TECHZONE™
Відкрити в Telegram
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
Показати більше593
Підписники
Немає даних24 години
-27 днів
-830 день
Архів дописів
593
VexTrio: The Uber of Cybercrime - Brokering Malware for 60+ Affiliates
https://thehackernews.com/2024/01/vextrio-uber-of-cybercrime-brokering.html
The threat actors behind ClearFake, SocGholish, and dozens of other actors have established partnerships with another entity known as VexTrio as part of a massive "criminal affiliate program," new findings from Infoblox reveal.
The latest development demonstrates the "breadth of their activities and depth of their connections within the cybercrime industry," the company said,
593
Malicious NPM Packages Exfiltrate Hundreds of Developer SSH Keys via GitHub
https://thehackernews.com/2024/01/malicious-npm-packages-exfiltrate-1600.html
Two malicious packages discovered on the npm package registry have been found to leverage GitHub to store Base64-encrypted SSH keys stolen from developer systems on which they were installed.
The modules named warbeast2000 and kodiak2k were published at the start of the month, attracting 412 and 1,281 downloads before they were taken down by the npm
593
"Activator" Alert: MacOS Malware Hides in Cracked Apps, Targeting Crypto Wallets
https://thehackernews.com/2024/01/activator-alert-macos-malware-hides-in.html
Cracked software have been observed infecting Apple macOS users with a previously undocumented stealer malware capable of harvesting system information and cryptocurrency wallet data.
Kaspersky, which identified the artifacts in the wild, said they are designed to target machines running macOS Ventura 13.6 and later, indicating the malware's ability to infect Macs on both Intel and
593
From Megabits to Terabits: Gcore Radar Warns of a New Era of DDoS Attacks
https://thehackernews.com/2024/01/from-megabits-to-terabits-gcore-radar.html
As we enter 2024, Gcore has released its latest Gcore Radar report, a twice-annual publication in which the company releases internal analytics to track DDoS attacks. Gcore’s broad, internationally distributed network of scrubbing centers allows them to follow attack trends over time. Read on to learn about DDoS attack trends for Q3–Q4 of 2023, and what they mean for developing a robust
593
BreachForums Founder Sentenced to 20 Years of Supervised Release, No Jail Time
https://thehackernews.com/2024/01/breachforums-founder-sentenced-to-20.html
Conor Brian Fitzpatrick has been sentenced to time served and 20 years of supervised release for his role as the creator and administrator of BreachForums.
Fitzpatrick, who went by the online alias "pompompurin," was arrested in March 2023 in New York and was subsequently charged with conspiracy to commit access device fraud and possession of child pornography. He was later released on a $
593
~40,000 Attacks in 3 Days: Critical Confluence RCE Under Active Exploitation
https://thehackernews.com/2024/01/40000-attacks-in-3-days-critical.html
Malicious actors have begun to actively exploit a recently disclosed critical security flaw impacting Atlassian Confluence Data Center and Confluence Server, within three days of public disclosure.
Tracked as CVE-2023-22527 (CVSS score: 10.0), the vulnerability impacts out-of-date versions of the software, allowing unauthenticated attackers to achieve remote code execution on susceptible
593
Apple Issues Patch for Critical Zero-Day in iPhones, Macs - Update Now
https://thehackernews.com/2024/01/apple-issues-patch-for-critical-zero.html
Apple on Monday released security updates for iOS, iPadOS, macOS, tvOS, and Safari web browser to address a zero-day flaw that has come under active exploitation in the wild.
The issue, tracked as CVE-2024-23222, is a type confusion bug that could be exploited by a threat actor to achieve arbitrary code execution when processing maliciously crafted web content. The tech giant said the problem
593
North Korean Hackers Weaponize Fake Research to Deliver RokRAT Backdoor
https://thehackernews.com/2024/01/north-korean-hackers-weaponize-fake.html
Media organizations and high-profile experts in North Korean affairs have been at the receiving end of a new campaign orchestrated by a threat actor known as ScarCruft in December 2023.
"ScarCruft has been experimenting with new infection chains, including the use of a technical threat research report as a decoy, likely targeting consumers of threat intelligence like cybersecurity
593
MavenGate Attack Could Let Hackers Hijack Java and Android via Abandoned Libraries
https://thehackernews.com/2024/01/hackers-hijack-popular-java-and-android.html
Several public and popular libraries abandoned but still used in Java and Android applications have been found susceptible to a new software supply chain attack method called MavenGate.
"Access to projects can be hijacked through domain name purchases and since most default build configurations are vulnerable, it would be difficult or even impossible to know whether an attack was being performed
593
NS-STEALER Uses Discord Bots to Exfiltrate Your Secrets from Popular Browsers
https://thehackernews.com/2024/01/ns-stealer-uses-discord-bots-to.html
Cybersecurity researchers have discovered a new Java-based "sophisticated" information stealer that uses a Discord bot to exfiltrate sensitive data from compromised hosts.
