uk
Feedback
TECHZONE™

TECHZONE™

Відкрити в Telegram

TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news

Показати більше
593
Підписники
-124 години
-27 днів
-830 день
Архів дописів
Hands-on Review: Myrror Security Code-Aware and Attack-Aware SCA https://thehackernews.com/2024/02/hands-on-review-myrror-security-code.html Introduction The modern software supply chain represents an ever-evolving threat landscape, with each package added to the manifest introducing new attack vectors. To meet industry requirements, organizations must maintain a fast-paced development process while staying up-to-date with the latest security patches. However, in practice, developers often face a large amount of security work without

New Coyote Trojan Targets 61 Brazilian Banks with Nim-Powered Attack https://thehackernews.com/2024/02/new-coyote-trojan-targets-61-brazilian.html Sixty-one banking institutions, all of them originating from Brazil, are the target of a new banking trojan called Coyote. "This malware utilizes the Squirrel installer for distribution, leveraging Node.js and a relatively new multi-platform programming language called Nim as a loader to complete its infection," Russian cybersecurity firm Kaspersky said in a Thursday report. What

Wazuh in the Cloud Era: Navigating the Challenges of Cybersecurity https://thehackernews.com/2024/02/wazuh-in-cloud-era-navigating.html Cloud computing has innovated how organizations operate and manage IT operations, such as data storage, application deployment, networking, and overall resource management. The cloud offers scalability, adaptability, and accessibility, enabling businesses to achieve sustainable growth. However, adopting cloud technologies into your infrastructure presents various cybersecurity risks and

Stealthy Zardoor Backdoor Targets Saudi Islamic Charity Organizations https://thehackernews.com/2024/02/stealthy-zardoor-backdoor-targets-saudi.html An unnamed Islamic non-profit organization in Saudi Arabia has been targeted as part of a stealthy cyber espionage campaign designed to drop a previously undocumented backdoor called Zardoor. Cisco Talos, which discovered the activity in May 2023, said the campaign has likely persisted since at least March 2021, adding it has identified only one compromised target to date, although it's

Fortinet Warns of Critical FortiOS SSL VPN Vulnerability Under Active Exploitation https://thehackernews.com/2024/02/fortinet-warns-of-critical-fortios-ssl.html Fortinet has disclosed a new critical security flaw in FortiOS SSL VPN that it said is likely being exploited in the wild. The vulnerability, CVE-2024-21762 (CVSS score: 9.6), allows for the execution of arbitrary code and commands. "A out-of-bounds write vulnerability [CWE-787] in FortiOS may allow a remote unauthenticated attacker to execute arbitrary code or command via specially

The buck stops here: Why the stakes are high for CISOs https://www.welivesecurity.com/en/business-security/buck-stops-stakes-high-cisos/ Heavy workloads and the specter of personal liability for incidents take a toll on security leaders, so much so that many of them look for the exits. What does this mean for corporate cyber-defenses?

Warning: New Ivanti Auth Bypass Flaw Affects Connect Secure and ZTA Gateways https://thehackernews.com/2024/02/warning-new-ivanti-auth-bypass-flaw.html Ivanti has alerted customers of yet another high-severity security flaw in its Connect Secure, Policy Secure, and ZTA gateway devices that could allow attackers to bypass authentication. The issue, tracked as CVE-2024-22024, is rated 8.3 out of 10 on the CVSS scoring system. "An XML external entity or XXE vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x), Ivanti

Chinese Hackers Operate Undetected in U.S. Critical Infrastructure for Half a Decade https://thehackernews.com/2024/02/chinese-hackers-operate-undetected-in.html The U.S. government on Wednesday said the Chinese state-sponsored hacking group known as Volt Typhoon had been embedded into some critical infrastructure networks in the country for at least five years. Targets of the threat actor include communications, energy, transportation, and water and wastewater systems sectors in the U.S. and Guam. "Volt Typhoon's choice of targets and pattern

Unified Identity – look for the meaning behind the hype! https://thehackernews.com/2024/02/unified-identity-look-for-meaning.html If you've listened to software vendors in the identity space lately, you will have noticed that “unified” has quickly become the buzzword that everyone is adopting to describe their portfolio. And this is great! Unified identity has some amazing benefits!  However (there is always a however, right?) not every “unified” “identity” “security” “platform” is made equal. Some vendors call the

HijackLoader Evolves: Researchers Decode the Latest Evasion Methods https://thehackernews.com/2024/02/hijackloader-evolves-researchers-decode.html The threat actors behind a loader malware called HijackLoader have added new techniques for defense evasion, as the malware continues to be increasingly used by other threat actors to deliver additional payloads and tooling. "The malware developer used a standard process hollowing technique coupled with an additional trigger that was activated by the parent process writing to a pipe,"

