TECHZONE™
Открыть в Telegram
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
Больше594
Подписчики
Нет данных24 часа
Нет данных7 дней
-630 день
Архив постов
594
To the Moon and back(doors): Lunar landing in diplomatic missions
https://www.welivesecurity.com/en/eset-research/moon-backdoors-lunar-landing-diplomatic-missions/
ESET researchers provide technical analysis of the Lunar toolset, likely used by the Turla APT group, that infiltrated a European ministry of foreign affairs
594
Researchers Uncover 11 Security Flaws in GE HealthCare Ultrasound Machines
https://thehackernews.com/2024/05/researchers-uncover-11-security-flaws.html
Security researchers have disclosed almost a dozen security flaws impacting the GE HealthCare Vivid Ultrasound product family that could be exploited by malicious actors to tamper with patient data and even install ransomware under certain circumstances.
"The impacts enabled by these flaws are manifold: from the implant of ransomware on the ultrasound machine to the access and manipulation of
594
Cybercriminals Exploiting Microsoft’s Quick Assist Feature in Ransomware Attacks
https://thehackernews.com/2024/05/cybercriminals-exploiting-microsofts.html
The Microsoft Threat Intelligence team said it has observed a threat it tracks under the name Storm-1811 abusing the client management tool Quick Assist to target users in social engineering attacks.
"Storm-1811 is a financially motivated cybercriminal group known to deploy Black Basta ransomware," the company said in a report published on May 15, 2024.
The
594
Google Patches Yet Another Actively Exploited Chrome Zero-Day Vulnerability
https://thehackernews.com/2024/05/google-patches-yet-another-actively.html
Google has rolled out fixes to address a set of nine security issues in its Chrome browser, including a new zero-day that has been exploited in the wild.
Assigned the CVE identifier CVE-2024-4947, the vulnerability relates to a type confusion bug in the V8 JavaScript and WebAssembly engine. It was reported by Kaspersky researchers Vasily Berdnikov and Boris
594
FBI Seizes BreachForums Again, Urges Users to Report Criminal Activity
https://thehackernews.com/2024/05/fbi-seizes-breachforums-again-urges.html
Law enforcement agencies have officially seized control of the notorious BreachForums platform, an online bazaar known for peddling stolen data, for the second time within a year.
The website ("breachforums[.]st") has been replaced by a seizure banner stating the clearnet cybercrime forum is under the control of the Federal Bureau of Investigation (FBI).
The operation is the
594
Android 15 Rolls Out Advanced Features to Protect Users from Scams and Malicious Apps
https://thehackernews.com/2024/05/android-15-introduces-new-features-to.html
Google is unveiling a set of new features in Android 15 to prevent malicious apps installed on the device from capturing sensitive data.
This constitutes an update to the Play Integrity API that third-party app developers can take advantage of to secure their applications against malware.
"Developers can check if there are other apps running that could be capturing the screen, creating
594
Google Launches AI-Powered Theft and Data Protection Features for Android Devices
https://thehackernews.com/2024/05/google-adds-ai-powered-theft-protection.html
Google has announced a slew of privacy and security features in Android, including a suite of advanced protection features to help secure users' devices and data in the event of a theft.
These features aim to help protect data before, during and after a theft attempt, the tech giant said, adding they are expected to be available via an update to Google Play services for devices running
594
Turla Group Deploys LunarWeb and LunarMail Backdoors in Diplomatic Missions
https://thehackernews.com/2024/05/turla-group-deploys-lunarweb-and.html
An unnamed European Ministry of Foreign Affairs (MFA) and its three diplomatic missions in the Middle East were targeted by two previously undocumented backdoors tracked as LunarWeb and LunarMail.
ESET, which identified the activity, attributed it with medium confidence to the Russia-aligned cyberespionage group Turla (aka Iron Hunter, Pensive Ursa, Secret Blizzard, Snake, Uroburos, and Venomous
594
(Cyber) Risk = Probability of Occurrence x Damage
https://thehackernews.com/2024/05/get-cyber-resilient-with-cvss.html
Here’s How to Enhance Your Cyber Resilience with CVSS
In late 2023, the Common Vulnerability Scoring System (CVSS) v4.0 was unveiled, succeeding the eight-year-old CVSS v3.0, with the aim to enhance vulnerability assessment for both industry and the public. This latest version introduces additional metrics like safety and automation to address criticism of lacking granularity
594
Ebury Botnet Malware Compromises 400,000 Linux Servers Over Past 14 Years
https://thehackernews.com/2024/05/ebury-botnet-malware-compromises-400000.html
A malware botnet called Ebury is estimated to have compromised 400,000 Linux servers since 2009, out of which more than 100,000 were still compromised as of late 2023.
