TECHZONE™
Відкрити в Telegram
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
Показати більше594
Підписники
Немає даних24 години
Немає даних7 днів
-630 день
Архів дописів
594
Google Sues App Developers Over Fake Crypto Investment App Scam
https://thehackernews.com/2024/04/google-sues-app-developers-over-fake.html
Google has filed a lawsuit against two app developers for engaging in an "international online consumer investment fraud scheme" that tricked users into downloading bogus Android apps from the Google Play Store and other sources and stealing their funds under the guise of promising higher returns.
The individuals in question are Yunfeng Sun (aka Alphonse Sun) and Hongnam Cheung (aka
594
Hackers Exploit Magento Bug to Steal Payment Data from E-commerce Websites
https://thehackernews.com/2024/04/hackers-exploit-magento-bug-to-steal.html
Threat actors have been found exploiting a critical flaw in Magento to inject a persistent backdoor into e-commerce websites.
The attack leverages CVE-2024-20720 (CVSS score: 9.1), which has been described by Adobe as a case of "improper neutralization of special elements" that could pave the way for arbitrary code execution.
It was addressed by the company as part of
594
AI-as-a-Service Providers Vulnerable to PrivEsc and Cross-Tenant Attacks
https://thehackernews.com/2024/04/ai-as-service-providers-vulnerable-to.html
New research has found that artificial intelligence (AI)-as-a-service providers such as Hugging Face are susceptible to two critical risks that could allow threat actors to escalate privileges, gain cross-tenant access to other customers' models, and even take over the continuous integration and continuous deployment (CI/CD) pipelines.
"Malicious models represent a major risk to AI systems,
594
CISO Perspectives on Complying with Cybersecurity Regulations
https://thehackernews.com/2024/04/ciso-perspectives-on-complying-with.html
Compliance requirements are meant to increase cybersecurity transparency and accountability. As cyber threats increase, so do the number of compliance frameworks and the specificity of the security controls, policies, and activities they include.
For CISOs and their teams, that means compliance is a time-consuming, high-stakes process that demands strong organizational and
594
From PDFs to Payload: Bogus Adobe Acrobat Reader Installers Distribute Byakugan Malware
https://thehackernews.com/2024/04/from-pdfs-to-payload-bogus-adobe.html
Bogus installers for Adobe Acrobat Reader are being used to distribute a new multi-functional malware dubbed Byakugan.
The starting point of the attack is a PDF file written in Portuguese that, when opened, shows a blurred image and asks the victim to click on a link to download the Reader application to view the content.
According to Fortinet FortiGuard Labs, clicking the URL
594
New Wave of JSOutProx Malware Targeting Financial Firms in APAC and MENA
https://thehackernews.com/2024/04/new-wave-of-jsoutprox-malware-targeting.html
Financial organizations in the Asia-Pacific (APAC) and Middle East and North Africa (MENA) are being targeted by a new version of an "evolving threat" called JSOutProx.
"JSOutProx is a sophisticated attack framework utilizing both JavaScript and .NET," Resecurity said in a technical report published this week.
"It employs the .NET (de)serialization feature to interact with a core
594
Researchers Identify Multiple China Hacker Groups Exploiting Ivanti Security Flaws
https://thehackernews.com/2024/04/researchers-identify-multiple-china.html
Multiple China-nexus threat actors have been linked to the zero-day exploitation of three security flaws impacting Ivanti appliances (CVE-2023-46805, CVE-2024-21887, and CVE-2024-21893).
The clusters are being tracked by Mandiant under the monikers UNC5221, UNC5266, UNC5291, UNC5325, UNC5330, and UNC5337. Another group linked to the exploitation spree is UNC3886.
The Google Cloud
594
Vietnam-Based Hackers Steal Financial Data Across Asia with Malware
https://thehackernews.com/2024/04/vietnam-based-hackers-steal-financial.html
A suspected Vietnamese-origin threat actor has been observed targeting victims in several Asian and Southeast Asian countries with malware designed to harvest valuable data since at least May 2023.
Cisco Talos is tracking the cluster under the name CoralRaider, describing it as financially motivated. Targets of the campaign include India, China, South Korea, Bangladesh, Pakistan, Indonesia,
594
New Phishing Campaign Targets Oil & Gas with Evolved Data-Stealing Malware
https://thehackernews.com/2024/04/new-phishing-campaign-targets-oil-gas.html
An updated version of an information-stealing malware called Rhadamanthys is being used in phishing campaigns targeting the oil and gas sector.
"The phishing emails use a unique vehicle incident lure and, in later stages of the infection chain, spoof the Federal Bureau of Transportation in a PDF that mentions a significant fine for the incident," Cofense researcher Dylan Duncan said.
The
594
Considerations for Operational Technology Cybersecurity
https://thehackernews.com/2024/04/considerations-for-operational.html
Operational Technology (OT) refers to the hardware and software used to change, monitor, or control the enterprise's physical devices, processes, and events. Unlike traditional Information Technology (IT) systems, OT systems directly impact the physical world. This unique characteristic of OT brings additional cybersecurity considerations not typically present in conventional IT security
594
New HTTP/2 Vulnerability Exposes Web Servers to DoS Attacks
https://thehackernews.com/2024/04/new-http2-vulnerability-exposes-web.html
New research has found that the CONTINUATION frame in the HTTP/2 protocol can be exploited to conduct denial-of-service (DoS) attacks.
