TECHZONE™
Kanalga Telegram’da o‘tish
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
Ko'proq ko'rsatish593
Obunachilar
-124 soatlar
-17 kunlar
-730 kunlar
Postlar arxiv
594
Google to Delete Billions of Browsing Records in 'Incognito Mode' Privacy Lawsuit Settlement
https://thehackernews.com/2024/04/google-to-delete-billions-of-browsing.html
Google has agreed to purge billions of data records reflecting users' browsing activities to settle a class action lawsuit that claimed the search giant tracked them without their knowledge or consent in its Chrome browser.
The class action, filed in 2020, alleged the company misled users by tracking their internet browsing activity who thought that it remained private when using the "
594
Massive Phishing Campaign Strikes Latin America: Venom RAT Targeting Multiple Sectors
https://thehackernews.com/2024/04/massive-phishing-campaign-strikes-latin.html
The threat actor known as TA558 has been attributed to a new massive phishing campaign that targets a wide range of sectors in Latin America with the goal of deploying Venom RAT.
The attacks primarily singled out hotel, travel, trading, financial, manufacturing, industrial, and government verticals in Spain, Mexico, United States, Colombia, Portugal, Brazil, Dominican Republic, and
594
Indian Government Rescues 250 Citizens Forced into Cybercrime in Cambodia
https://thehackernews.com/2024/04/indian-government-rescues-250-citizens.html
The Indian government said it has rescued and repatriated about 250 citizens in Cambodia who were held captive and coerced into running cyber scams.
The Indian nationals "were lured with employment opportunities to that country but were forced to undertake illegal cyber work," the Ministry of External Affairs (MEA) said in a statement, adding it had rescued 75 people in the past three
594
Detecting Windows-based Malware Through Better Visibility
https://thehackernews.com/2024/04/detecting-windows-based-malware-through.html
Despite a plethora of available security solutions, more and more organizations fall victim to Ransomware and other threats. These continued threats aren't just an inconvenience that hurt businesses and end users - they damage the economy, endanger lives, destroy businesses and put national security at risk. But if that wasn’t enough – North Korea appears to be using revenue from cyber
594
Malicious Apps Caught Secretly Turning Android Phones into Proxies for Cybercriminals
https://thehackernews.com/2024/04/malicious-apps-caught-secretly-turning.html
Several malicious Android apps that turn mobile devices running the operating system into residential proxies (RESIPs) for other threat actors have been observed on the Google Play Store.
The findings come from HUMAN's Satori Threat Intelligence team, which said the cluster of VPN apps came fitted with a Golang library that transformed the user's device into a proxy node without their knowledge.
594
Vultur Android Banking Trojan Returns with Upgraded Remote Control Capabilities
https://thehackernews.com/2024/04/vultur-android-banking-trojan-returns.html
The Android banking trojan known as Vultur has resurfaced with a suite of new features and improved anti-analysis and detection evasion techniques, enabling its operators to remotely interact with a mobile device and harvest sensitive data.
"Vultur has also started masquerading more of its malicious activity by encrypting its C2 communication, using multiple encrypted payloads that are decrypted
594
Hackers Target macOS Users with Malicious Ads Spreading Stealer Malware
https://thehackernews.com/2024/03/hackers-target-macos-users-with.html
Malicious ads and bogus websites are acting as a conduit to deliver two different stealer malware, including Atomic Stealer, targeting Apple macOS users.
The ongoing infostealer attacks targeting macOS users may have adopted different methods to compromise victims' Macs, but operate with the end goal of stealing sensitive data, Jamf Threat Labs said in a report published Friday.
One
594
RDP remains a security concern – Week in security with Tony Anscombe
https://www.welivesecurity.com/en/videos/rdp-security-concern-week-security-tony-anscombe/
Much has been written about the risks that poorly-secured RDP connections entail, but many organizations continue to leave themselves at risk and get hit by data breaches as a result
594
Urgent: Secret Backdoor Found in XZ Utils Library, Impacts Major Linux Distros
https://thehackernews.com/2024/03/urgent-secret-backdoor-found-in-xz.html
RedHat on Friday released an "urgent security alert" warning that two versions of a popular data compression library called XZ Utils (previously LZMA Utils) have been backdoored with malicious code designed to allow unauthorized remote access.
The software supply chain compromise, tracked as CVE-2024-3094, has a CVSS score of 10.0, indicating maximum severity. It impacts XZ Utils
594
Dormakaba Locks Used in Millions of Hotel Rooms Could Be Cracked in Seconds
https://thehackernews.com/2024/03/dormakaba-locks-used-in-millions-of.html
Security vulnerabilities discovered in Dormakaba's Saflok electronic RFID locks used in hotels could be weaponized by threat actors to forge keycards and stealthily slip into locked rooms.
