TECHZONE™
Відкрити в Telegram
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
Показати більше593
Підписники
-124 години
-17 днів
-730 день
Архів дописів
593
Watch Out: These PyPI Python Packages Can Drain Your Crypto Wallets
https://thehackernews.com/2024/03/watch-out-these-pypi-python-packages.html
Threat hunters have discovered a set of seven packages on the Python Package Index (PyPI) repository that are designed to steal BIP39 mnemonic phrases used for recovering private keys of a cryptocurrency wallet.
The software supply chain attack campaign has been codenamed BIPClip by ReversingLabs. The packages were collectively downloaded 7,451 times prior to them being removed from
593
CTEM 101 - Go Beyond Vulnerability Management with Continuous Threat Exposure Management
https://thehackernews.com/2024/03/ctem-101-go-beyond-vulnerability.html
In a world of ever-expanding jargon, adding another FLA (Four-Letter Acronym) to your glossary might seem like the last thing you’d want to do. But if you are looking for ways to continuously reduce risk across your environment while making significant and consistent improvements to security posture, in our opinion, you probably want to consider establishing a Continuous Threat Exposure
593
Malware Campaign Exploits Popup Builder WordPress Plugin to Infect 3,900+ Sites
https://thehackernews.com/2024/03/malware-campaign-exploits-popup-builder.html
A new malware campaign is leveraging a high-severity security flaw in the Popup Builder plugin for WordPress to inject malicious JavaScript code.
According to Sucuri, the campaign has infected more than 3,900 sites over the past three weeks.
"These attacks are orchestrated from domains less than a month old, with registrations dating back to February 12th, 2024," security researcher
593
South Korean Citizen Detained in Russia on Cyber Espionage Charges
https://thehackernews.com/2024/03/south-korean-citizen-detained-in-russia.html
Russia has detained a South Korean national for the first time on cyber espionage charges and transferred from Vladivostok to Moscow for further investigation.
The development was first reported by Russian news agency TASS.
“During the investigation of an espionage case, a South Korean citizen Baek Won-soon was identified and detained in Vladivostok, and put into custody under a court
593
New Banking Trojan CHAVECLOAK Targets Brazilian Users via Phishing Tactics
https://thehackernews.com/2024/03/new-banking-trojan-chavecloak-targets.html
Users in Brazil are the target of a new banking trojan known as CHAVECLOAK that's propagated via phishing emails bearing PDF attachments.
"This intricate attack involves the PDF downloading a ZIP file and subsequently utilizing DLL side-loading techniques to execute the final malware," Fortinet FortiGuard Labs researcher Cara Lin said.
The attack chain involves the use of
593
Embracing the Cloud: Revolutionizing Privileged Access Management with One Identity PAM Essentials
https://thehackernews.com/2024/03/embracing-cloud-revolutionizing.html
As cyber threats loom around every corner and privileged accounts become prime targets, the significance of implementing a robust Privileged Access Management (PAM) solution can't be overstated. With organizations increasingly migrating to cloud environments, the PAM Solution Market is experiencing a transformative shift toward cloud-based offerings. One Identity PAM Essentials stands
593
Data Leakage Prevention in the Age of Cloud Computing: A New Approach
https://thehackernews.com/2024/03/data-leakage-prevention-in-age-of-cloud.html
As the shift of IT infrastructure to cloud-based solutions celebrates its 10-year anniversary, it becomes clear that traditional on-premises approaches to data security are becoming obsolete. Rather than protecting the endpoint, DLP solutions need to refocus their efforts to where corporate data resides - in the browser.
A new guide by LayerX titled "On-Prem is Dead. Have You Adjusted Your Web
593
BianLian Threat Actors Exploiting JetBrains TeamCity Flaws in Ransomware Attacks
https://thehackernews.com/2024/03/bianlian-threat-actors-exploiting.html
The threat actors behind the BianLian ransomware have been observed exploiting security flaws in JetBrains TeamCity software to conduct their extortion-only attacks.
According to a new report from GuidePoint Security, which responded to a recent intrusion, the incident "began with the exploitation of a TeamCity server which resulted in the deployment of a PowerShell implementation of
593
Proof-of-Concept Exploit Released for Progress Software OpenEdge Vulnerability
https://thehackernews.com/2024/03/proof-of-concept-exploit-released-for.html
Technical specifics and a proof-of-concept (PoC) exploit have been made available for a recently disclosed critical security flaw in Progress Software OpenEdge Authentication Gateway and AdminServer, which could be potentially exploited to bypass authentication protections.
