uk
Feedback
TECHZONE™

TECHZONE™

Відкрити в Telegram

TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news

Показати більше
596
Підписники
Немає даних24 години
Немає даних7 днів
-930 день
Архів дописів
U.S. Seizes 32 Pro-Russian Propaganda Domains in Major Disinformation Crackdown https://thehackernews.com/2024/09/us-seizes-32-pro-russian-propaganda.html The U.S. Department of Justice (DoJ) on Wednesday announced the seizure of 32 internet domains used by a pro-Russian propaganda operation called Doppelganger as part of a sweeping set of actions. Accusing the Russian government-directed foreign malign influence campaign of violating U.S. money laundering and criminal trademark laws, the agency called out companies Social Design Agency (SDA),

NIST Cybersecurity Framework (CSF) and CTEM – Better Together https://thehackernews.com/2024/09/nist-cybersecurity-framework-csf-and.html It’s been a decade since the National Institute of Standards and Technology (NIST) introduced its Cybersecurity Framework (CSF) 1.0. Created following a 2013 Executive Order, NIST was tasked with designing a voluntary cybersecurity framework that would help organizations manage cyber risk, providing guidance based on established standards and best practices. While this version was originally

Malware Attackers Using MacroPack to Deliver Havoc, Brute Ratel, and PhantomCore https://thehackernews.com/2024/09/malware-attackers-using-macropack-to.html Threat actors are likely employing a tool designated for red teaming exercises to serve malware, according to new findings from Cisco Talos. The program in question is a payload generation framework called MacroPack, which is used to generate Office documents, Visual Basic scripts, Windows shortcuts, and other formats for penetration testing and social engineering assessments. It was developed

New Cross-Platform Malware KTLVdoor Discovered in Attack on Chinese Trading Firm https://thehackernews.com/2024/09/new-cross-platform-malware-ktlvdoor.html The Chinese-speaking threat actor known as Earth Lusca has been observed using a new backdoor dubbed KTLVdoor as part of a cyber attack targeting an unnamed trading company based in China. The previously unreported malware is written in Golang, and thus is a cross-platform weapon capable of targeting both Microsoft Windows and Linux systems. "KTLVdoor is a highly obfuscated malware that

Cisco Fixes Two Critical Flaws in Smart Licensing Utility to Prevent Remote Attacks https://thehackernews.com/2024/09/cisco-fixes-two-critical-flaws-in-smart.html Cisco has released security updates for two critical security flaws impacting its Smart Licensing Utility that could allow unauthenticated, remote attackers to elevate their privileges or access sensitive information. A brief description of the two vulnerabilities is below - CVE-2024-20439 (CVSS score: 9.8) - The presence of an undocumented static user credential for an administrative account

In plain sight: Malicious ads hiding in search results https://www.welivesecurity.com/en/malware/in-plain-sight-malicious-ads-hiding-in-search-results/ Sometimes there’s more than just an enticing product offer hiding behind an ad

North Korean Hackers Targets Job Seekers with Fake FreeConference App https://thehackernews.com/2024/09/north-korean-hackers-targets-job.html North Korean threat actors have leveraged a fake Windows video conferencing application impersonating FreeConference.com to backdoor developer systems as part of an ongoing financially-driven campaign dubbed Contagious Interview. The new attack wave, spotted by Singaporean company Group-IB in mid-August 2024, is yet another indication that the activity is also leveraging native installers for

Android Users Urged to Install Latest Security Updates to Fix Actively Exploited Flaw https://thehackernews.com/2024/09/google-confirms-cve-2024-32896.html Google has released its monthly security updates for the Android operating system to address a known security flaw that it said has come under active exploitation in the wild. The high-severity vulnerability, tracked as CVE-2024-32896 (CVSS score: 7.8), relates to a case of privilege escalation in the Android Framework component. According to the description of the bug in the NIST National

Hackers Hijack 22,000 Removed PyPI Packages, Spreading Malicious Code to Developers https://thehackernews.com/2024/09/hackers-hijack-22000-removed-pypi.html A new supply chain attack technique targeting the Python Package Index (PyPI) registry has been exploited in the wild in an attempt to infiltrate downstream organizations. It has been codenamed Revival Hijack by software supply chain security firm JFrog, which said the attack method could be used to hijack 22,000 existing PyPI packages and result in "hundreds of thousands" of malicious package

Zyxel Patches Critical OS Command Injection Flaw in Access Points and Routers https://thehackernews.com/2024/09/zyxel-patches-critical-os-command.html Zyxel has released software updates to address a critical security flaw impacting certain access point (AP) and security router versions that could result in the execution of unauthorized commands. Tracked as CVE-2024-7261 (CVSS score: 9.8), the vulnerability has been described as a case of operating system (OS) command injection. "The improper neutralization of special elements in the