The findings come from Slovak cybersecurity firm ESET, which characterized it as one of the most advanced server-side malware campaigns for financial gain.
"Ebury actors have been pursuing monetization activities [...],
594
It's Time to Master the Lift & Shift: Migrating from VMware vSphere to Microsoft Azure
https://thehackernews.com/2024/05/its-time-to-master-lift-shift-migrating.html
While cloud adoption has been top of mind for many IT professionals for nearly a decade, it’s only in recent months, with industry changes and announcements from key players, that many recognize the time to make the move is now. It may feel like a daunting task, but tools exist to help you move your virtual machines (VMs) to a public cloud provider – like Microsoft Azure
594
Dutch Court Sentences Tornado Cash Co-Founder to 5 Years in Prison for Money Laundering
https://thehackernews.com/2024/05/dutch-court-sentences-tornado-cash-co.html
A Dutch court on Tuesday sentenced one of the co-founders of the now-sanctioned Tornado Cash cryptocurrency mixer service to 5 years and 4 months in prison.
While the name of the defendant was redacted in the verdict, it's known that Alexey Pertsev, a 31-year-old Russian national, has been awaiting trial in the Netherlands on money laundering charges.
594
Microsoft Patches 61 Flaws, Including Two Actively Exploited Zero-Days
https://thehackernews.com/2024/05/microsoft-patches-61-flaws-including.html
Microsoft has addressed a total of 61 new security flaws in its software as part of its Patch Tuesday updates for May 2024, including two zero-days which have been actively exploited in the wild.
Of the 61 flaws, one is rated Critical, 59 are rated Important, and one is rated Moderate in severity. This is in addition to 30 vulnerabilities&
594
Ebury is alive but unseen: 400k Linux servers compromised for cryptocurrency theft and financial gain
https://www.welivesecurity.com/en/eset-research/ebury-alive-unseen-400k-linux-servers-compromised-cryptotheft-financial-gain/
One of the most advanced server-side malware campaigns is still growing, with hundreds of thousands of compromised servers, and it has diversified to include credit card and cryptocurrency theft
594
ESET APT Activity Report Q4 2023–Q1 2024
https://www.welivesecurity.com/en/eset-research/eset-apt-activity-report-q4-2023-q1-2024/
An overview of the activities of selected APT groups investigated and analyzed by ESET Research in Q4 2023 and Q1 2024
594
VMware Patches Severe Security Flaws in Workstation and Fusion Products
https://thehackernews.com/2024/05/vmware-patches-severe-security-flaws-in.html
Multiple security flaws have been disclosed in VMware Workstation and Fusion products that could be exploited by threat actors to access sensitive information, trigger a denial-of-service (DoS) condition, and execute code under certain circumstances.
The four vulnerabilities impact Workstation versions 17.x and Fusion versions 13.x, with fixes available in version 17.5.2 and
594
New Chrome Zero-Day Vulnerability CVE-2024-4761 Under Active Exploitation
https://thehackernews.com/2024/05/new-chrome-zero-day-vulnerability-cve.html
Google on Monday shipped emergency fixes to address a new zero-day flaw in the Chrome web browser that has come under active exploitation in the wild.
The high-severity vulnerability, tracked as CVE-2024-4761, is an out-of-bounds write bug impacting the V8 JavaScript and WebAssembly engine. It was reported anonymously on May 9, 2024.
Out-of-bounds write bugs could be typically
594
Critical Flaws in Cacti Framework Could Let Attackers Execute Malicious Code
https://thehackernews.com/2024/05/critical-flaws-in-cacti-framework-could.html
The maintainers of the Cacti open-source network monitoring and fault management framework have addressed a dozen security flaws, including two critical issues that could lead to the execution of arbitrary code.
The most severe of the vulnerabilities are listed below -
CVE-2024-25641 (CVSS score: 9.1) - An arbitrary file write vulnerability in the "Package Import" feature that
594
6 Mistakes Organizations Make When Deploying Advanced Authentication
https://thehackernews.com/2024/05/6-mistakes-organizations-make-when.html
Deploying advanced authentication measures is key to helping organizations address their weakest cybersecurity link: their human users. Having some form of 2-factor authentication in place is a great start, but many organizations may not yet be in that spot or have the needed level of authentication sophistication to adequately safeguard organizational data. When deploying
594
Ongoing Campaign Bombarded Enterprises with Spam Emails and Phone Calls
https://thehackernews.com/2024/05/ongoing-campaign-bombarded-enterprises.html
Cybersecurity researchers have uncovered an ongoing social engineering campaign that bombards enterprises with spam emails with the goal of obtaining initial access to their environments for follow-on exploitation.
"The incident involves a threat actor overwhelming a user's email with junk and calling the user, offering assistance," Rapid7 researchers Tyler McGraw, Thomas Elkins, and
