uk
Feedback
TECHZONE™

TECHZONE™

Відкрити в Telegram

TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news

Показати більше
595
Підписники
Немає даних24 години
-17 днів
-1030 день
Архів дописів
Ruijie Networks' Cloud Platform Flaws Could Expose 50,000 Devices to Remote Attacks https://thehackernews.com/2024/12/ruijie-networks-cloud-platform-flaws.html Cybersecurity researchers have discovered several security flaws in the cloud management platform developed by Ruijie Networks that could permit an attacker to take control of the network appliances. "These vulnerabilities affect both the Reyee platform, as well as Reyee OS network devices," Claroty researchers Noam Moshe and Tomer Goldschmidt said in a recent analysis. "The vulnerabilities, if

Critical SQL Injection Vulnerability in Apache Traffic Control Rated 9.9 CVSS — Patch Now https://thehackernews.com/2024/12/critical-sql-injection-vulnerability-in.html The Apache Software Foundation (ASF) has shipped security updates to address a critical security flaw in Traffic Control that, if successfully exploited, could allow an attacker to execute arbitrary Structured Query Language (SQL) commands in the database. The SQL injection vulnerability, tracked as CVE-2024-45387, is rated 9.9 out of 10.0 on the CVSS scoring system. "An SQL injection

Iran's Charming Kitten Deploys BellaCPP: A New C++ Variant of BellaCiao Malware https://thehackernews.com/2024/12/irans-charming-kitten-deploys-bellacpp.html The Iranian nation-state hacking group known as Charming Kitten has been observed deploying a C++ variant of a known malware called BellaCiao. Russian cybersecurity company Kaspersky, which dubbed the new version BellaCPP, said it discovered the artifact as part of a "recent" investigation into a compromised machine in Asia that was also infected with the BellaCiao malware. BellaCiao was first

Researchers Uncover PyPI Packages Stealing Keystrokes and Hijacking Social Accounts https://thehackernews.com/2024/12/researchers-uncover-pypi-packages.html Cybersecurity researchers have flagged two malicious packages that were uploaded to the Python Package Index (PyPI) repository and came fitted with capabilities to exfiltrate sensitive information from compromised hosts, according to new findings from Fortinet FortiGuard Labs. The packages, named zebo and cometlogger, attracted 118 and 164 downloads each, prior to them being taken down.

North Korean Hackers Pull Off $308M Bitcoin Heist from Crypto Firm DMM Bitcoin https://thehackernews.com/2024/12/north-korean-hackers-pull-off-308m.html Japanese and U.S. authorities have formerly attributed the theft of cryptocurrency worth $308 million from cryptocurrency company DMM Bitcoin in May 2024 to North Korean cyber actors. "The theft is affiliated with TraderTraitor threat activity, which is also tracked as Jade Sleet, UNC4899, and Slow Pisces," the agencies said. "TraderTraitor activity is often characterized by targeted social

CISA Adds Acclaim USAHERDS Vulnerability to KEV Catalog Amid Active Exploitation https://thehackernews.com/2024/12/cisa-adds-acclaim-usaherds.html The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a now-patched high-severity security flaw impacting Acclaim Systems USAHERDS to the Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation in the wild. The vulnerability in question is CVE-2021-44207 (CVSS score: 8.1), a case of hard-coded, static credentials in Acclaim USAHERDS that

Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks https://thehackernews.com/2024/12/apache-tomcat-vulnerability-cve-2024.html The Apache Software Foundation (ASF) has released a security update to address an important vulnerability in its Tomcat server software that could result in remote code execution (RCE) under certain conditions. The vulnerability, tracked as CVE-2024-56337, has been described as an incomplete mitigation for CVE-2024-50379 (CVSS score: 9.8), another critical security flaw in the same product that

AI Could Generate 10,000 Malware Variants, Evading Detection in 88% of Case https://thehackernews.com/2024/12/ai-could-generate-10000-malware.html Cybersecurity researchers have found that it's possible to use large language models (LLMs) to generate new variants of malicious JavaScript code at scale in a manner that can better evade detection. "Although LLMs struggle to create malware from scratch, criminals can easily use them to rewrite or obfuscate existing malware, making it harder to detect," Palo Alto Networks Unit 42 researchers

⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips https://thehackernews.com/2024/12/thn-weekly-recap-top-cybersecurity.html The online world never takes a break, and this week shows why. From ransomware creators being caught to hackers backed by governments trying new tricks, the message is clear: cybercriminals are always changing how they attack, and we need to keep up. Hackers are using everyday tools in harmful ways, hiding spyware in trusted apps, and finding new ways to take advantage of old security gaps.

