TECHZONE™
Відкрити в Telegram
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
Показати більше595
Підписники
Немає даних24 години
-17 днів
-1030 день
Архів дописів
595
Thousands of BeyondTrust Systems Remain Exposed
https://www.darkreading.com/threat-intelligence/thousands-of-buggy-beyondtrust-systems-still-exposed
595
New HIPAA Cybersecurity Rules Pull No Punches
https://www.darkreading.com/vulnerabilities-threats/hipaa-security-rules-pull-no-punches
595
Treasury Dept. Sanctions Chinese Tech Vendor for Complicity
https://www.darkreading.com/cybersecurity-operations/treasury-department-sanctions-chinese-tech-vendor
595
FBI Deletes PlugX Malware from 4,250 Hacked Computers in Multi-Month Operation
https://thehackernews.com/2025/01/fbi-deletes-plugx-malware-from-4250.html
The U.S. Department of Justice (DoJ) on Tuesday disclosed that a court-authorized operation allowed the Federal Bureau of Investigation (FBI) to delete PlugX malware from over 4,250 infected computers as part of a "multi-month law enforcement operation."
PlugX, also known as Korplug, is a remote access trojan (RAT) widely used by threat actors associated with the People's Republic of China (PRC
595
3 Actively Exploited Zero-Day Flaws Patched in Microsoft's Latest Security Update
https://thehackernews.com/2025/01/3-actively-exploited-zero-day-flaws.html
Microsoft kicked off 2025 with a new set of patches for a total of 161 security vulnerabilities across its software portfolio, including three zero-days that have been actively exploited in attacks.
Of the 161 flaws, 11 are rated Critical, and 149 are rated Important in severity. One other flaw, a non-Microsoft CVE related to a Windows Secure Boot bypass (CVE-2024-7344), has not been assigned
595
Critical SimpleHelp Flaws Allow File Theft, Privilege Escalation, and RCE Attacks
https://thehackernews.com/2025/01/critical-simplehelp-flaws-allow-file.html
Cybersecurity researchers have disclosed multiple security flaws in SimpleHelp remote access software that could lead to information disclosure, privilege escalation, and remote code execution.
Horizon3.ai researcher Naveen Sunkavally, in a technical report detailing the findings, said the "vulnerabilities are trivial to reverse and exploit."
The list of identified flaws is as follows -
595
Microsoft Uncovers macOS Vulnerability CVE-2024-44243 Allowing Rootkit Installation
https://thehackernews.com/2025/01/microsoft-uncovers-macos-vulnerability.html
Microsoft has shed light on a now-patched security flaw impacting Apple macOS that, if successfully exploited, could have allowed an attacker running as "root" to bypass the operating system's System Integrity Protection (SIP) and install malicious kernel drivers by loading third-party kernel extensions.
The vulnerability in question is CVE-2024-44243 (CVSS score: 5.5), a medium-severity bug
595
Google OAuth Vulnerability Exposes Millions via Failed Startup Domains
https://thehackernews.com/2025/01/google-oauth-vulnerability-exposes.html
New research has pulled back the curtain on a "deficiency" in Google's "Sign in with Google" authentication flow that exploits a quirk in domain ownership to gain access to sensitive data.
"Google's OAuth login doesn't protect against someone purchasing a failed startup's domain and using it to re-create email accounts for former employees," Truffle Security co-founder and CEO Dylan Ayrey said
595
4 Reasons Your SaaS Attack Surface Can No Longer be Ignored
https://thehackernews.com/2025/01/4-reasons-your-saas-attack-surface-can.html
What do identity risks, data security risks and third-party risks all have in common? They are all made much worse by SaaS sprawl. Every new SaaS account adds a new identity to secure, a new place where sensitive data can end up, and a new source of third party risk. Learn how you can protect this sprawling attack surface in 2025.
What do identity risks, data security risks and third-party
595
Illicit HuiOne Telegram Market Surpasses Hydra, Hits $24 Billion in Crypto Transactions
https://thehackernews.com/2025/01/illicit-huione-telegram-market.html
The Telegram-based online marketplace known as HuiOne Guarantee and its vendors have cumulatively received at least $24 billion in cryptocurrency, dwarfing the now-defunct Hydra to become the largest online illicit marketplace to have ever operated.
The figures, released by blockchain analytics firm Elliptic, show that monthly inflows have increased by 51% since July 2024.
Huione Guarantee, part
595
Zero-Day Vulnerability Suspected in Attacks on Fortinet Firewalls with Exposed Interfaces
https://thehackernews.com/2025/01/zero-day-vulnerability-suspected-in.html
Threat hunters are calling attention to a new campaign that has targeted Fortinet FortiGate firewall devices with management interfaces exposed on the public internet.
