TECHZONE™
Відкрити в Telegram
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
Показати більше593
Підписники
-124 години
-17 днів
-730 день
Архів дописів
594
AceCryptor attacks surge in Europe – Week in security with Tony Anscombe
https://www.welivesecurity.com/en/videos/acecryptor-attacks-europe-week-security-tony-anscombe/
The second half of 2023 saw massive growth in AceCryptor-packed malware spreading in the wild, including courtesy of multiple spam campaigns where AceCryptor packed the Rescoms RAT
594
N. Korea-linked Kimsuky Shifts to Compiled HTML Help Files in Ongoing Cyberattacks
https://thehackernews.com/2024/03/n-korea-linked-kimsuky-shifts-to.html
The North Korea-linked threat actor known as Kimsuky (aka Black Banshee, Emerald Sleet, or Springtail) has been observed shifting its tactics, leveraging Compiled HTML Help (CHM) files as vectors to deliver malware for harvesting sensitive data.
Kimsuky, active since at least 2012, is known to target entities located in South Korea as well as North America, Asia, and Europe.
According
594
German Police Seize 'Nemesis Market' in Major International Darknet Raid
https://thehackernews.com/2024/03/german-police-seize-nemesis-market-in.html
German authorities have announced the takedown of an illicit underground marketplace called Nemesis Market that peddled narcotics, stolen data, and various cybercrime services.
The Federal Criminal Police Office (aka Bundeskriminalamt or BKA) said it seized the digital infrastructure associated with the darknet service located in Germany and Lithuania and confiscated €94,000 ($102,107)
594
Russian Hackers Use 'WINELOADER' Malware to Target German Political Parties
https://thehackernews.com/2024/03/russian-hackers-use-wineloader-malware.html
The WINELOADER backdoor used in recent cyber attacks targeting diplomatic entities with wine-tasting phishing lures has been attributed as the handiwork of a hacking group with links to Russia's Foreign Intelligence Service (SVR), which was responsible for breaching SolarWinds and Microsoft.
The findings come from Mandiant, which said Midnight Blizzard (aka APT29, BlueBravo, or
594
New StrelaStealer Phishing Attacks Hit Over 100 Organizations in E.U. and U.S.
https://thehackernews.com/2024/03/new-strelastealer-phishing-attacks-hit.html
Cybersecurity researchers have detected a new wave of phishing attacks that aim to deliver an ever-evolving information stealer referred to as StrelaStealer.
The campaigns impact more than 100 organizations in the E.U. and the U.S., Palo Alto Networks Unit 42 researchers said in a new report published today.
"These campaigns come in the form of spam emails with attachments that eventually
594
AWS Patches Critical 'FlowFixation' Bug in Airflow Service to Prevent Session Hijacking
https://thehackernews.com/2024/03/aws-patches-critical-flowfixation-bug.html
Cybersecurity researchers have shared details of a now-patched security vulnerability in Amazon Web Services (AWS) Managed Workflows for Apache Airflow (MWAA) that could be potentially exploited by a malicious actor to hijack victims' sessions and achieve remote code execution on underlying instances.
The vulnerability, now addressed by AWS, has been codenamed FlowFixation by Tenable.
594
Implementing Zero Trust Controls for Compliance
https://thehackernews.com/2024/03/implementing-zero-trust-controls-for.html
The ThreatLocker® Zero Trust Endpoint Protection Platform implements a strict deny-by-default, allow-by-exception security posture to give organizations the ability to set policy-based controls within their environment and mitigate countless cyber threats, including zero-days, unseen network footholds, and malware attacks as a direct result of user error.
With the capabilities of the
594
U.S. Justice Department Sues Apple Over Monopoly and Messaging Security
https://thehackernews.com/2024/03/us-justice-department-sues-apple-over.html
The U.S. Department of Justice (DoJ), along with 16 other state and district attorneys general, on Thursday accused Apple of illegally maintaining a monopoly over smartphones, thereby undermining, among others, security and privacy of users when messaging non-iPhone users.
"Apple wraps itself in a cloak of privacy, security, and consumer preferences to justify its anticompetitive
594
Russian Hackers Target Ukrainian Telecoms with Upgraded 'AcidPour' Malware
https://thehackernews.com/2024/03/russian-hackers-target-ukrainian.html
The data wiping malware called AcidPour may have been deployed in attacks targeting four telecom providers in Ukraine, new findings from SentinelOne show.
The cybersecurity firm also confirmed connections between the malware and AcidRain, tying it to threat activity clusters associated with Russian military intelligence.
"AcidPour's expanded capabilities would enable it to better
594
Russia Hackers Using TinyTurla-NG to Breach European NGO's Systems
https://thehackernews.com/2024/03/russia-hackers-using-tinyturla-ng-to.html
The Russia-linked threat actor known as Turla infected several systems belonging to an unnamed European non-governmental organization (NGO) in order to deploy a backdoor called TinyTurla-NG.
