TECHZONE™
Відкрити в Telegram
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
Показати більше593
Підписники
-124 години
-27 днів
-830 день
Архів дописів
593
FBI's Most-Wanted Zeus and IcedID Malware Mastermind Pleads Guilty
https://thehackernews.com/2024/02/fbis-most-wanted-zeus-and-icedid.html
A Ukrainian national has pleaded guilty in the U.S. to his role in two different malware schemes, Zeus and IcedID, between May 2009 and February 2021.
Vyacheslav Igorevich Penchukov (aka Vyacheslav Igoravich Andreev, father, and tank), 37, was arrested by Swiss authorities in October 2022 and extradited to the U.S. last year. He was added to the FBI's most-wanted list in 2012.
The U.S.
593
How Businesses Can Safeguard Their Communication Channels Against Hackers
https://thehackernews.com/2024/02/how-businesses-can-safeguard-their.html
Efficient communication is a cornerstone of business success. Internally, making sure your team communicates seamlessly helps you avoid friction losses, misunderstandings, delays, and overlaps. Externally, frustration-free customer communication is directly correlated to a positive customer experience and higher satisfaction.
However, business communication channels are also a major target
593
Google Open Sources Magika: AI-Powered File Identification Tool
https://thehackernews.com/2024/02/google-open-sources-magika-ai-powered.html
Google has announced that it's open-sourcing Magika, an artificial intelligence (AI)-powered tool to identify file types, to help defenders accurately detect binary and textual file types.
"Magika outperforms conventional file identification methods providing an overall 30% accuracy boost and up to 95% higher precision on traditionally hard to identify, but potentially problematic content
593
Cyber-insurance and vulnerability scanning – Week in security with Tony Anscombe
https://www.welivesecurity.com/en/videos/cyber-insurance-and-vulnerability-scanning-week-security-tony-anscombe/
Here's how the results of vulnerability scans factor into decisions on cyber-insurance and how human intelligence comes into play in the assessment of such digital signals
593
CISA Warning: Akira Ransomware Exploiting Cisco ASA/FTD Vulnerability
https://thehackernews.com/2024/02/cisa-warning-akira-ransomware.html
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a now-patched security flaw impacting Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software to its Known Exploited Vulnerabilities (KEV) catalog, following reports that it's being likely exploited in Akira ransomware attacks.
The vulnerability in question is
593
RustDoor macOS Backdoor Targets Cryptocurrency Firms with Fake Job Offers
https://thehackernews.com/2024/02/rustdoor-macos-backdoor-targets.html
Multiple companies operating in the cryptocurrency sector are the target of an ongoing malware campaign that involves a newly discovered Apple macOS backdoor codenamed RustDoor.
RustDoor was first documented by Bitdefender last week, describing it as a Rust-based malware capable of harvesting and uploading files, as well as gathering information about the infected machines. It's
593
Why We Must Democratize Cybersecurity
https://thehackernews.com/2024/02/why-we-must-democratize-cybersecurity.html
With breaches making the headlines on an almost weekly basis, the cybersecurity challenges we face are becoming visible not only to large enterprises, who have built security capabilities over the years, but also to small to medium businesses and the broader public. While this is creating greater awareness among smaller businesses of the need to improve their security posture, SMBs are often
593
Malicious 'SNS Sender' Script Abuses AWS for Bulk Smishing Attacks
https://thehackernews.com/2024/02/malicious-sns-sender-script-abuses-aws.html
A malicious Python script known as SNS Sender is being advertised as a way for threat actors to send bulk smishing messages by abusing Amazon Web Services (AWS) Simple Notification Service (SNS).
The SMS phishing messages are designed to propagate malicious links that are designed to capture victims' personally identifiable information (PII) and payment card details, SentinelOne
593
All eyes on AI | Unlocked 403: A cybersecurity podcast
https://www.welivesecurity.com/en/videos/ai-unlocked-403-cybersecurity-podcast/
Artificial intelligence is on everybody’s lips these days, but there are also many misconceptions about what AI actually is and isn’t. We unpack the basics and examine AI's broader implications.
593
U.S. State Government Network Breached via Former Employee's Account
https://thehackernews.com/2024/02/us-state-government-network-breached.html
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has revealed that an unnamed state government organization's network environment was compromised via an administrator account belonging to a former employee.
"This allowed the threat actor to successfully authenticate to an internal virtual private network (VPN) access point," the agency said in a joint advisory published
593
U.S. Government Disrupts Russian-Linked Botnet Engaged in Cyber Espionage
https://thehackernews.com/2024/02/us-government-disrupts-russian-linked.html
The U.S. government on Thursday said it disrupted a botnet comprising hundreds of small office and home office (SOHO) routers in the country that was put to use by the Russia-linked APT28 actor to conceal its malicious activities.