Tracked as CVE-2024-1403, the vulnerability has a maximum severity rating of 10.0 on the CVSS scoring system. It
593
Magnet Goblin Hacker Group Leveraging 1-Day Exploits to Deploy Nerbian RAT
https://thehackernews.com/2024/03/magnet-goblin-hacker-group-leveraging-1.html
A financially motivated threat actor called Magnet Goblin is swiftly adopting one-day security vulnerabilities into its arsenal in order to opportunistically breach edge devices and public-facing services and deploy malware on compromised hosts.
“Threat actor group Magnet Goblin’s hallmark is its ability to swiftly leverage newly disclosed vulnerabilities, particularly targeting
593
APT attacks taking aim at Tibetans – Week in security with Tony Anscombe
https://www.welivesecurity.com/en/videos/apt-attacks-tibetans-week-security-tony-anscombe/
Evasive Panda has been spotted targeting Tibetans in several countries and territories with payloads that included a previously undocumented backdoor ESET has named Nightdoor
593
Evasive Panda leverages Monlam Festival to target Tibetans
https://www.welivesecurity.com/en/eset-research/evasive-panda-leverages-monlam-festival-target-tibetans/
ESET researchers uncover strategic web compromise and supply-chain attacks targeting Tibetans
593
Microsoft Confirms Russian Hackers Stole Source Code, Some Customer Secrets
https://thehackernews.com/2024/03/microsoft-confirms-russian-hackers.html
Microsoft on Friday revealed that the Kremlin-backed threat actor known as Midnight Blizzard (aka APT29 or Cozy Bear) managed to gain access to some of its source code repositories and internal systems following a hack that came to light in January 2024.
"In recent weeks, we have seen evidence that Midnight Blizzard is using information initially exfiltrated from our
593
Meta Details WhatsApp and Messenger Interoperability to Comply with EU's DMA Regulations
https://thehackernews.com/2024/03/meta-details-whatsapp-and-messenger.html
Meta has offered details on how it intends to implement interoperability in WhatsApp and Messenger with third-party messaging services as the Digital Markets Act (DMA) went into effect in the European Union.
“This allows users of third-party providers who choose to enable interoperability (interop) to send and receive messages with opted-in users of either Messenger or WhatsApp – both designated
593
Secrets Sensei: Conquering Secrets Management Challenges
https://thehackernews.com/2024/03/secrets-sensei-conquering-secrets.html
In the realm of cybersecurity, the stakes are sky-high, and at its core lies secrets management — the foundational pillar upon which your security infrastructure rests. We're all familiar with the routine: safeguarding those API keys, connection strings, and certificates is non-negotiable. However, let's dispense with the pleasantries; this isn't a simple 'set it and forget it' scenario. It's
593
Cisco Issues Patch for High-Severity VPN Hijacking Bug in Secure Client
https://thehackernews.com/2024/03/cisco-issues-patch-for-high-severity.html
Cisco has released patches to address a high-severity security flaw impacting its Secure Client software that could be exploited by a threat actor to open a VPN session with that of a targeted user.
The networking equipment company described the vulnerability, tracked as CVE-2024-20337 (CVSS score: 8.2), as allowing an unauthenticated, remote attacker to conduct a carriage return line feed (CRLF
593
QEMU Emulator Exploited as Tunneling Tool to Breach Company Network
https://thehackernews.com/2024/03/cybercriminals-utilize-qemu-emulator-as.html
Threat actors have been observed leveraging the QEMU open-source hardware emulator as tunneling software during a cyber attack targeting an unnamed "large company" to connect to their infrastructure.
While a number of legitimate tunneling tools like Chisel, FRP, ligolo, ngrok, and Plink have been used by adversaries to their advantage, the development marks the first QEMU that has been
593
CISA Warns of Actively Exploited JetBrains TeamCity Vulnerability
https://thehackernews.com/2024/03/cisa-warns-of-actively-exploited.html
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting JetBrains TeamCity On-Premises software to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The vulnerability, tracked as CVE-2024-27198 (CVSS score: 9.8), refers to an authentication bypass bug that allows for a complete
593
Top 10 scams targeting seniors – and how to keep your money safe
https://www.welivesecurity.com/en/scams/top-10-scams-seniors-how-keep-money-safe/
The internet can be a wonderful place. But it’s also awash with fraudsters targeting people who are susceptible to fraud.
593
Hacked WordPress Sites Abusing Visitors' Browsers for Distributed Brute-Force Attacks
https://thehackernews.com/2024/03/hacked-wordpress-sites-abusing-visitors.html
Threat actors are conducting brute-force attacks against WordPress sites by leveraging malicious JavaScript injections, new findings from Sucuri reveal.
The attacks, which take the form of distributed brute-force attacks, “target WordPress websites from the browsers of completely innocent and unsuspecting site visitors,” security researcher Denis Sinegubko said.
The activity is part of a&