Google Starts Blocking Sideloading of Potentially Dangerous Android Apps in Singapore https://thehackernews.com/2024/02/google-starts-blocking-sideloading-of.html Google has unveiled a new pilot program in Singapore that aims to prevent users from sideloading certain apps that abuse Android app permissions to read one-time passwords and gather sensitive data. "This enhanced fraud protection will analyze and automatically block the installation of apps that may use sensitive runtime permissions frequently abused for financial fraud when the user attempts

Kimsuky's New Golang Stealer 'Troll' and 'GoBear' Backdoor Target South Korea https://thehackernews.com/2024/02/kimsukys-new-golang-stealer-troll-and.html The North Korea-linked nation-state actor known as Kimsuky is suspected of using a previously undocumented Golang-based information stealer called Troll Stealer. The malware steals "SSH, FileZilla, C drive files/directories, browsers, system information, [and] screen captures" from infected systems, South Korean cybersecurity company S2W said in a new technical report. Troll

Critical Patches Released for New Flaws in Cisco, Fortinet, VMware Products https://thehackernews.com/2024/02/critical-patches-released-for-new-flaws.html Cisco, Fortinet, and VMware have released security fixes for multiple security vulnerabilities, including critical weaknesses that could be exploited to perform arbitrary actions on affected devices. The first set from Cisco consists of three flaws – CVE-2024-20252 and CVE-2024-20254 (CVSS score: 9.6) and CVE-2024-20255 (CVSS score: 8.2) – impacting Cisco Expressway Series that could allow an

After FBI Takedown, KV-Botnet Operators Shift Tactics in Attempt to Bounce Back https://thehackernews.com/2024/02/after-fbi-takedown-kv-botnet-operators.html The threat actors behind the KV-botnet made "behavioral changes" to the malicious network as U.S. law enforcement began issuing commands to neutralize the activity. KV-botnet is the name given to a network of compromised small office and home office (SOHO) routers and firewall devices across the world, with one specific cluster acting as a covert data transfer system for other Chinese

Critical Bootloader Vulnerability in Shim Impacts Nearly All Linux Distros https://thehackernews.com/2024/02/critical-bootloader-vulnerability-in.html The maintainers of shim have released version 15.8 to address six security flaws, including a critical bug that could pave the way for remote code execution under specific circumstances. Tracked as CVE-2023-40547 (CVSS score: 9.8), the vulnerability could be exploited to achieve a Secure Boot bypass. Bill Demirkapi of the Microsoft Security Response Center (MSRC) has been&

New Webinar: 5 Steps to vCISO Success for MSPs and MSSPs https://thehackernews.com/2024/02/new-webinar-5-steps-to-vciso-success.html 2024 will be the year of the vCISO. An incredible 45% of MSPs and MSSPs are planning to start offering vCISO services in 2024. As an MSP/MSSP providing vCISO services, you own the organization’s cybersecurity infrastructure and strategy. But you also need to position yourself as a reliable decision-maker, navigating professional responsibilities, business needs and leadership

Global Coalition and Tech Giants Unite Against Commercial Spyware Abuse https://thehackernews.com/2024/02/global-coalition-and-tech-giants-unite.html A coalition of dozens of countries, including France, the U.K., and the U.S., along with tech companies such as Google, MDSec, Meta, and Microsoft, have signed a joint agreement to curb the abuse of commercial spyware to commit human rights abuses. The initiative, dubbed the Pall Mall Process, aims to tackle the proliferation and irresponsible use of commercial cyber intrusion tools by

Left to their own devices: Security for employees using personal devices for work https://www.welivesecurity.com/en/business-security/left-own-devices-security-employees-personal-devices-work/ As personal devices within corporate networks make for a potentially combustible mix, a cavalier approach to BYOD security won’t cut it

Chinese Hackers Exploited FortiGate Flaw to Breach Dutch Military Network https://thehackernews.com/2024/02/chinese-hackers-exploited-fortigate.html Chinese state-backed hackers broke into a computer network that's used by the Dutch armed forces by targeting Fortinet FortiGate devices. "This [computer network] was used for unclassified research and development (R&D)," the Dutch Military Intelligence and Security Service (MIVD) said in a statement. "Because this system was self-contained, it did not lead to any damage to the

Critical JetBrains TeamCity On-Premises Flaw Exposes Servers to Takeover - Patch Now https://thehackernews.com/2024/02/critical-jetbrains-teamcity-on-premises.html JetBrains is alerting customers of a critical security flaw in its TeamCity On-Premises continuous integration and continuous deployment (CI/CD) software that could be exploited by threat actors to take over susceptible instances. The vulnerability, tracked as CVE-2024-23917, carries a CVSS rating of 9.8 out of 10, indicative of its severity. "The vulnerability may enable an unauthenticated