TECHZONE™
Kanalga Telegram’da o‘tish
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
Ko'proq ko'rsatish593
Obunachilar
Ma'lumot yo'q24 soatlar
-27 kunlar
-830 kunlar
Postlar arxiv
593
Preventing Data Loss: Backup and Recovery Strategies for Exchange Server Administrators
https://thehackernews.com/2024/01/preventing-data-loss-backup-and.html
In the current digital landscape, data has emerged as a crucial asset for organizations, akin to currency. It’s the lifeblood of any organization in today's interconnected and digital world. Thus, safeguarding the data is of paramount importance. Its importance is magnified in on-premises Exchange Server environments where vital business communication and emails are stored and managed.
In
593
Npm Trojan Bypasses UAC, Installs AnyDesk with "Oscompatible" Package
https://thehackernews.com/2024/01/npm-trojan-bypasses-uac-installs.html
A malicious package uploaded to the npm registry has been found deploying a sophisticated remote access trojan on compromised Windows machines.
The package, named "oscompatible," was published on January 9, 2024, attracting a total of 380 downloads before it was taken down.
oscompatible included a "few strange binaries," according to software supply chain security firm Phylum, including a single
593
U.S. Cybersecurity Agency Warns of Actively Exploited Ivanti EPMM Vulnerability
https://thehackernews.com/2024/01/us-cybersecurity-agency-warns-of.html
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a now-patched critical flaw impacting Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core to its Known Exploited Vulnerabilities (KEV) catalog, stating it's being actively exploited in the wild.
The vulnerability in question is CVE-2023-35082 (CVSS score: 9.8), an authentication bypass
593
Is Temu safe? What to know before you ‘shop like a billionaire’
https://www.welivesecurity.com/en/cybersecurity/is-temu-safe-what-know-shop-billionaire/
Here are some scams you may encounter on the shopping juggernaut, plus a few simple steps you can take to help safeguard your data while bagging that irresistible deal
593
New Docker Malware Steals CPU for Crypto & Drives Fake Website Traffic
https://thehackernews.com/2024/01/new-docker-malware-steals-cpu-for.html
Vulnerable Docker services are being targeted by a novel campaign in which the threat actors are deploying XMRig cryptocurrency miner as well as the 9Hits Viewer software as part of a multi-pronged monetization strategy.
"This is the first documented case of malware deploying the 9Hits application as a payload," cloud security firm Cado said, adding the development is a sign that adversaries are
593
Russian COLDRIVER Hackers Expand Beyond Phishing with Custom Malware
https://thehackernews.com/2024/01/russian-coldriver-hackers-expand-beyond.html
The Russia-linked threat actor known as COLDRIVER has been observed evolving its tradecraft to go beyond credential harvesting to deliver its first-ever custom malware written in the Rust programming language.
Google's Threat Analysis Group (TAG), which shared details of the latest activity, said the attack chains leverage PDFs as decoy documents to trigger the infection sequence. The lures are
593
TensorFlow CI/CD Flaw Exposed Supply Chain to Poisoning Attacks
https://thehackernews.com/2024/01/tensorflow-cicd-flaw-exposed-supply.html
Continuous integration and continuous delivery (CI/CD) misconfigurations discovered in the open-source TensorFlow machine learning framework could have been exploited to orchestrate supply chain attacks.
The misconfigurations could be abused by an attacker to "conduct a supply chain compromise of TensorFlow releases on GitHub and PyPi by compromising TensorFlow's build agents via
593
MFA Spamming and Fatigue: When Security Measures Go Wrong
https://thehackernews.com/2024/01/mfa-spamming-and-fatigue-when-security.html
In today's digital landscape, traditional password-only authentication systems have proven to be vulnerable to a wide range of cyberattacks. To safeguard critical business resources, organizations are increasingly turning to multi-factor authentication (MFA) as a more robust security measure. MFA requires users to provide multiple authentication factors to verify their identity, providing an
593
PixieFail UEFI Flaws Expose Millions of Computers to RCE, DoS, and Data Theft
https://thehackernews.com/2024/01/pixiefail-uefi-flaws-expose-millions-of.html
Multiple security vulnerabilities have been disclosed in the TCP/IP network protocol stack of an open-source reference implementation of the Unified Extensible Firmware Interface (UEFI) specification used widely in modern computers.
Collectively dubbed PixieFail by Quarkslab, the nine issues reside in the TianoCore EFI Development Kit II (EDK II) and could be exploited to
593
Iranian Hackers Masquerade as Journalists to Spy on Israel-Hamas War Experts
https://thehackernews.com/2024/01/iranian-hackers-masquerades-as.html
High-profile individuals working on Middle Eastern affairs at universities and research organizations in Belgium, France, Gaza, Israel, the U.K., and the U.S. have been targeted by an Iranian cyber espionage group called Mind Sandstorm since November 2023.
