity researchers are warning about a new phishing campaign that targets Microsoft OneDrive users with the aim of executing a malicious PowerShell script.
"This campaign heavily relies on social engineering tactics to deceive users into executing a PowerShell script, thereby compromising their systems," Trellix security researcher Rafael Pena said in a Monday analysis.
The cybersecurity
595
VMware ESXi Flaw Exploited by Ransomware Groups for Admin Access
https://thehackernews.com/2024/07/vmware-esxi-flaw-exploited-by.html
A recently patched security flaw impacting VMware ESXi hypervisors has been actively exploited by "several" ransomware groups to gain elevated permissions and deploy file-encrypting malware.
The attacks involve the exploitation of CVE-2024-37085 (CVSS score: 6.8), an Active Directory integration authentication bypass that allows an attacker to obtain administrative access to the host.
"A
595
Critical Flaw in Acronis Cyber Infrastructure Exploited in the Wild
https://thehackernews.com/2024/07/critical-flaw-in-acronis-cyber.html
Cybersecurity company Acronis is warning that a now-patched critical security flaw impacting its Cyber Infrastructure (ACI) product has been exploited in the wild.
The vulnerability, tracked as CVE-2023-45249 (CVSS score: 9.8), concerns a case of remote code execution that stems from the use of default passwords.
The flaw impacts the following versions of Acronis Cyber Infrastructure (ACI) -
&
595
Proofpoint Email Routing Flaw Exploited to Send Millions of Spoofed Phishing Emails
https://thehackernews.com/2024/07/proofpoint-email-routing-flaw-exploited.html
An unknown threat actor has been linked to a massive scam campaign that exploited an email routing misconfiguration in email security vendor Proofpoint's defenses to send millions of messages spoofing various legitimate companies.
"These emails echoed from official Proofpoint email relays with authenticated SPF and DKIM signatures, thus bypassing major security protections — all to deceive
595
How Searchable Encryption Changes the Data Security Game
https://thehackernews.com/2024/07/how-searchable-encryption-changes-data.html
Searchable Encryption has long been a mystery. An oxymoron. An unattainable dream of cybersecurity professionals everywhere.
Organizations know they must encrypt their most valuable, sensitive data to prevent data theft and breaches. They also understand that organizational data exists to be used. To be searched, viewed, and modified to keep businesses running. Unfortunately, our Network and
595
'Stargazer Goblin' Creates 3,000 Fake GitHub Accounts for Malware Spread
https://thehackernews.com/2024/07/stargazer-goblin-creates-3000-fake.html
A threat actor known as Stargazer Goblin has set up a network of inauthentic GitHub accounts to fuel a Distribution-as-a-Service (DaaS) that propagates a variety of information-stealing malware and netting them $100,000 in illicit profits over the past year.
The network, which comprises over 3,000 accounts on the cloud-based code hosting platform, spans thousands of repositories that are used to
595
Gh0st RAT Trojan Targets Chinese Windows Users via Fake Chrome Site
https://thehackernews.com/2024/07/gh0st-rat-trojan-targets-chinese.html
The remote access trojan known as Gh0st RAT has been observed being delivered by an "evasive dropper" called Gh0stGambit as part of a drive-by download scheme targeting Chinese-speaking Windows users.
These infections stem from a fake website ("chrome-web[.]com") serving malicious installer packages masquerading as Google's Chrome browser, indicating that users searching for the software on the
595
Telegram for Android hit by a zero-day exploit – Week in security with Tony Anscombe
https://www.welivesecurity.com/en/videos/telegram-android-hit-zero-day-exploit-week-security-tony-anscombe/
Attackers abusing the "EvilVideo" vulnerability could share malicious Android payloads via Telegram channels, groups, and chats, all while making them appear as legitimate multimedia files
595
French Authorities Launch Operation to Remove PlugX Malware from Infected Systems
https://thehackernews.com/2024/07/french-authorities-launch-operation-to.html
French judicial authorities, in collaboration with Europol, have launched a so-called "disinfection operation" to rid compromised hosts of a known malware called PlugX.
The Paris Prosecutor's Office, Parquet de Paris, said the initiative was launched on July 18 and that it's expected to continue for "several months."
It further said around a hundred victims located in France, Malta, Portugal,
595
Malicious PyPI Package Targets macOS to Steal Google Cloud Credentials
https://thehackernews.com/2024/07/malicious-pypi-package-targets-macos-to.html
Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that targets Apple macOS systems with the goal of stealing users' Google Cloud credentials from a narrow pool of victims.
The package, named "lr-utils-lib," attracted a total of 59 downloads before it was taken down. It was uploaded to the registry in early June 2024.
"The malware uses a
595
This AI-Powered Cybercrime Service Bundles Phishing Kits with Malicious Android Apps
https://thehackernews.com/2024/07/spanish-hackers-bundle-phishing-kits.html
A Spanish-speaking cybercrime group named GXC Team has been observed bundling phishing kits with malicious Android applications, taking malware-as-a-service (MaaS) offerings to the next level.
Singaporean cybersecurity company Group-IB, which has been tracking the e-crime actor since January 2023, described the crimeware solution as a "sophisticated AI-powered phishing-as-a-service platform"
595
Offensive AI: The Sine Qua Non of Cybersecurity
https://thehackernews.com/2024/07/offensive-ai-sine-qua-non-of.html
"Peace is the virtue of civilization. War is its crime. Yet it is often in the furnace of war that the sharpest tools of peace are forged." - Victor Hugo.
In 1971, an unsettling message started appearing on several computers that comprised ARPANET, the precursor to what we now know as the Internet. The message, which read "I'm the Creeper: catch me if you can." was the output of a program named