"The attackers compromised the first system, established persistence and added exclusions to antivirus products running on these endpoints as part of their preliminary post-compromise actions," Cisco
594
Over 800 npm Packages Found with Discrepancies, 18 Exploitable to 'Manifest Confusion'
https://thehackernews.com/2024/03/over-800-npm-packages-found-with.html
New research has discovered over 800 packages in the npm registry which have discrepancies from their registry entries, out of which 18 have been found to exploit a technique called manifest confusion.
The findings come from cybersecurity firm JFrog, which said the issue could be exploited by threat actors to trick developers into running malicious code.
"It's an actual threat since
594
AndroxGh0st Malware Targets Laravel Apps to Steal Cloud Credentials
https://thehackernews.com/2024/03/androxgh0st-malware-targets-laravel.html
Cybersecurity researchers have shed light on a tool referred to as AndroxGh0st that's used to target Laravel applications and steal sensitive data.
"It works by scanning and taking out important information from .env files, revealing login details linked to AWS and Twilio," Juniper Threat Labs researcher Kashinath T Pattan said.
"Classified as an SMTP cracker, it exploits SMTP
594
How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl
https://thehackernews.com/2024/03/how-to-accelerate-vendor-risk.html
In today's digital-first business environment dominated by SaaS applications, organizations increasingly depend on third-party vendors for essential cloud services and software solutions. As more vendors and services are added to the mix, the complexity and potential vulnerabilities within the SaaS supply chain snowball quickly. That’s why effective vendor risk management (VRM) is a
594
GitHub Launches AI-Powered Autofix Tool to Assist Devs in Patching Security Flaws
https://thehackernews.com/2024/03/github-launches-ai-powered-autofix-tool.html
GitHub on Wednesday announced that it's making available a feature called code scanning autofix in public beta for all Advanced Security customers to provide targeted recommendations in an effort to avoid introducing new security issues.
"Powered by GitHub Copilot and CodeQL, code scanning autofix covers more than 90% of alert types in JavaScript, Typescript, Java, and
594
Making Sense of Operational Technology Attacks: The Past, Present, and Future
https://thehackernews.com/2024/03/making-sense-of-operational-technology.html
When you read reports about cyber-attacks affecting operational technology (OT), it’s easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the
594
U.S. Sanctions Russians Behind 'Doppelganger' Cyber Influence Campaign
https://thehackernews.com/2024/03/us-sanctions-russians-behind.html
The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) on Wednesday announced sanctions against two 46-year-old Russian nationals and the respective companies they own for engaging in cyber influence operations.
Ilya Andreevich Gambashidze (Gambashidze), the founder of the Moscow-based company Social Design Agency (SDA), and Nikolai Aleksandrovich Tupikin (Tupikin), the CEO and
594
Rescoms rides waves of AceCryptor spam
https://www.welivesecurity.com/en/eset-research/rescoms-rides-waves-acecryptor-spam/
Insight into ESET telemetry statistics about AceCryptor in H2 2023 with a focus on Rescoms campaigns in European countries
594
Ivanti Releases Urgent Fix for Critical Sentry RCE Vulnerability
https://thehackernews.com/2024/03/ivanti-releases-urgent-fix-for-critical.html
Ivanti has disclosed details of a critical remote code execution flaw impacting Standalone Sentry, urging customers to apply the fixes immediately to stay protected against potential cyber threats.
Tracked as CVE-2023-41724, the vulnerability carries a CVSS score of 9.6.
"An unauthenticated threat actor can execute arbitrary commands on the underlying operating system of the appliance
594
Atlassian Releases Fixes for Over 2 Dozen Flaws, Including Critical Bamboo Bug
https://thehackernews.com/2024/03/atlassian-releases-fixes-for-over-2.html
Atlassian has released patches for more than two dozen security flaws, including a critical bug impacting Bamboo Data Center and Server that could be exploited without requiring user interaction.
Tracked as CVE-2024-1597, the vulnerability carries a CVSS score of 10.0, indicating maximum severity.
Described as an SQL injection flaw, it's rooted in a dependency called org.postgresql:
594
New 'Loop DoS' Attack Impacts Hundreds of Thousands of Systems
https://thehackernews.com/2024/03/new-loop-dos-attack-impacts-hundreds-of.html
A novel denial-of-service (DoS) attack vector has been found to target application-layer protocols based on User Datagram Protocol (UDP), putting hundreds of thousands of hosts likely at risk.
Called Loop DoS attacks, the approach pairs "servers of these protocols in such a way that they communicate with each other indefinitely," researchers from the CISPA Helmholtz-Center for