The New Effective Way to Prevent Account Takeovers https://thehackernews.com/2024/09/the-new-effective-way-to-prevent.html Account takeover attacks have emerged as one of the most persistent and damaging threats to cloud-based SaaS environments. Yet despite significant investments in traditional security measures, many organizations continue to struggle with preventing these attacks. A new report, "Why Account Takeover Attacks Still Succeed, and Why the Browser is Your Secret Weapon in Stopping Them" argues that the

Clearview AI Faces €30.5M Fine for Building Illegal Facial Recognition Database https://thehackernews.com/2024/09/clearview-ai-faces-305m-fine-for.html The Dutch Data Protection Authority (Dutch DPA) has imposed a fine of €30.5 million ($33.7 million) against facial recognition firm Clearview AI for violating the General Data Protection Regulation (GDPR) in the European Union (E.U.) by building an "illegal database with billions of photos of faces," including those of Dutch citizens. "Facial recognition is a highly intrusive technology that you

Hackers Use Fake GlobalProtect VPN Software in New WikiLoader Malware Attack https://thehackernews.com/2024/09/hackers-use-fake-globalprotect-vpn.html A new malware campaign is spoofing Palo Alto Networks' GlobalProtect VPN software to deliver a variant of the WikiLoader (aka WailingCrab) loader by means of a search engine optimization (SEO) campaign. The malvertising activity, observed in June 2024, is a departure from previously observed tactics wherein the malware has been propagated via traditional phishing emails, Unit 42 researchers

Hacktivists Exploits WinRAR Vulnerability in Attacks Against Russia and Belarus https://thehackernews.com/2024/09/hacktivists-exploits-winrar.html A hacktivist group known as Head Mare has been linked to cyber attacks that exclusively target organizations located in Russia and Belarus. "Head Mare uses more up-to-date methods for obtaining initial access," Kaspersky said in a Monday analysis of the group's tactics and tools. "For instance, the attackers took advantage of the relatively recent CVE-2023-38831 vulnerability in WinRAR, which

New Rust-Based Ransomware Cicada3301 Targets Windows and Linux Systems https://thehackernews.com/2024/09/new-rust-based-ransomware-cicada3301.html Cybersecurity researchers have unpacked the inner workings of a new ransomware variant called Cicada3301 that shares similarities with the now-defunct BlackCat (aka ALPHV) operation. "It appears that Cicada3301 ransomware primarily targets small to medium-sized businesses (SMBs), likely through opportunistic attacks that exploit vulnerabilities as the initial access vector," cybersecurity

Rocinante Trojan Poses as Banking Apps to Steal Sensitive Data from Brazilian Android Users https://thehackernews.com/2024/09/rocinante-trojan-poses-as-banking-apps.html Mobile users in Brazil are the target of a new malware campaign that delivers a new Android banking trojan named Rocinante. "This malware family is capable of performing keylogging using the Accessibility Service, and is also able to steal PII from its victims using phishing screens posing as different banks," Dutch security company ThreatFabric said. "Finally, it can use all this exfiltrated

Secrets Exposed: Why Your CISO Should Worry About Slack https://thehackernews.com/2024/09/secrets-exposed-why-your-ciso-should.html In the digital realm, secrets (API keys, private keys, username and password combos, etc.) are the keys to the kingdom. But what if those keys were accidentally left out in the open in the very tools we use to collaborate every day? A Single Secret Can Wreak Havoc Imagine this: It's a typical Tuesday in June 2024. Your dev team is knee-deep in sprints, Jira tickets are flying, and Slack is

New Flaws in Microsoft macOS Apps Could Allow Hackers to Gain Unrestricted Access https://thehackernews.com/2024/09/new-flaws-in-microsoft-macos-apps-could.html Eight vulnerabilities have been uncovered in Microsoft applications for macOS that an adversary could exploit to gain elevated privileges or access sensitive data by circumventing the operating system's permissions-based model, which revolves around the Transparency, Consent, and Control (TCC) framework. "If successful, the adversary could gain any privileges already granted to the affected

Ex-Engineer Charged in Missouri for Failed $750,000 Bitcoin Extortion Attempt https://thehackernews.com/2024/09/ex-engineer-charged-in-missouri-for.html A 57-year-old man from the U.S. state of Missouri has been arrested in connection with a failed data extortion campaign that targeted his former employer. Daniel Rhyne of Kansas City, Missouri, has been charged with one count of extortion in relation to a threat to cause damage to a protected computer, one count of intentional damage to a protected computer, and one count of wire fraud. He was

RansomHub Ransomware Group Targets 210 Victims Across Critical Sectors https://thehackernews.com/2024/09/ransomhub-ransomware-group-targets-210.html Threat actors linked to the RansomHub ransomware group encrypted and exfiltrated data from at least 210 victims since its inception in February 2024, the U.S. government said. The victims span various sectors, including water and wastewater, information technology, government services and facilities, healthcare and public health, emergency services, food and agriculture, financial services,