TECHZONE™
Kanalga Telegram’da o‘tish
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
Ko'proq ko'rsatish595
Obunachilar
Ma'lumot yo'q24 soatlar
-17 kunlar
-1030 kunlar
Postlar arxiv
595
MITRE's Latest ATT&CK Simulations Tackle Cloud Defenses
https://www.darkreading.com/cybersecurity-operations/mitre-simuluations-shine-light-on-attackers-techniques
595
Cisco: Critical Meeting Management Bug Requires Urgent Patch
https://www.darkreading.com/vulnerabilities-threats/cisco-critical-meeting-management-bug-urgent-patch
595
3 Use Cases for Third-Party API Security
https://www.darkreading.com/cloud-security/3-use-cases-for-third-party-api-security
595
RANsacked: Over 100 Security Flaws Found in LTE and 5G Network Implementations
https://thehackernews.com/2025/01/ransacked-over-100-security-flaws-found.html
A group of academics has disclosed details of over 100 security vulnerabilities impacting LTE and 5G implementations that could be exploited by an attacker to disrupt access to service and even gain a foothold into the cellular core network.
The 119 vulnerabilities, assigned 97 unique CVE identifiers, span seven LTE implementations – Open5GS, Magma, OpenAirInterface, Athonet, SD-Core, NextEPC,
595
2025 State of SaaS Backup and Recovery Report
https://thehackernews.com/2025/01/insights-from-2025-saas-backup-and-recovery-report.html
The modern workplace has undergone a seismic transformation over recent years, with hybrid work becoming the norm and businesses rapidly adopting cloud-based Software-as-a-Service (SaaS) applications to facilitate it. SaaS applications like Microsoft 365 and Google Workspace have now become the backbone of business operations, enabling seamless collaboration and productivity. However, this
595
Strengthening Our National Security in the AI Era
https://www.darkreading.com/vulnerabilities-threats/strengthening-national-security-ai-era
595
DoJ Indicts 5 Individuals for $866K North Korean IT Worker Scheme Violations
https://thehackernews.com/2025/01/doj-indicts-5-individuals-for-866k.html
The U.S. Department of Justice (DoJ) on Thursday indicted two North Korean nationals, a Mexican national, and two of its own citizens for their alleged involvement in the ongoing fraudulent information technology (IT) worker scheme that seeks to generate revenue for the Democratic People's Republic of Korea (DPRK) in violation of international sanctions.
The action targets Jin Sung-Il (진성일), Pak
595
Android's New Identity Check Feature Locks Device Settings Outside Trusted Locations
https://thehackernews.com/2025/01/androids-new-identity-check-feature.html
Google has launched a new feature called Identity Check for supported Android devices that locks sensitive settings behind biometric authentication when outside of trusted locations.
"When you turn on Identity Check, your device will require explicit biometric authentication to access certain sensitive resources when you're outside of trusted locations," Google said in a post announcing the
595
CISA Adds Five-Year-Old jQuery XSS Flaw to Exploited Vulnerabilities List
https://thehackernews.com/2025/01/cisa-adds-five-year-old-jquery-xss-flaw.html
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday placed a now-patched security flaw impacting the popular jQuery JavaScript library to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The medium-severity vulnerability is CVE-2020-11023 (CVSS score: 6.1/6.9), a nearly five-year-old cross-site scripting (XSS) bug that could be
595
War Game Pits China Against Taiwan in All-Out Cyberwar
https://www.darkreading.com/threat-intelligence/war-game-pits-china-against-taiwan-cyberwar
595
Cloudflare CDN Bug Outs User Locations on Signal, Discord
https://www.darkreading.com/threat-intelligence/cloudflare-cdn-bug-outs-user-locations-signal-discord
595
Palo Alto Firewalls Found Vulnerable to Secure Boot Bypass and Firmware Exploits
https://thehackernews.com/2025/01/palo-alto-firewalls-found-vulnerable-to.html
An exhaustive evaluation of three firewall models from Palo Alto Networks has uncovered a host of known security flaws impacting the devices' firmware as well as misconfigured security features.
"These weren't obscure, corner-case vulnerabilities," security vendor Eclypsium said in a report shared with The Hacker News.
"Instead these were very well-known issues that we wouldn't expect to see
595
Beware: Fake CAPTCHA Campaign Spreads Lumma Stealer in Multi-Industry Attacks
https://thehackernews.com/2025/01/beware-fake-captcha-campaign-spreads.html
Cybersecurity researchers are calling attention to a new malware campaign that leverages fake CAPTCHA verification checks to deliver the infamous Lumma information stealer.
"The campaign is global, with Netskope Threat Labs tracking victims targeted in Argentina, Colombia, the United States, the Philippines, and other countries around the world," Leandro Fróes, senior threat research engineer at
595
Custom Backdoor Exploiting Magic Packet Vulnerability in Juniper Routers
https://thehackernews.com/2025/01/custom-backdoor-exploiting-magic-packet.html
Enterprise-grade Juniper Networks routers have become the target of a custom backdoor as part of a campaign dubbed J-magic.
According to the Black Lotus Labs team at Lumen Technologies, the activity is so named for the fact that the backdoor continuously monitors for a "magic packet" sent by the threat actor in TCP traffic.
"J-magic campaign marks the rare occasion of malware designed
595
CISA: Ivanti Vulns Chained Together in Cyberattack Onslaught
https://www.darkreading.com/vulnerabilities-threats/cisa-ivanti-vulns-chained-attacks
595
The Security Risk of Rampant Shadow AI
https://www.darkreading.com/vulnerabilities-threats/security-risk-rampant-shadow-ai
595
Black 'Magic' Targets Enterprise Juniper Routers With Backdoor
https://www.darkreading.com/endpoint-security/black-magic-enterprise-juniper-routers-backdoor
595
Doti AI Launches Platform to Securely Find Enterprise Data
https://www.darkreading.com/cybersecurity-operations/doti-ai-launches-platform-to-securely-find-enterprise-data
595
Experts Find Shared Codebase Linking Morpheus and HellCat Ransomware Payloads
https://thehackernews.com/2025/01/experts-find-shared-codebase-linking.html
An analysis of HellCat and Morpheus ransomware operations has revealed that affiliates associated with the respective cybercrime entities are using identical code for their ransomware payloads.
The findings come from SentinelOne, which analyzed artifacts uploaded to the VirusTotal malware scanning platform by the same submitter towards the end of December 2024.
"These two payload samples are
595
How to Eliminate Identity-Based Threats
https://thehackernews.com/2025/01/eliminate-identity-based-threats.html
Despite significant investments in advanced technologies and employee training programs, credential and user-based attacks remain alarmingly prevalent, accounting for 50-80% of enterprise breaches[1],[2]. While identity-based attacks continue to dominate as the leading cause of security incidents, the common approach to identity security threats is still threat reduction, implementing layers of
Endi mavjud! Telegram Tadqiqoti 2025 — yilning asosiy insaytlari 
