TECHZONE™
Kanalga Telegram’da o‘tish
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
Ko'proq ko'rsatish593
Obunachilar
Ma'lumot yo'q24 soatlar
-37 kunlar
-730 kunlar
Postlar arxiv
593
VMware Releases vCenter Server Update to Fix Critical RCE Vulnerability
https://thehackernews.com/2024/10/vmware-releases-vcenter-server-update.html
VMware has released software updates to address an already patched security flaw in vCenter Server that could pave the way for remote code execution.
The vulnerability, tracked as CVE-2024-38812 (CVSS score: 9.8), concerns a case of heap-overflow vulnerability in the implementation of the DCE/RPC protocol.
"A malicious actor with network access to vCenter Server may trigger this vulnerability by
593
CISA Adds ScienceLogic SL1 Vulnerability to Exploited Catalog After Active Zero-Day Attack
https://thehackernews.com/2024/10/cisa-adds-sciencelogic-sl1.html
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical security flaw impacting ScienceLogic SL1 to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation as a zero-day.
The vulnerability in question, tracked as CVE-2024-9537 (CVSS v4 score: 9.3), refers to a bug involving an unspecified third-party component that could
593
Chinese Nation-State Hackers APT41 Hit Gambling Sector for Financial Gain
https://thehackernews.com/2024/10/chinese-nation-state-hackers-apt41-hit.html
The prolific Chinese nation-state actor known as APT41 (aka Brass Typhoon, Earth Baku, Wicked Panda, or Winnti) has been attributed to a sophisticated cyber attack targeting the gambling and gaming industry.
"Over a period of at least six months, the attackers stealthily gathered valuable information from the targeted company including, but not limited to, network configurations, user passwords,
593
Guide: The Ultimate Pentest Checklist for Full-Stack Security
https://thehackernews.com/2024/10/guide-ultimate-pentest-checklist-for.html
Pentest Checklists Are More Important Than Ever
Given the expanding attack surface coupled with the increasing sophistication of attacker tactics and techniques, penetration testing checklists have become essential for ensuring thorough assessments across an organization’s attack surface, both internal and external. By providing a structured approach, these checklists help testers systematically
593
THN Cybersecurity Recap: Top Threats, Tools and News (Oct 14 - Oct 20)
https://thehackernews.com/2024/10/thn-cybersecurity-recap-top-threats_21.html
Hi there! Here’s your quick update on the latest in cybersecurity.
Hackers are using new tricks to break into systems we thought were secure—like finding hidden doors in locked houses. But the good news? Security experts are fighting back with smarter tools to keep data safe.
Some big companies were hit with attacks, while others fixed their vulnerabilities just in time. It's a constant battle.
593
Researchers Discover Severe Security Flaws in Major E2EE Cloud Storage Providers
https://thehackernews.com/2024/10/researchers-discover-severe-security.html
Cybersecurity researchers have discovered severe cryptographic issues in various end-to-end encrypted (E2EE) cloud storage platforms that could be exploited to leak sensitive data.
"The vulnerabilities range in severity: in many cases a malicious server can inject files, tamper with file data, and even gain direct access to plaintext," ETH Zurich researchers Jonas Hofmann and Kien Tuong Truong
593
Hackers Exploit Roundcube Webmail XSS Vulnerability to Steal Login Credentials
https://thehackernews.com/2024/10/hackers-exploit-roundcube-webmail-xss.html
Unknown threat actors have been observed attempting to exploit a now-patched security flaw in the open-source Roundcube webmail software as part of a phishing attack designed to steal user credentials.
