uk
Feedback
TECHZONE™

TECHZONE™

Відкрити в Telegram

TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news

Показати більше
595
Підписники
Немає даних24 години
Немає даних7 днів
-1030 день
Архів дописів
XMLRPC npm Library Turns Malicious, Steals Data, Deploys Crypto Miner https://thehackernews.com/2024/11/xmlrpc-npm-library-turns-malicious.html Cybersecurity researchers have discovered a software supply chain attack that has remained active for over a year on the npm package registry by starting off as an innocuous library and later adding malicious code to steal sensitive data and mine cryptocurrency on infected systems. The package, named @0xengine/xmlrpc, was originally published on October 2, 2023 as a JavaScript-based XML-RPC

Cybercriminals Exploit Popular Game Engine Godot to Distribute Cross-Platform Malware https://thehackernews.com/2024/11/cybercriminals-exploit-popular-game.html A popular open-source game engine called Godot Engine is being misused as part of a new GodLoader malware campaign, infecting over 17,000 systems since at least June 2024. "Cybercriminals have been taking advantage of Godot Engine to execute crafted GDScript code which triggers malicious commands and delivers malware," Check Point said in a new analysis published Wednesday. "The technique

U.S. Telecom Giant T-Mobile Detects Network Intrusion Attempts from Wireline Provider https://thehackernews.com/2024/11/us-telecom-giant-t-mobile-detects.html U.S. telecom service provider T-Mobile said it recently detected attempts made by bad actors to infiltrate its systems in recent weeks but noted that no sensitive data was accessed. These intrusion attempts "originated from a wireline provider's network that was connected to ours," Jeff Simon, chief security officer at T-Mobile, said in a statement. "We see no instances of prior attempts like

Critical Flaw in ProjectSend Under Active Exploitation Against Public-Facing Servers https://thehackernews.com/2024/11/critical-flaw-in-projectsend-under.html A critical security flaw impacting the ProjectSend open-source file-sharing application has likely come under active exploitation in the wild, according to findings from VulnCheck. The vulnerability, originally patched over a year-and-a-half ago as part of a commit pushed in May 2023 , was not officially made available until August 2024 with the release of version r1720. As of November 26, 2024,

Researchers Discover "Bootkitty" – First UEFI Bootkit Targeting Linux Kernels https://thehackernews.com/2024/11/researchers-discover-bootkitty-first.html Cybersecurity researchers have shed light on what has been described as the first Unified Extensible Firmware Interface (UEFI) bootkit designed for Linux systems. Dubbed Bootkitty by its creators who go by the name BlackCat, the bootkit is assessed to be a proof-of-concept (PoC) and there is no evidence that it has been put to use in real-world attacks. Also tracked as IranuKit, it was uploaded

Latest Multi-Stage Attack Scenarios with Real-World Examples https://thehackernews.com/2024/11/latest-multi-stage-attack-scenarios.html Multi-stage cyber attacks, characterized by their complex execution chains, are designed to avoid detection and trick victims into a false sense of security. Knowing how they operate is the first step to building a solid defense strategy against them. Let's examine real-world examples of some of the most common multi-stage attack scenarios that are active right now. URLs and Other Embedded

APT-C-60 Hackers Exploit StatCounter and Bitbucket in SpyGlace Malware Campaign https://thehackernews.com/2024/11/apt-c-60-exploits-wps-office.html The threat actor known as APT-C-60 has been linked to a cyber attack targeting an unnamed organization in Japan that used a job application-themed lure to deliver the SpyGlace backdoor. That's according to findings from JPCERT/CC, which said the intrusion leveraged legitimate services like Google Drive, Bitbucket, and StatCounter. The attack was carried out around August 2024. "In this attack,

INTERPOL Busts African Cybercrime: 1,006 Arrests, 134,089 Malicious Networks Dismantled https://thehackernews.com/2024/11/interpol-busts-african-cybercrime-1006.html An INTERPOL-led operation has led to the arrest of 1,006 suspects across 19 African countries and the takedown of 134,089 malicious infrastructures and networks as part of a coordinated effort to disrupt cybercrime in the continent. Dubbed Serengeti, the law enforcement exercise took place between September 2 and October 31, 2024, and targeted criminals behind ransomware, business email

Matrix Botnet Exploits IoT Devices in Widespread DDoS Botnet Campaign https://thehackernews.com/2024/11/matrix-botnet-exploits-iot-devices-in.html A threat actor named Matrix has been linked to a widespread distributed denial-of-service (DoD) campaign that leverages vulnerabilities and misconfigurations in Internet of Things (IoT) devices to co-opt them into a disruptive botnet. "This operation serves as a comprehensive one-stop shop for scanning, exploiting vulnerabilities, deploying malware, and setting up shop kits, showcasing a

Critical WordPress Anti-Spam Plugin Flaws Expose 200,000+ Sites to Remote Attacks https://thehackernews.com/2024/11/critical-wordpress-anti-spam-plugin.html Two critical security flaws impacting the Spam protection, Anti-Spam, and FireWall plugin WordPress could allow an unauthenticated attacker to install and enable malicious plugins on susceptible sites and potentially achieve remote code execution. The vulnerabilities, tracked as CVE-2024-10542 and CVE-2024-10781, carry a CVSS score of 9.8 out of a maximum of 10.0. They were addressed in versions