The shortcomings have been collectively named Unsaflok by researchers Lennert Wouters, Ian Carroll, rqu, BusesCanFly, Sam Curry, sshell, and Will Caruana. They were reported to the Zurich-based
594
TheMoon Botnet Resurfaces, Exploiting EoL Devices to Power Criminal Proxy
https://thehackernews.com/2024/03/themoon-botnet-resurfaces-exploiting.html
A botnet previously considered to be rendered inert has been observed enslaving end-of-life (EoL) small home/small office (SOHO) routers and IoT devices to fuel a criminal proxy service called Faceless.
"TheMoon, which emerged in 2014, has been operating quietly while growing to over 40,000 bots from 88 countries in January and February of 2024," the Black Lotus Labs team at Lumen
594
The Golden Age of Automated Penetration Testing is Here
https://thehackernews.com/2024/03/the-golden-age-of-automated-penetration.html
Network penetration testing plays a vital role in detecting vulnerabilities that can be exploited. The current method of performing pen testing is pricey, leading many companies to undertake it only when necessary, usually once a year for their compliance requirements. This manual approach often misses opportunities to find and fix security issues early on, leaving businesses vulnerable to
594
New Linux Bug Could Lead to User Password Leaks and Clipboard Hijacking
https://thehackernews.com/2024/03/new-linux-bug-could-lead-to-user.html
Details have emerged about a vulnerability impacting the "wall" command of the util-linux package that could be potentially exploited by a bad actor to leak a user's password or alter the clipboard on certain Linux distributions.
The bug, tracked as CVE-2024-28085, has been codenamed WallEscape by security researcher Skyler Ferrante. It has been described as a case of improper
594
Cybercriminals play dirty: A look back at 10 cyber hits on the sporting world
https://www.welivesecurity.com/en/cybercrime/cybercriminals-play-dirty-10-cyber-hits-sporting-world/
This rundown of 10 cyberattacks against the sports industry shows why every team needs to keep its eyes on the ball when it comes to cybersecurity
594
PyPI Halts Sign-Ups Amid Surge of Malicious Package Uploads Targeting Developers
https://thehackernews.com/2024/03/pypi-halts-sign-ups-amid-surge-of.html
The maintainers of the Python Package Index (PyPI) repository briefly suspended new user sign-ups following an influx of malicious projects uploaded as part of a typosquatting campaign.
It said "new project creation and new user registration" was temporarily halted to mitigate what it said was a "malware upload campaign." The incident was resolved 10 hours later, on March 28, 2024, at
594
Linux Version of DinodasRAT Spotted in Cyber Attacks Across Several Countries
https://thehackernews.com/2024/03/linux-version-of-dinodasrat-spotted-in.html
A Linux version of a multi-platform backdoor called DinodasRAT has been detected in the wild targeting China, Taiwan, Turkey, and Uzbekistan, new findings from Kaspersky reveal.
DinodasRAT, also known as XDealer, is a C++-based malware that offers the ability to harvest a wide range of sensitive data from compromised hosts.
In October 2023, Slovak cybersecurity firm ESET 
594
Finland Blames Chinese Hacking Group APT31 for Parliament Cyber Attack
https://thehackernews.com/2024/03/finland-blames-chinese-hacking-group.html
The Police of Finland (aka Poliisi) has formally accused a Chinese nation-state actor tracked as APT31 for orchestrating a cyber attack targeting the country's Parliament in 2020.
The intrusion, per the authorities, is said to have occurred between fall 2020 and early 2021. The agency described the ongoing criminal probe as both demanding and time-consuming, involving extensive analysis of a "
594
Darcula Phishing Network Leveraging RCS and iMessage to Evade Detection
https://thehackernews.com/2024/03/darcula-phishing-network-leveraging-rcs.html
A sophisticated phishing-as-a-service (PhaaS) platform called Darcula has set its sights on organizations in over 100 countries by leveraging a massive network of more than 20,000 counterfeit domains to help cyber criminals launch attacks at scale.
"Using iMessage and RCS rather than SMS to send text messages has the side effect of bypassing SMS firewalls, which is being used to great
594
New Webinar: Avoiding Application Security Blind Spots with OPSWAT and F5
https://thehackernews.com/2024/03/new-webinar-avoiding-application.html
Considering the ever-changing state of cybersecurity, it's never too late to ask yourself, "am I doing what's necessary to keep my organization's web applications secure?"
The continuous evolution of technology introduces new and increasingly sophisticated threats daily, posing challenges to organizations all over the world and across the broader spectrum of industries striving to maintain
594
Behind the Scenes: The Art of Safeguarding Non-Human Identities
https://thehackernews.com/2024/03/behind-scenes-art-of-safeguarding-non.html
In the whirlwind of modern software development, teams race against time, constantly pushing the boundaries of innovation and efficiency. This relentless pace is fueled by an evolving tech landscape, where SaaS domination, the proliferation of microservices, and the ubiquity of CI/CD pipelines are not just trends but the new norm.
Amidst this backdrop, a critical aspect subtly weaves into the
