TECHZONE™
Відкрити в Telegram
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
Показати більше594
Підписники
Немає даних24 години
Немає даних7 днів
-630 день
Архів дописів
594
CISA Warns of Actively Exploited Apache Flink Security Vulnerability
https://thehackernews.com/2024/05/cisa-warns-of-actively-exploited-apache.html
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a security flaw impacting Apache Flink, the open-source, unified stream-processing and batch-processing framework, to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
Tracked as CVE-2020-17519, the issue relates to a case of improper access control that
594
New Frontiers, Old Tactics: Chinese Espionage Group Targets Africa & Caribbean Govts
https://thehackernews.com/2024/05/new-frontiers-old-tactics-chinese-cyber.html
The China-linked threat actor known as Sharp Panda has expanded their targeting to include governmental organizations in Africa and the Caribbean as part of an ongoing cyber espionage campaign.
"The campaign adopts Cobalt Strike Beacon as the payload, enabling backdoor functionalities like C2 communication and command execution while minimizing the exposure of their custom tools," Check Point
594
Inside Operation Diplomatic Specter: Chinese APT Group's Stealthy Tactics Exposed
https://thehackernews.com/2024/05/inside-operation-diplomatic-specter.html
Governmental entities in the Middle East, Africa, and Asia are the target of a Chinese advanced persistent threat (APT) group as part of an ongoing cyber espionage campaign dubbed Operation Diplomatic Specter since at least late 2022.
"An analysis of this threat actor’s activity reveals long-term espionage operations against at least seven governmental entities," Palo Alto Networks
594
Are Your SaaS Backups as Secure as Your Production Data?
https://thehackernews.com/2024/05/are-your-saas-backups-as-secure-as-your.html
Conversations about data security tend to diverge into three main threads:
How can we protect the data we store on our on-premises or cloud infrastructure?
What strategies and tools or platforms can reliably backup and restore data?
What would losing all this data cost us, and how quickly could we get it back?
All are valid and necessary conversations for technology organizations of all shapes
594
Ivanti Patches Critical Remote Code Execution Flaws in Endpoint Manager
https://thehackernews.com/2024/05/ivanti-patches-critical-remote-code.html
Ivanti on Tuesday rolled out fixes to address multiple critical security flaws in Endpoint Manager (EPM) that could be exploited to achieve remote code execution under certain circumstances.
Six of the 10 vulnerabilities – from CVE-2024-29822 through CVE-2024-29827 (CVSS scores: 9.6) – relate to SQL injection flaws that allow an unauthenticated attacker within the same network to
594
What happens when AI goes rogue (and how to stop it)
https://www.welivesecurity.com/en/cybersecurity/what-happens-ai-goes-rogue-how-stop-it/
As AI gets closer to the ability to cause physical harm and impact the real world, “it’s complicated” is no longer a satisfying response
594
The End of an Era: Microsoft Phases Out VBScript for JavaScript and PowerShell
https://thehackernews.com/2024/05/the-end-of-era-microsoft-phases-out.html
Microsoft on Wednesday outlined its plans to deprecate Visual Basic Script (VBScript) in the second half of 2024 in favor of more advanced alternatives such as JavaScript and PowerShell.
"Technology has advanced over the years, giving rise to more powerful and versatile scripting languages such as JavaScript and PowerShell," Microsoft Program Manager Naveen Shankar said. "These languages
594
Untangling the hiring dilemma: How security solutions free up HR processes
https://www.welivesecurity.com/en/business-security/untangling-hiring-dilemma-how-security-solutions-free-up-hr-processes/
The prerequisites for becoming a security elite create a skills ceiling that is tough to break through – especially when it comes to hiring skilled EDR or XDR operators. How can businesses crack this conundrum?
594
Researchers Warn of Chinese-Aligned Hackers Targeting South China Sea Countries
https://thehackernews.com/2024/05/researchers-warn-of-chinese-aligned.html
Cybersecurity researchers have disclosed details of a previously undocumented threat group called Unfading Sea Haze that's believed to have been active since 2018.
The intrusion singled out high-level organizations in South China Sea countries, particularly military and government targets, Bitdefender said in a report shared with The Hacker News.
"The investigation revealed a troubling
594
Rockwell Advises Disconnecting Internet-Facing ICS Devices Amid Cyber Threats
https://thehackernews.com/2024/05/rockwell-advises-disconnecting-internet.html
Rockwell Automation is urging its customers to disconnect all industrial control systems (ICSs) not meant to be connected to the public-facing internet to mitigate unauthorized or malicious cyber activity.
The company said it's issuing the advisory due to "heightened geopolitical tensions and adversarial cyber activity globally."