Intruder Launches Intel: A Free Vulnerability Intelligence Platform For Staying Ahead of the Latest Threats https://thehackernews.com/2024/11/intruder-launches-intel-free.html When CVEs go viral, separating critical vulnerabilities from the noise is essential to protecting your organization. That’s why Intruder, a leader in attack surface management, built Intel - a free vulnerability intelligence platform designed to help you act fast and prioritize real threats. What is Intel? Intel was created to fill a gap in the resources available for tracking emerging

RomCom Exploits Zero-Day Firefox and Windows Flaws in Sophisticated Cyberattacks https://thehackernews.com/2024/11/romcom-exploits-zero-day-firefox-and.html The Russia-aligned threat actor known as RomCom has been linked to the zero-day exploitation of two security flaws, one in Mozilla Firefox and the other in Microsoft Windows, as part of attacks designed to deliver the eponymous backdoor on victim systems. "In a successful attack, if a victim browses a web page containing the exploit, an adversary can run arbitrary code – without any user

Chinese Hackers Use GHOSTSPIDER Malware to Hack Telecoms Across 12+ Countries https://thehackernews.com/2024/11/chinese-hackers-use-ghostspider-malware.html The China-linked threat actor known as Earth Estries has been observed using a previously undocumented backdoor called GHOSTSPIDER as part of its attacks targeting Southeast Asian telecommunications companies.  Trend Micro, which described the hacking group as an aggressive advanced persistent threat (APT), said the intrusions also involved the use of another cross-platform backdoor dubbed

CISA Urges Agencies to Patch Critical "Array Networks" Flaw Amid Active Attacks https://thehackernews.com/2024/11/cisa-urges-agencies-to-patch-critical.html The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a now-patched critical security flaw impacting Array Networks AG and vxAG secure access gateways to its Known Exploited Vulnerabilities (KEV) catalog following reports of active exploitation in the wild. The vulnerability, tracked as CVE-2023-28461 (CVSS score: 9.8), concerns a case of missing authentication that

Google's New Restore Credentials Tool Simplifies App Login After Android Migration https://thehackernews.com/2024/11/googles-new-restore-credentials-tool.html Google has introduced a new feature called Restore Credentials to help users restore their account access to third-party apps securely after migrating to a new Android device. Part of Android's Credential Manager API, the feature aims to reduce the hassle of re-entering the login credentials for every app during the handset replacement. "With Restore Credentials, apps can seamlessly onboard

PyPI Python Library "aiocpa" Found Exfiltrating Crypto Keys via Telegram Bot https://thehackernews.com/2024/11/pypi-python-library-aiocpa-found.html The administrators of the Python Package Index (PyPI) repository have quarantined the package "aiocpa" following a new update that included malicious code to exfiltrate private keys via Telegram. The package in question is described as a synchronous and asynchronous Crypto Pay API client. The package, originally released in September 2024, has been downloaded 12,100 times to date. By putting the

Flying Under the Radar - Security Evasion Techniques https://thehackernews.com/2024/11/flying-under-radar-security-evasion.html Dive into the evolution of phishing and malware evasion techniques and understand how attackers are using increasingly sophisticated methods to bypass security measures. The Evolution of Phishing Attacks “I really like the saying that ‘This is out of scope’ said no hacker ever. Whether it’s tricks, techniques or technologies, hackers will do anything to evade detection and make sure their

THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 18 - Nov 24) https://thehackernews.com/2024/11/thn-recap-top-cybersecurity-threats_25.html We hear terms like “state-sponsored attacks” and “critical vulnerabilities” all the time, but what’s really going on behind those words? This week’s cybersecurity news isn’t just about hackers and headlines—it’s about how digital risks shape our lives in ways we might not even realize. For instance, telecom networks being breached isn’t just about stolen data—it’s about power. Hackers are

Researchers Uncover Malware Using BYOVD to Bypass Antivirus Protections https://thehackernews.com/2024/11/researchers-uncover-malware-using-byovd.html Cybersecurity researchers have uncovered a new malicious campaign that leverages a technique called Bring Your Own Vulnerable Driver (BYOVD) to disarm security protections and ultimately gain access to the infected system. "This malware takes a more sinister route: it drops a legitimate Avast Anti-Rootkit driver (aswArPot.sys) and manipulates it to carry out its destructive agenda," Trellix

Google Exposes GLASSBRIDGE: A Pro-China Influence Network of Fake News Sites https://thehackernews.com/2024/11/google-exposes-glassbridge-pro-china.html Government agencies and non-governmental organizations in the United States have become the target of a nascent China state threat actor known as Storm-2077. The adversary, believed to be active since at least January 2024, has also conducted cyber attacks against the Defense Industrial Base (DIB), aviation, telecommunications, and financial and legal services across the world, Microsoft said.