The threat actor "used bespoke phishing lures in an attempt to socially engineer targets into downloading malicious files," the
593
The 7 deadly cloud security sins and how SMBs can do things better
https://www.welivesecurity.com/en/business-security/7-deadly-cloud-security-sins-smb/
By eliminating these mistakes and blind spots, your organization can take massive strides towards optimizing its use of cloud without exposing itself to cyber-risk
593
PAX PoS Terminal Flaw Could Allow Attackers to Tamper with Transactions
https://thehackernews.com/2024/01/pax-pos-terminal-flaw-could-allow.html
The point-of-sale (PoS) terminals from PAX Technology are impacted by a collection of high-severity vulnerabilities that can be weaponized by threat actors to execute arbitrary code.
The STM Cyber R&D team, which reverse engineered the Android-based devices manufactured by the Chinese firm owing to their rapid deployment in Poland, said it unearthed half a dozen flaws that allow for
593
Combating IP Leaks into AI Applications with Free Discovery and Risk Reduction Automation
https://thehackernews.com/2024/01/combating-ip-leaks-into-ai-applications.html
Wing Security announced today that it now offers free discovery and a paid tier for automated control over thousands of AI and AI-powered SaaS applications. This will allow companies to better protect their intellectual property (IP) and data against the growing and evolving risks of AI usage.
SaaS applications seem to be multiplying by the day, and so does their integration of AI
593
Feds Warn of AndroxGh0st Botnet Targeting AWS, Azure, and Office 365 Credentials
https://thehackernews.com/2024/01/feds-warn-of-androxgh0st-botnet.html
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) warned that threat actors deploying the AndroxGh0st malware are creating a botnet for "victim identification and exploitation in target networks."
A Python-based malware, AndroxGh0st was first documented by Lacework in December 2022, with the malware
593
Webinar: The Art of Privilege Escalation - How Hackers Become Admins
https://thehackernews.com/2024/01/webinar-art-of-privilege-escalation-how.html
In the digital age, the battleground for security professionals is not only evolving, it's expanding at an alarming rate. The upcoming webinar, "The Art of Privilege Escalation - How Hackers Become Admins," offers an unmissable opportunity for IT security experts to stay ahead in this relentless cyber war.
Privilege escalation - the term might sound benign, but in the hands of a skilled hacker,
593
New iShutdown Method Exposes Hidden Spyware Like Pegasus on Your iPhone
https://thehackernews.com/2024/01/new-ishutdown-method-exposes-hidden.html
Cybersecurity researchers have identified a "lightweight method" called iShutdown for reliably identifying signs of spyware on Apple iOS devices, including notorious threats like NSO Group's Pegasus, QuaDream's Reign, and Intellexa's Predator.
Kaspersky, which analyzed a set of iPhones that were compromised with Pegasus, said the infections left traces in a file
593
GitHub Rotates Keys After High-Severity Vulnerability Exposes Credentials
https://thehackernews.com/2024/01/github-rotates-keys-after-high-severity.html
GitHub has revealed that it has rotated some keys in response to a security vulnerability that could be potentially exploited to gain access to credentials within a production container.
The Microsoft-owned subsidiary said it was made aware of the problem on December 26, 2023, and that it addressed the issue the same day, in addition to rotating all potentially exposed credentials out of an
593
Citrix, VMware, and Atlassian Hit with Critical Flaws — Patch ASAP!
https://thehackernews.com/2024/01/citrix-vmware-and-atlassian-hit-with.html
Citrix is warning of two zero-day security vulnerabilities in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway) that are being actively exploited in the wild.
The flaws are listed below -
CVE-2023-6548 (CVSS score: 5.5) - Authenticated (low privileged) remote code execution on Management Interface (requires access to NSIP, CLIP, or SNIP with management
593
Zero-Day Alert: Update Chrome Now to Fix New Actively Exploited Vulnerability
https://thehackernews.com/2024/01/zero-day-alert-update-chrome-now-to-fix.html
Google on Tuesday released updates to fix four security issues in its Chrome browser, including an actively exploited zero-day flaw.
The issue, tracked as CVE-2024-0519, concerns an out-of-bounds memory access in the V8 JavaScript and WebAssembly engine, which can be weaponized by threat actors to trigger a crash.
"By reading out-of-bounds memory, an attacker might be able to get secret values,
593
Alert: Over 178,000 SonicWall Firewalls Potentially Vulnerable to Exploits - Act Now
https://thehackernews.com/2024/01/alert-over-178000-sonicwall-firewalls.html
Over 178,000 SonicWall firewalls exposed over the internet are exploitable to at least one of the two security flaws that could be potentially exploited to cause a denial-of-service (DoS) condition and remote code execution (RCE).
“The two issues are fundamentally the same but exploitable at different HTTP URI paths due to reuse of a vulnerable code pattern,” Jon Williams, a senior security
