uk
Feedback
TECHZONE™

TECHZONE™

Відкрити в Telegram

TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news

Показати більше
596
Підписники
+124 години
+17 днів
-830 день
Архів дописів
Facebook Ads Lead to Fake Websites Stealing Credit Card Information https://thehackernews.com/2024/08/facebook-ads-lead-to-fake-websites.html Facebook users are the target of a scam e-commerce network that uses hundreds of fake websites to steal personal and financial data using brand impersonation and malvertising tricks. Recorded Future's Payment Fraud Intelligence team, which detected the campaign on April 17, 2024, has given it the name ERIAKOS owing to the use of the same content delivery network (CDN) oss.eriakos[.]com. "These

DigiCert to Revoke 83,000+ SSL Certificates Due to Domain Validation Oversight https://thehackernews.com/2024/07/digicert-to-revoke-83000-ssl.html Certificate authority (CA) DigiCert has warned that it will be revoking a subset of SSL/TLS certificates within 24 hours due to an oversight with how it verified if a digital certificate is issued to the rightful owner of a domain. The company said it will be taking the step of revoking certificates that do not have proper Domain Control Validation (DCV). "Before issuing a certificate to a

North Korea-Linked Malware Targets Developers on Windows, Linux, and macOS https://thehackernews.com/2024/07/north-korea-linked-malware-targets.html The threat actors behind an ongoing malware campaign targeting software developers have demonstrated new malware and tactics, expanding their focus to include Windows, Linux, and macOS systems. The activity cluster, dubbed DEV#POPPER and linked to North Korea, has been found to have singled out victims across South Korea, North America, Europe, and the Middle East. "This form of attack is an

Chinese Hackers Target Japanese Firms with LODEINFO and NOOPDOOR Malware https://thehackernews.com/2024/07/chinese-hackers-target-japanese-firms.html Japanese organizations are the target of a Chinese nation-state threat actor that leverages malware families like LODEINFO and NOOPDOOR to harvest sensitive information from compromised hosts while stealthily remaining under the radar in some cases for a time period ranging from two to three years. Israeli cybersecurity company Cybereason is tracking the campaign under the name Cuckoo Spear,

How To Get the Most From Your Security Team’s Email Alert Budget https://thehackernews.com/2024/07/how-to-get-most-from-your-security.html We’ll TL;DR the FUDdy introduction: we all know that phishing attacks are on the rise in scale and complexity, that AI is enabling more sophisticated attacks that evade traditional defenses, and the never-ending cybersecurity talent gap means we’re all struggling to keep security teams fully staffed.  Given that reality, security teams need to be able to monitor and respond to threats

Cybercriminals Deploy 100K+ Malware Android Apps to Steal OTP Codes https://thehackernews.com/2024/07/cybercriminals-deploy-100k-malware.html A new malicious campaign has been observed making use of malicious Android apps to steal users' SMS messages since at least February 2022 as part of a large-scale campaign. The malicious apps, spanning over 107,000 unique samples, are designed to intercept one-time passwords (OTPs) used for online account verification to commit identity fraud. "Of those 107,000 malware samples, over 99,000 of

Cyber Espionage Group XDSpy Targets Companies in Russia and Moldova https://thehackernews.com/2024/07/cyber-espionage-group-xdspy-targets.html Companies in Russia and Moldova have been the target of a phishing campaign orchestrated by a little-known cyber espionage group known as XDSpy. The findings come from cybersecurity firm F.A.C.C.T., which said the infection chains lead to the deployment of a malware called DSDownloader. The activity was observed this month, it added. XDSpy is a threat actor of indeterminate origin that was first

Meta Settles for $1.4 Billion with Texas Over Illegal Biometric Data Collection https://thehackernews.com/2024/07/meta-settles-for-14-billion-with-texas.html Meta, the parent company of Facebook, Instagram, and WhatsApp, agreed to a record $1.4 billion settlement with the U.S. state of Texas over allegations that it illegally collected biometric data of millions of users without their permission, marking one of the largest penalties levied by regulators against the tech giant. "This historic settlement demonstrates our commitment to standing up to

Phishing targeting Polish SMBs continues via ModiLoader https://www.welivesecurity.com/en/eset-research/phishing-targeting-polish-smbs-continues-modiloader/ ESET researchers detected multiple, widespread phishing campaigns targeting SMBs in Poland during May 2024, distributing various malware families

New Mandrake Spyware Found in Google Play Store Apps After Two Years https://thehackernews.com/2024/07/new-mandrake-spyware-found-in-google.html A new iteration of a sophisticated Android spyware called Mandrake has been discovered in five applications that were available for download from the Google Play Store and remained undetected for two years. The applications attracted a total of more than 32,000 installations before being pulled from the app storefront, Kaspersky said in a Monday write-up. A majority of the downloads originated