To that end, customers are required to take immediate
594
The Ultimate SaaS Security Posture Management Checklist, 2025 Edition
https://thehackernews.com/2024/05/the-ultimate-saas-security-posture.html
Since the first edition of The Ultimate SaaS Security Posture Management (SSPM) Checklist was released three years ago, the corporate SaaS sprawl has been growing at a double-digit pace. In large enterprises, the number of SaaS applications in use today is in the hundreds, spread across departmental stacks, complicating the job of security teams to protect organizations against
594
GHOSTENGINE Exploits Vulnerable Drivers to Disable EDRs in Cryptojacking Attack
https://thehackernews.com/2024/05/ghostengine-exploits-vulnerable-drivers.html
Cybersecurity researchers have discovered a new cryptojacking campaign that employs vulnerable drivers to disable known security solutions (EDRs) and thwart detection in what's called a Bring Your Own Vulnerable Driver (BYOVD) attack.
Elastic Security Labs is tracking the campaign under the name REF4578 and the primary payload as GHOSTENGINE. Previous research from Chinese
594
MS Exchange Server Flaws Exploited to Deploy Keylogger in Targeted Attacks
https://thehackernews.com/2024/05/ms-exchange-server-flaws-exploited-to.html
An unknown threat actor is exploiting known security flaws in Microsoft Exchange Server to deploy a keylogger malware in attacks targeting entities in Africa and the Middle East.
Russian cybersecurity firm Positive Technologies said it identified over 30 victims spanning government agencies, banks, IT companies, and educational institutions. The first-ever compromise dates back to 2021.
"This
594
QNAP Patches New Flaws in QTS and QuTS hero Impacting NAS Appliances
https://thehackernews.com/2024/05/qnap-patches-new-flaws-in-qts-and-quts.html
Taiwanese company QNAP has rolled out fixes for a set of medium-severity flaws impacting QTS and QuTS hero, some of which could be exploited to achieve code execution on its network-attached storage (NAS) appliances.
The issues, which impact QTS 5.1.x and QuTS hero h5.1.x, are listed below -
CVE-2024-21902 - An incorrect permission assignment for critical resource
594
Zoom Adopts NIST-Approved Post-Quantum End-to-End Encryption for Meetings
https://thehackernews.com/2024/05/zoom-adopts-nist-approved-post-quantum.html
Popular enterprise services provider Zoom has announced the rollout of post-quantum end-to-end encryption (E2EE) for Zoom Meetings, with support for Zoom Phone and Zoom Rooms coming in the future.
"As adversarial threats become more sophisticated, so does the need to safeguard user data," the company said in a statement. "With the launch of post-quantum E2EE, we are doubling down on
594
Critical Veeam Backup Enterprise Manager Flaw Allows Authentication Bypass
https://thehackernews.com/2024/05/critical-veeam-backup-enterprise.html
Users of Veeam Backup Enterprise Manager are being urged to update to the latest version following the discovery of a critical security flaw that could permit an adversary to bypass authentication protections.
Tracked as CVE-2024-29849 (CVSS score: 9.8), the vulnerability could allow an unauthenticated attacker to log in to the Veeam Backup Enterprise Manager web interface as
594
Critical GitHub Enterprise Server Flaw Allows Authentication Bypass
https://thehackernews.com/2024/05/critical-github-enterprise-server-flaw.html
GitHub has rolled out fixes to address a maximum severity flaw in the GitHub Enterprise Server (GHES) that could allow an attacker to bypass authentication protections.
Tracked as CVE-2024-4985 (CVSS score: 10.0), the issue could permit unauthorized access to an instance without requiring prior authentication.
"On instances that use SAML single sign-on (SSO) authentication with the
594
Malware Delivery via Cloud Services Exploits Unicode Trick to Deceive Users
https://thehackernews.com/2024/05/malware-delivery-via-cloud-services.html
A new attack campaign dubbed CLOUD#REVERSER has been observed leveraging legitimate cloud storage services like Google Drive and Dropbox to stage malicious payloads.
"The VBScript and PowerShell scripts in the CLOUD#REVERSER inherently involves command-and-control-like activities by using Google Drive and Dropbox as staging platforms to manage file uploads and downloads," Securonix
594
SolarMarker Malware Evolves to Resist Takedown Attempts with Multi-Tiered Infrastructure
https://thehackernews.com/2024/05/solarmarker-malware-evolves-to-resist.html
The persistent threat actors behind the SolarMarker information-stealing malware have established a multi-tiered infrastructure to complicate law enforcement takedown efforts, new findings from Recorded Future show.
"The core of SolarMarker's operations is its layered infrastructure, which consists of at least two clusters: a primary one for active operations and a secondary one likely
594
Five Core Tenets Of Highly Effective DevSecOps Practices
https://thehackernews.com/2024/05/five-core-tenets-of-highly-effective.html
One of the enduring challenges of building modern applications is to make them more secure without disrupting high-velocity DevOps processes or degrading the developer experience. Today’s cyber threat landscape is rife with sophisticated attacks aimed at all different parts of the software supply chain and the urgency for software-producing organizations to adopt DevSecOps practices that deeply