"The campaign involved unauthorized administrative logins on management interfaces of firewalls, creation of new accounts, SSL VPN authentication through those accounts, and various other configuration changes," cybersecurity firm
595
Russian-Linked Hackers Target Kazakhstan in Espionage Campaign with HATVIBE Malware
https://thehackernews.com/2025/01/russian-linked-hackers-target.html
Russia-linked threat actors have been attributed to an ongoing cyber espionage campaign targeting Kazakhstan as part of the Kremlin's efforts to gather economic and political intelligence in Central Asia.
The campaign has been assessed to be the work of an intrusion set dubbed UAC-0063, which likely shares overlap with APT28, a nation-state group affiliated with Russia's General Staff Main
595
CISA Adds Second BeyondTrust Flaw to KEV Catalog Amid Active Attacks
https://thehackernews.com/2025/01/cisa-adds-new-beyondtrust-flaw-to-kev.html
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a second security flaw impacting BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild.
The vulnerability in question is CVE-2024-12686 (CVSS score: 6.6), a medium-severity bug that could
595
Hackers Exploit Aviatrix Controller Vulnerability to Deploy Backdoors and Crypto Miners
https://thehackernews.com/2025/01/hackers-exploit-aviatrix-controller.html
A recently disclosed critical security flaw impacting the Aviatrix Controller cloud networking platform has come under active exploitation in the wild to deploy backdoors and cryptocurrency miners.
Cloud security firm Wiz said it's currently responding to "multiple incidents" involving the weaponization of CVE-2024-50603 (CVSS score: 10.0), a maximum severity bug that could result in
595
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [13 January]
https://thehackernews.com/2025/01/thn-weekly-recap-top-cybersecurity_01424177917.html
The cyber world’s been buzzing this week, and it’s all about staying ahead of the bad guys. From sneaky software bugs to advanced hacking tricks, the risks are real, but so are the ways to protect yourself. In this recap, we’ll break down what’s happening, why it matters, and what you can do to stay secure.
Let’s turn awareness into action and keep one step ahead
595
Ransomware on ESXi: The Mechanization of Virtualized Attacks
https://thehackernews.com/2025/01/ransomware-on-esxi-mechanization-of.html
In 2024, ransomware attacks targeting VMware ESXi servers reached alarming levels, with the average ransom demand skyrocketing to $5 million. With approximately 8,000 ESXi hosts exposed directly to the internet (according to Shodan), the operational and business impact of these attacks is profound.
Most of the Ransomware strands that are attacking ESXi servers nowadays, are variants of the
595
WordPress Skimmers Evade Detection by Injecting Themselves into Database Tables
https://thehackernews.com/2025/01/wordpress-skimmers-evade-detection-by.html
Cybersecurity researchers are warning of a new stealthy credit card skimmer campaign that targets WordPress e-commerce checkout pages by inserting malicious JavaScript code into a database table associated with the content management system (CMS).
"This credit card skimmer malware targeting WordPress websites silently injects malicious JavaScript into database entries to steal sensitive payment
595
Expired Domains Allowed Control Over 4,000 Backdoors on Compromised Systems
https://thehackernews.com/2025/01/expired-domains-allowed-control-over.html
No less than 4,000 unique web backdoors previously deployed by various threat actors have been hijacked by taking control of abandoned and expired infrastructure for as little as $20 per domain.
Cybersecurity company watchTowr Labs said it pulled off the operation by registering over 40 domain names that the backdoors had been designed to use for command-and-control (C2). In partnership with the
595
Microsoft Sues Hacking Group Exploiting Azure AI for Harmful Content Creation
https://thehackernews.com/2025/01/microsoft-sues-hacking-group-exploiting.html
Microsoft has revealed that it's pursuing legal action against a "foreign-based threat–actor group" for operating a hacking-as-a-service infrastructure to intentionally get around the safety controls of its generative artificial intelligence (AI) services and produce offensive and harmful content.
The tech giant's Digital Crimes Unit (DCU) said it has observed the threat actors "develop
595
DoJ Indicts Three Russians for Operating Crypto Mixers Used in Cybercrime Laundering
https://thehackernews.com/2025/01/doj-indicts-three-russians-for.html
The U.S. Department of Justice (DoJ) on Friday indicted three Russian nationals for their alleged involvement in operating the cryptocurrency mixing services Blender.io and Sinbad.io.
Roman Vitalyevich Ostapenko and Alexander Evgenievich Oleynik were arrested on December 1, 2024, in coordination with the Netherlands' Financial Intelligence and Investigative Service, Finland's National Bureau of
Вже доступно! Дослідження Telegram за 2025 — головні інсайти року 