The technique has been codenamed HTTP/2 CONTINUATION Flood by security researcher Bartek Nowotarski, who reported the issue to the CERT Coordination Center (CERT/CC) on January 25, 2024.
"Many HTTP/2 implementations do not properly limit or sanitize the
594
Ivanti Rushes Patches for 4 New Flaw in Connect Secure and Policy Secure
https://thehackernews.com/2024/04/ivanti-rushes-patches-for-4-new-flaw-in.html
Ivanti has released security updates to address four security flaws impacting Connect Secure and Policy Secure Gateways that could result in code execution and denial-of-service (DoS).
The list of flaws is as follows -
CVE-2024-21894 (CVSS score: 8.2) - A heap overflow vulnerability in the IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an
594
Google Warns: Android Zero-Day Flaws in Pixel Phones Exploited by Forensic Companies
https://thehackernews.com/2024/04/google-warns-android-zero-day-flaws-in.html
Google has disclosed that two Android security flaws impacting its Pixel smartphones have been exploited in the wild by forensic companies.
The high-severity zero-day vulnerabilities are as follows -
CVE-2024-29745 - An information disclosure flaw in the bootloader component
CVE-2024-29748 - A privilege escalation flaw in the firmware component
"There are indications that the [
594
U.S. Cyber Safety Board Slams Microsoft Over Breach by China-Based Hackers
https://thehackernews.com/2024/04/us-cyber-safety-board-slams-microsoft.html
The U.S. Cyber Safety Review Board (CSRB) has criticized Microsoft for a series of security lapses that led to the breach of nearly two dozen companies across Europe and the U.S. by a China-based nation-state group called Storm-0558 last year.
The findings, released by the Department of Homeland Security (DHS) on Tuesday, found that the intrusion was preventable, and that it became successful
594
Google Chrome Beta Tests New DBSC Protection Against Cookie-Stealing Attacks
https://thehackernews.com/2024/04/google-chrome-beta-tests-new-dbsc.html
Google on Tuesday said it's piloting a new feature in Chrome called Device Bound Session Credentials (DBSC) to help protect users against session cookie theft by malware.
The prototype – currently tested against "some" Google Account users running Chrome Beta – is built with an aim to make it an open web standard, the tech giant's Chromium team said.
"By binding authentication sessions to the
594
Attack Surface Management vs. Vulnerability Management
https://thehackernews.com/2024/04/attack-surface-management-vs.html
Attack surface management (ASM) and vulnerability management (VM) are often confused, and while they overlap, they’re not the same. The main difference between attack surface management and vulnerability management is in their scope: vulnerability management checks a list of known assets, while attack surface management assumes you have unknown assets and so begins with discovery. Let’s look at
594
Mispadu Trojan Targets Europe, Thousands of Credentials Compromised
https://thehackernews.com/2024/04/mispadu-trojan-targets-europe-thousands.html
The banking trojan known as Mispadu has expanded its focus beyond Latin America (LATAM) and Spanish-speaking individuals to target users in Italy, Poland, and Sweden.
Targets of the ongoing campaign include entities spanning finance, services, motor vehicle manufacturing, law firms, and commercial facilities, according to Morphisec.
"Despite the geographic expansion, Mexico remains the
594
Critical Security Flaw Found in Popular LayerSlider WordPress Plugin
https://thehackernews.com/2024/04/critical-security-flaw-found-in-popular.html
A critical security flaw impacting the LayerSlider plugin for WordPress could be abused to extract sensitive information from databases, such as password hashes.
The flaw, designated as CVE-2024-2879, carries a CVSS score of 9.8 out of a maximum of 10.0. It has been described as a case of SQL injection impacting versions from 7.9.11 through 7.10.0.
The issue has been addressed in version
594
Malicious Code in XZ Utils for Linux Systems Enables Remote Code Execution
https://thehackernews.com/2024/04/malicious-code-in-xz-utils-for-linux.html
The malicious code inserted into the open-source library XZ Utils, a widely used package present in major Linux distributions, is also capable of facilitating remote code execution, a new analysis has revealed.
The audacious supply chain compromise, tracked as CVE-2024-3094 (CVSS score: 10.0), came to light last week when Microsoft engineer and PostgreSQL developer Andres Freund
594
Harnessing the Power of CTEM for Cloud Security
https://thehackernews.com/2024/04/harnessing-power-of-ctem-for-cloud.html
Cloud solutions are more mainstream – and therefore more exposed – than ever before.
In 2023 alone, a staggering 82% of data breaches were against public, private, or hybrid cloud environments. What’s more, nearly 40% of breaches spanned multiple cloud environments. The average cost of a cloud breach was above the overall average, at $4.75 million. In a time where cloud has become the de facto
