TECHZONE™
Kanalga Telegram’da o‘tish
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
Ko'proq ko'rsatish593
Obunachilar
Ma'lumot yo'q24 soatlar
-27 kunlar
-830 kunlar
Postlar arxiv
593
Chameleon Android Banking Trojan Variant Bypasses Biometric Authentication
https://thehackernews.com/2023/12/new-chameleon-android-banking-trojan.html
Cybersecurity researchers have discovered an updated version of an Android banking malware called Chameleon that has expanded its targeting to include users in the U.K. and Italy.
"Representing a restructured and enhanced iteration of its predecessor, this evolved Chameleon variant excels in executing Device Takeover (DTO) using the accessibility service, all while expanding its targeted region,
593
New JavaScript Malware Targeted 50,000+ Users at Dozens of Banks Worldwide
https://thehackernews.com/2023/12/new-javascript-malware-targeted-50000.html
A new piece of JavaScript malware has been observed attempting to steal users' online banking account credentials as part of a campaign that has targeted more than 40 financial institutions across the world.
The activity cluster, which employs JavaScript web injections, is estimated to have led to at least 50,000 infected user sessions spanning North America, South America, Europe, and Japan.
593
Cost of a Data Breach Report 2023: Insights, Mitigators and Best Practices
https://thehackernews.com/2023/12/cost-of-data-breach-report-2023.html
John Hanley of IBM Security shares 4 key findings from the highly acclaimed annual Cost of a Data Breach Report 2023
What is the IBM Cost of a Data Breach Report?
The IBM Cost of a Data Breach Report is an annual report that provides organizations with quantifiable information about the financial impacts of breaches. With this data, they can make data driven decisions about how they implement
593
German Authorities Dismantle Dark Web Hub 'Kingdom Market' in Global Operation
https://thehackernews.com/2023/12/german-authorities-dismantle-dark-web.html
German law enforcement has announced the disruption of a dark web platform called Kingdom Market that specialized in the sales of narcotics and malware to "tens of thousands of users."
The exercise, which involved collaboration from authorities from the U.S., Switzerland, Moldova, and Ukraine, began on December 16, 2023, the Federal Criminal Police Office (BKA) said.
Kingdom
593
Hackers Exploiting Old MS Excel Vulnerability to Spread Agent Tesla Malware
https://thehackernews.com/2023/12/hackers-exploiting-old-ms-excel.html
Attackers are weaponizing an old Microsoft Office vulnerability as part of phishing campaigns to distribute a strain of malware called Agent Tesla.
The infection chains leverage decoy Excel documents attached in invoice-themed messages to trick potential targets into opening them and activate the exploitation of CVE-2017-11882 (CVSS score: 7.8), a memory corruption vulnerability in Office's
593
These aren’t the Androids you should be looking for
https://www.welivesecurity.com/en/mobile-security/these-arent-android-phones-you-should-be-looking-for/
You may get more than you bargained for when you buy a budget-friendly smartphone and forgo safeguards baked into Google Play
593
Urgent: New Chrome Zero-Day Vulnerability Exploited in the Wild - Update ASAP
https://thehackernews.com/2023/12/urgent-new-chrome-zero-day.html
Google has rolled out security updates for the Chrome web browser to address a high-severity zero-day flaw that it said has been exploited in the wild.
The vulnerability, assigned the CVE identifier CVE-2023-7024, has been described as a heap-based buffer overflow bug in the WebRTC framework that could be exploited to result in program crashes or arbitrary code execution.
Clément
593
Remote Encryption Attacks Surge: How One Vulnerable Device Can Spell Disaster
https://thehackernews.com/2023/12/remote-encryption-attacks-surge-how-one.html
Ransomware groups are increasingly switching to remote encryption in their attacks, marking a new escalation in tactics adopted by financially motivated actors to ensure the success of their campaigns.
"Companies can have thousands of computers connected to their network, and with remote ransomware, all it takes is one underprotected device to compromise the entire network," Mark Loman, vice
593
ESET Threat Report H2 2023
https://www.welivesecurity.com/en/eset-research/eset-threat-report-h2-2023/
A view of the H2 2023 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts
593
Product Explained: Memcyco's Real-Time Defense Against Website Spoofing
https://thehackernews.com/2023/12/product-explained-memcycos-real-time.html
Hands-On Review: Memcyco’s Threat Intelligence Solution
Website impersonation, also known as brandjacking or website spoofing, has emerged as a significant threat to online businesses. Malicious actors clone legitimate websites to trick customers, leading to financial scams and data theft causing reputation damage and financial losses for both organizations and customers.