Rockstar2FA Collapse Fuels Expansion of FlowerStorm Phishing-as-a-Service https://thehackernews.com/2024/12/rockstar2fa-collapse-fuels-expansion-of.html An interruption to the phishing-as-a-service (PhaaS) toolkit called Rockstar 2FA has led to a rapid uptick in activity from another nascent offering named FlowerStorm. "It appears that the [Rockstar2FA] group running the service experienced at least a partial collapse of its infrastructure, with pages associated with the service no longer reachable," Sophos said in a new report published last

Top 10 Cybersecurity Trends to Expect in 2025 https://thehackernews.com/2024/12/top-10-cybersecurity-trends-to-expect.html The 2025 cybersecurity landscape is increasingly complex, driven by sophisticated cyber threats, increased regulation, and rapidly evolving technology. In 2025, organizations will be challenged with protecting sensitive information for their customers while continuing to provide seamless and easy user experiences. Here’s a closer look at ten emerging challenges and threats set to shape the

U.S. Judge Rules Against NSO Group in WhatsApp Pegasus Spyware Case https://thehackernews.com/2024/12/us-judge-rules-against-nso-group-in.html Meta Platforms-owned WhatsApp scored a major legal victory in its fight against Israeli commercial spyware vendor NSO Group after a federal judge in the U.S. state of California ruled in favor of the messaging giant for exploiting a security vulnerability to deliver Pegasus. "The limited evidentiary record before the court does show that defendants' Pegasus code was sent through plaintiffs'

Italy Fines OpenAI €15 Million for ChatGPT GDPR Data Privacy Violations https://thehackernews.com/2024/12/italy-fines-openai-15-million-for.html Italy's data protection authority has fined ChatGPT maker OpenAI a fine of €15 million ($15.66 million) over how the generative artificial intelligence application handles personal data. The fine comes nearly a year after the Garante found that ChatGPT processed users' information to train its service in violation of the European Union's General Data Protection Regulation (GDPR). The authority

NSO Group Found Guilty of Pegasus Attacks on WhatsApp Users 📱⚖️ The NSO Group, creators of the Pegasus spyware, has been hel
NSO Group Found Guilty of Pegasus Attacks on WhatsApp Users 📱⚖️ The NSO Group, creators of the Pegasus spyware, has been held accountable by a court for hacking into 1,400 devices, including phones belonging to journalists, activists, and officials. This ruling comes as part of a lawsuit filed by WhatsApp (Meta) back in 2019. Link Key points: Pegasus was used to exploit vulnerabilities in devices, including WhatsApp. The court found NSO Group guilty of violating the Computer Fraud and Abuse Act and other laws. The company’s claims that Pegasus was used by clients for national security purposes were dismissed. Why does it matter? WhatsApp head Will Cathcart called this ruling a “victory for privacy”, stressing that surveillance companies cannot hide behind immunity or avoid accountability for illegal actions. This case could set a precedent for combating unlawful digital surveillance. So, are you still using WhatsApp? 🌐💻

LockBit Developer Rostislav Panev Charged for Billions in Global Ransomware Damages https://thehackernews.com/2024/12/lockbit-developer-rostislav-panev.html A dual Russian and Israeli national has been charged in the United States for allegedly being the developer of the now-defunct LockBit ransomware-as-a-service (RaaS) operation since its inception in or around 2019 through at least February 2024. Rostislav Panev, 51, was arrested in Israel earlier this August and is currently awaiting extradition, the U.S. Department of Justice (DoJ) said in a

Lazarus Group Spotted Targeting Nuclear Engineers with CookiePlus Malware https://thehackernews.com/2024/12/lazarus-group-spotted-targeting-nuclear.html The Lazarus Group, an infamous threat actor linked to the Democratic People's Republic of Korea (DPRK), has been observed leveraging a "complex infection chain" targeting at least two employees belonging to an unnamed nuclear-related organization within the span of one month in January 2024. The attacks, which culminated in the deployment of a new modular backdoor referred to as CookiePlus, are

Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack https://thehackernews.com/2024/12/rspack-npm-packages-compromised-with.html The developers of Rspack have revealed that two of their npm packages, @rspack/core and @rspack/cli, were compromised in a software supply chain attack that allowed a malicious actor to publish malicious versions to the official package registry with cryptocurrency mining malware. Following the discovery, versions 1.1.7 of both libraries have been unpublished from the npm registry. The latest

Sophos Issues Hotfixes for Critical Firewall Flaws: Update to Prevent Exploitation https://thehackernews.com/2024/12/sophos-fixes-3-critical-firewall-flaws.html Sophos has released hotfixes to address three security flaws in Sophos Firewall products that could be exploited to achieve remote code execution and allow privileged system access under certain conditions. Of the three, two are rated Critical in severity. There is currently no evidence that the shortcomings have been exploited in the wild. The list of vulnerabilities is as follows -

Hackers Exploiting Critical Fortinet EMS Vulnerability to Deploy Remote Access Tools https://thehackernews.com/2024/12/hackers-exploiting-critical-fortinet.html A now-patched critical security flaw impacting Fortinet FortiClient EMS is being exploited by malicious actors as part of a cyber campaign that installed remote desktop software such as AnyDesk and ScreenConnect.  The vulnerability in question is CVE-2023-48788 (CVSS score: 9.3), an SQL injection bug that allows attackers to execute unauthorized code or commands by sending specially crafted

CISA Adds Critical Flaw in BeyondTrust Software to Exploited Vulnerabilities List https://thehackernews.com/2024/12/cisa-adds-critical-flaw-in-beyondtrust.html The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerability, tracked as CVE-2024-12356 (CVSS score: 9.8), is a command injection flaw that