The Power and Peril of RMM Tools https://thehackernews.com/2024/07/the-power-and-peril-of-rmm-tools.html As more people work remotely, IT departments must manage devices distributed over different cities and countries relying on VPNs and remote monitoring and management (RMM) tools for system administration.  However, like any new technology, RMM tools can also be used maliciously. Threat actors can establish connections to a victim's device and run commands, exfiltrate data, and stay

Cybercriminals Target Polish Businesses with Agent Tesla and Formbook Malware https://thehackernews.com/2024/07/cybercriminals-target-polish-businesses.html Cybersecurity researchers have detailed widespread phishing campaigns targeting small and medium-sized businesses (SMBs) in Poland during May 2024 that led to the deployment of several malware families like Agent Tesla, Formbook, and Remcos RAT. Some of the other regions targeted by the campaigns include Italy and Romania, according to cybersecurity firm ESET. "Attackers used previously

Cyber Threat Intelligence: Illuminating the Deep, Dark Cybercriminal Underground https://thehackernews.com/2024/07/cyber-threat-intelligence-illuminating.html Learn about critical threats that can impact your organization and the bad actors behind them from Cybersixgill’s threat experts. Each story shines a light on underground activities, the threat actors involved, and why you should care, along with what you can do to mitigate risk.  The deep and dark web, otherwise known as the cybercriminal underground, is where malicious actors gather to

New SideWinder Cyber Attacks Target Maritime Facilities in Multiple Countries https://thehackernews.com/2024/07/new-sidewinder-cyber-attacks-target.html The nation-state threat actor known as SideWinder has been attributed to a new cyber espionage campaign targeting ports and maritime facilities in the Indian Ocean and Mediterranean Sea. The BlackBerry Research and Intelligence Team, which discovered the activity, said targets of the spear-phishing campaign include countries like Pakistan, Egypt, Sri Lanka, Bangladesh, Myanmar, Nepal, and the

Beware of fake AI tools masking very real malware threats https://www.welivesecurity.com/en/cybersecurity/beware-fake-ai-tools-masking-very-real-malware-threat/ Ever attuned to the latest trends, cybercriminals distribute malicious tools that pose as ChatGPT, Midjourney and other generative AI assistants

OneDrive Phishing Scam Tricks Users into Running Malicious PowerShell Script https://thehackernews.com/2024/07/onedrive-phishing-scam-tricks-users.html Cybersecurity researchers are warning about a new phishing campaign that targets Microsoft OneDrive users with the aim of executing a malicious PowerShell script. "This campaign heavily relies on social engineering tactics to deceive users into executing a PowerShell script, thereby compromising their systems," Trellix security researcher Rafael Pena said in a Monday analysis. The cybersecurity

VMware ESXi Flaw Exploited by Ransomware Groups for Admin Access https://thehackernews.com/2024/07/vmware-esxi-flaw-exploited-by.html A recently patched security flaw impacting VMware ESXi hypervisors has been actively exploited by "several" ransomware groups to gain elevated permissions and deploy file-encrypting malware. The attacks involve the exploitation of CVE-2024-37085 (CVSS score: 6.8), an Active Directory integration authentication bypass that allows an attacker to obtain administrative access to the host. "A

Critical Flaw in Acronis Cyber Infrastructure Exploited in the Wild https://thehackernews.com/2024/07/critical-flaw-in-acronis-cyber.html Cybersecurity company Acronis is warning that a now-patched critical security flaw impacting its Cyber Infrastructure (ACI) product has been exploited in the wild. The vulnerability, tracked as CVE-2023-45249 (CVSS score: 9.8), concerns a case of remote code execution that stems from the use of default passwords. The flaw impacts the following versions of Acronis Cyber Infrastructure (ACI) - &

Proofpoint Email Routing Flaw Exploited to Send Millions of Spoofed Phishing Emails https://thehackernews.com/2024/07/proofpoint-email-routing-flaw-exploited.html An unknown threat actor has been linked to a massive scam campaign that exploited an email routing misconfiguration in email security vendor Proofpoint's defenses to send millions of messages spoofing various legitimate companies. "These emails echoed from official Proofpoint email relays with authenticated SPF and DKIM signatures, thus bypassing major security protections — all to deceive

How Searchable Encryption Changes the Data Security Game https://thehackernews.com/2024/07/how-searchable-encryption-changes-data.html Searchable Encryption has long been a mystery. An oxymoron. An unattainable dream of cybersecurity professionals everywhere. Organizations know they must encrypt their most valuable, sensitive data to prevent data theft and breaches. They also understand that organizational data exists to be used. To be searched, viewed, and modified to keep businesses running. Unfortunately, our Network and