The Growing Threat of
593
Alert: Chinese-Speaking Hackers Pose as UAE Authority in Latest Smishing Wave
https://thehackernews.com/2023/12/alert-chinese-hackers-pose-as-uae.html
The Chinese-speaking threat actors behind Smishing Triad have been observed masquerading as the United Arab Emirates Federal Authority for Identity and Citizenship to send malicious SMS messages with the ultimate goal of gathering sensitive information from residents and foreigners in the country.
"These criminals send malicious links to their victims' mobile devices through SMS or
593
3,500 Arrested in Global Operation HAECHI-IV Targeting Financial Criminals
https://thehackernews.com/2023/12/3500-arrested-in-global-operation.html
A six-month-long international police operation codenamed HAECHI-IV has resulted in the arrests of nearly 3,500 individuals and seizures worth $300 million across 34 countries.
The exercise, which took place from July through December 2023, took aim at various types of financial crimes such as voice phishing, romance scams, online sextortion, investment fraud, money laundering
593
New Go-Based JaskaGO Malware Targeting Windows and macOS Systems
https://thehackernews.com/2023/12/new-go-based-jaskago-malware-targeting.html
A new Go-based information stealer malware called JaskaGO has emerged as the latest cross-platform threat to infiltrate both Windows and Apple macOS systems.
AT&T Alien Labs, which made the discovery, said the malware is "equipped with an extensive array of commands from its command-and-control (C&C) server."
Artifacts designed for macOS were first observed in July
593
FBI Takes Down BlackCat Ransomware, Releases Free Decryption Tool
https://thehackernews.com/2023/12/fbi-takes-down-blackcat-ransomware.html
The U.S. Justice Department (DoJ) has officially announced the disruption of the BlackCat ransomware operation and released a decryption tool that victims can use to regain access to files locked by the malware.
Court documents show that the U.S. Federal Bureau of Investigation (FBI) enlisted the help of a confidential human source (CHS) to act as an affiliate for the BlackCat and gain
593
Behind the Scenes of Matveev's Ransomware Empire: Tactics and Team
https://thehackernews.com/2023/12/behind-scenes-of-matveevs-ransomware.html
Cybersecurity researchers have shed light on the inner workings of the ransomware operation led by Mikhail Pavlovich Matveev, a Russian national who was indicted by the U.S. government earlier this year for his alleged role in launching thousands of attacks across the world.
Matveev, who resides in Saint Petersburg and is known by the aliases Wazawaka, m1x, Boriselcin, Uhodiransomwar,
593
Hackers Abusing GitHub to Evade Detection and Control Compromised Hosts
https://thehackernews.com/2023/12/hackers-abusing-github-to-evade.html
Threat actors are increasingly making use of GitHub for malicious purposes through novel methods, including abusing secret Gists and issuing malicious commands via git commit messages.
"Malware authors occasionally place their samples in services like Dropbox, Google Drive, OneDrive, and Discord to host second stage malware and sidestep detection tools," ReversingLabs researcher Karlo Zanki 
593
Are We Ready to Give Up on Security Awareness Training?
https://thehackernews.com/2023/12/are-we-ready-to-give-up-on-security.html
Some of you have already started budgeting for 2024 and allocating funds to security areas within your organization. It is safe to say that employee security awareness training is one of the expenditure items, too. However, its effectiveness is an open question with people still engaging in insecure behaviors at the workplace. Besides, social engineering remains one of the most prevalent attacks
593
Iranian Hackers Using MuddyC2Go in Telecom Espionage Attacks Across Africa
https://thehackernews.com/2023/12/iranian-hackers-using-muddyc2go-in-new.html
The Iranian nation-state actor known as MuddyWater has leveraged a newly discovered command-and-control (C2) framework called MuddyC2Go in its attacks on the telecommunications sector in Egypt, Sudan, and Tanzania.
The Symantec Threat Hunter Team, part of Broadcom, is tracking the activity under the name Seedworm, which is also tracked under the monikers Boggy Serpens, Cobalt
593
ESET Research Podcast: Neanderthals, Mammoths and Telekopye
https://www.welivesecurity.com/en/podcasts/eset-research-podcast-neanderthals-mammoths-telekopye/
ESET researchers discuss the dynamics within and between various groups of scammers who use a Telegram bot called Telekopye to scam people on online marketplaces
593
New Malvertising Campaign Distributing PikaBot Disguised as Popular Software
https://thehackernews.com/2023/12/new-malvertising-campaign-distributing.html
The malware loader known as PikaBot is being distributed as part of a malvertising campaign targeting users searching for legitimate software like AnyDesk.
"PikaBot was previously only distributed via malspam campaigns similarly to QakBot and emerged as one of the preferred payloads for a threat actor known as TA577," Malwarebytes' Jérôme Segura said.
The malware family,