The malware, named NS-STEALER, is propagated via ZIP archives masquerading as cracked software, Trellix security researcher Gurumoorthi Ramanathan said in an analysis published last week.
The ZIP file contains
593
52% of Serious Vulnerabilities We Find are Related to Windows 10
https://thehackernews.com/2024/01/52-of-serious-vulnerabilities-we-find.html
We analyzed 2,5 million vulnerabilities we discovered in our customer’s assets. This is what we found.
Digging into the data
The dataset we analyze here is representative of a subset of clients that subscribe to our vulnerability scanning services. Assets scanned include those reachable across the Internet, as well as those present on internal networks. The data includes findings for network
593
FTC Bans InMarket for Selling Precise User Location Without Consent
https://thehackernews.com/2024/01/ftc-bans-inmarket-for-selling-precise.html
The U.S. Federal Trade Commission (FTC) is continuing to clamp down on data brokers by prohibiting InMarket Media from selling or licensing precise location data.
The settlement is part of allegations that the Texas-based company did not inform or seek consent from consumers before using their location information for advertising and marketing purposes.
"InMarket will also be prohibited from
593
Apache ActiveMQ Flaw Exploited in New Godzilla Web Shell Attacks
https://thehackernews.com/2024/01/apache-activemq-flaw-exploited-in-new.html
Cybersecurity researchers are warning of a "notable increase" in threat actor activity actively exploiting a now-patched flaw in Apache ActiveMQ to deliver the Godzilla web shell on compromised hosts.
"The web shells are concealed within an unknown binary format and are designed to evade security and signature-based scanners," Trustwave said. "Notably, despite the binary's unknown file
593
Why many CISOs consider quitting – Week in security with Tony Anscombe
https://www.welivesecurity.com/en/videos/why-many-cisos-consider-leaving-cybersecurity-week-security-tony-anscombe/
The job of a CISO is becoming increasingly stressful as cybersecurity chiefs face overwhelming workloads and growing concerns over personal liability for security failings
593
Chinese Hackers Silently Weaponized VMware Zero-Day Flaw for 2 Years
https://thehackernews.com/2024/01/chinese-hackers-silently-weaponized.html
An advanced China-nexus cyber espionage group previously linked to the exploitation of security flaws in VMware and Fortinet appliances has been linked to the abuse of a critical vulnerability in VMware vCenter Server as a zero-day since late 2021.
"UNC3886 has a track record of utilizing zero-day vulnerabilities to complete their mission without being detected, and this latest example further
593
CISA Issues Emergency Directive to Federal Agencies on Ivanti Zero-Day Exploits
https://thehackernews.com/2024/01/cisa-issues-emergency-directive-to.html
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday issued an emergency directive urging Federal Civilian Executive Branch (FCEB) agencies to implement mitigations against two actively exploited zero-day flaws in Ivanti Connect Secure (ICS) and Ivanti Policy Secure (IPS) products.
The development came after the vulnerabilities – an authentication bypass
593
Microsoft's Top Execs' Emails Breached in Sophisticated Russia-Linked APT Attack
https://thehackernews.com/2024/01/microsofts-top-execs-emails-breached-in.html
Microsoft on Friday revealed that it was the target of a nation-state attack on its corporate systems that resulted in the theft of emails and attachments from senior executives and other individuals in the company's cybersecurity and legal departments.
The Windows maker attributed the attack to a Russian advanced persistent threat (APT) group it tracks as Midnight Blizzard (formerly
593
Invoice Phishing Alert: TA866 Deploys WasabiSeed & Screenshotter Malware
https://thehackernews.com/2024/01/invoice-phishing-alert-ta866-deploys.html
The threat actor tracked as TA866 has resurfaced after a nine-month hiatus with a new large-volume phishing campaign to deliver known malware families such as WasabiSeed and Screenshotter.
The campaign, observed earlier this month and blocked by Proofpoint on January 11, 2024, involved sending thousands of invoice-themed emails targeting North America bearing decoy PDF files.
"The PDFs
593
Virtual kidnapping: How to see through this terrifying scam
https://www.welivesecurity.com/en/scams/virtual-kidnapping-see-through-scam/
Phone fraud takes a frightening twist as fraudsters can tap into AI to cause serious emotional and financial damage to the victims
593
Experts Warn of macOS Backdoor Hidden in Pirated Versions of Popular Software
https://thehackernews.com/2024/01/experts-warn-of-macos-backdoor-hidden.html
Pirated applications targeting Apple macOS users have been observed containing a backdoor capable of granting attackers remote control to infected machines.
"These applications are being hosted on Chinese pirating websites in order to gain victims," Jamf Threat Labs researchers Ferdous Saljooki and Jaron Bradley said.
"Once detonated, the malware will download and execute multiple payloads