"These crimes included vast spear-phishing and similar credential harvesting campaigns against targets of intelligence interest to the Russian government, such as U.S.
593
Russian Turla Hackers Target Polish NGOs with New TinyTurla-NG Backdoor
https://thehackernews.com/2024/02/russian-turla-hackers-target-polish.html
The Russia-linked threat actor known as Turla has been observed using a new backdoor called TinyTurla-NG as part of a three-month-long campaign targeting Polish non-governmental organizations in December 2023.
"TinyTurla-NG, just like TinyTurla, is a small 'last chance' backdoor that is left behind to be used when all other unauthorized access/backdoor mechanisms have failed or been
593
Ivanti Pulse Secure Found Using 11-Year-Old Linux Version and Outdated Libraries
https://thehackernews.com/2024/02/ivanti-pulse-secure-found-using-11-year.html
A reverse engineering of the firmware running on Ivanti Pulse Secure appliances has revealed numerous weaknesses, once again underscoring the challenge of securing software supply chains.
Eclypsiusm, which acquired firmware version 9.1.18.2-24467.1 as part of the process, said the base operating system used by the Utah-based software company for the device is CentOS 6.4.
"Pulse Secure runs an
593
The art of digital sleuthing: How digital forensics unlocks the truth
https://www.welivesecurity.com/en/cybersecurity/digital-forensics-unlocks-truth/
Learn how the cyber variety of CSI works, from sizing up the crime scene and hunting for clues to piecing together the story that the data has to tell
593
How Nation-State Actors Target Your Business: New Research Exposes Major SaaS Vulnerabilities
https://thehackernews.com/2024/02/how-nation-state-actors-target-your.html
With many of the highly publicized 2023 cyber attacks revolving around one or more SaaS applications, SaaS has become a cause for genuine concern in many boardroom discussions. More so than ever, considering that GenAI applications are, in fact, SaaS applications.
Wing Security (Wing), a SaaS security company, conducted an analysis of 493 SaaS-using companies in Q4 of 2023. Their study
593
Chinese Hackers Using Deepfakes in Advanced Mobile Banking Malware Attacks
https://thehackernews.com/2024/02/chinese-hackers-using-deepfakes-in.html
A Chinese-speaking threat actor codenamed GoldFactory has been attributed to the development of highly sophisticated banking trojans, including a previously undocumented iOS malware called GoldPickaxe that's capable of harvesting identity documents, facial recognition data, and intercepting SMS.
"The GoldPickaxe family is available for both iOS and Android platforms,"
593
Critical Exchange Server Flaw (CVE-2024-21410) Under Active Exploitation
https://thehackernews.com/2024/02/critical-exchange-server-flaw-cve-2024.html
Microsoft on Wednesday acknowledged that a newly disclosed critical security flaw in Exchange Server has been actively exploited in the wild, a day after it released fixes for the vulnerability as part of its Patch Tuesday updates.
Tracked as CVE-2024-21410 (CVSS score: 9.8), the issue has been described as a case of privilege escalation impacting the Exchange Server.
"An attacker
593
Microsoft, OpenAI Warn of Nation-State Hackers Weaponizing AI for Cyberattacks
https://thehackernews.com/2024/02/microsoft-openai-warn-of-nation-state.html
Nation-state actors associated with Russia, North Korea, Iran, and China are experimenting with artificial intelligence (AI) and large language models (LLMs) to complement their ongoing cyber attack operations.
The findings come from a report published by Microsoft in collaboration with OpenAI, both of which said they disrupted efforts made by five state-affiliated actors that used its
593
Deepfakes in the global election year of 2024: A weapon of mass deception?
https://www.welivesecurity.com/en/cybersecurity/deepfakes-election-year-2024-weapon-mass-deception/
As fabricated images, videos and audio clips of real people go mainstream, the prospect of a firehose of AI-powered disinformation is a cause for mounting concern
593
Ubuntu 'command-not-found' Tool Could Trick Users into Installing Rogue Packages
https://thehackernews.com/2024/02/ubuntu-command-not-found-tool-could.html
Cybersecurity researchers have found that it's possible for threat actors to exploit a well-known utility called command-not-found to recommend their own rogue packages and compromise systems running Ubuntu operating system.
"While 'command-not-found' serves as a convenient tool for suggesting installations for uninstalled commands, it can be inadvertently manipulated by attackers through the