Russian cybersecurity company Positive Technologies said it discovered last month that an email was sent to an unspecified governmental organization located in one of the Commonwealth of
593
Threat actors exploiting zero-days faster than ever – Week in security with Tony Anscombe
https://www.welivesecurity.com/en/videos/threat-actors-exploiting-zero-days-faster-ever-week-security-tony-anscombe/
The average time it takes attackers to weaponize a vulnerability, either before or after a patch is released, shrank from 63 days in 2018-2019 to just five days last year
593
Acronym Overdose – Navigating the Complex Data Security Landscape
https://thehackernews.com/2024/10/acronym-overdose-navigating-complex.html
In the modern enterprise, data security is often discussed using a complex lexicon of acronyms—DLP, DDR, DSPM, and many others. While these acronyms represent critical frameworks, architectures, and tools for protecting sensitive information, they can also overwhelm those trying to piece together an effective security strategy. This article aims to demystify some of the most important acronyms
593
Crypt Ghouls Targets Russian Firms with LockBit 3.0 and Babuk Ransomware Attacks
https://thehackernews.com/2024/10/crypt-ghouls-targets-russian-firms-with.html
A nascent threat actor known as Crypt Ghouls has been linked to a set of cyber attacks targeting Russian businesses and government agencies with ransomware with the twin goals of disrupting business operations and financial gain.
"The group under review has a toolkit that includes utilities such as Mimikatz, XenAllPasswordPro, PingCastle, Localtonet, resocks, AnyDesk, PsExec, and others,"
593
North Korean IT Workers in Western Firms Now Demanding Ransom for Stolen Data
https://thehackernews.com/2024/10/north-korean-it-workers-in-western.html
North Korean information technology (IT) workers who obtain employment under false identities in Western companies are not only stealing intellectual property, but are also stepping up by demanding ransoms in order to not leak it, marking a new twist to their financially motivated attacks.
"In some instances, fraudulent workers demanded ransom payments from their former employers after gaining
593
The Ultimate DSPM Guide: Webinar on Building a Strong Data Security Posture
https://thehackernews.com/2024/10/the-ultimate-dspm-guide-webinar-on.html
Picture your company's data as a vast, complex jigsaw puzzle—scattered across clouds, devices, and networks. Some pieces are hidden, some misplaced, and others might even be missing entirely. Keeping your data secure in today’s fast-evolving landscape can feel like an impossible challenge.
But there’s a game-changing solution: Data Security Posture Management (DSPM). Think of it as a high-tech,
593
U.S. and Allies Warn of Iranian Cyberattacks on Critical Infrastructure in Year-Long Campaign
https://thehackernews.com/2024/10/us-and-allies-warn-of-iranian.html
Cybersecurity and intelligence agencies from Australia, Canada, and the U.S. have warned about a year-long campaign undertaken by Iranian cyber actors to infiltrate critical infrastructure organizations via brute-force attacks.
"Since October 2023, Iranian actors have used brute force and password spraying to compromise user accounts and obtain access to organizations in the healthcare and
593
Beware: Fake Google Meet Pages Deliver Infostealers in Ongoing ClickFix Campaign
https://thehackernews.com/2024/10/beware-fake-google-meet-pages-deliver.html
Threat actors are leveraging fake Google Meet web pages as part of an ongoing malware campaign dubbed ClickFix to deliver infostealers targeting Windows and macOS systems.
"This tactic involves displaying fake error messages in web browsers to deceive users into copying and executing a given malicious PowerShell code, finally infecting their systems," French cybersecurity company Sekoia said in
593
Microsoft Reveals macOS Vulnerability that Bypasses Privacy Controls in Safari Browser
https://thehackernews.com/2024/10/microsoft-reveals-macos-vulnerability.html
Microsoft has disclosed details about a now-patched security flaw in Apple's Transparency, Consent, and Control (TCC) framework in macOS that has likely come under exploitation to get around a user's privacy preferences and access data.
The shortcoming, codenamed HM Surf by the tech giant, is tracked as CVE-2024-44133. It was addressed by Apple as part of macOS Sequoia 15 by removing the
593
Protecting children from grooming | Unlocked 403 cybersecurity podcast (ep. 7)
https://www.welivesecurity.com/en/videos/protecting-children-grooming-unlocked-403-cybersecurity-podcast-ep-7/
“Hey, wanna chat?” This innocent phrase can take on a sinister meaning when it comes from an adult to a child online and even be the start of a predatory relationship
593
Russian RomCom Attacks Target Ukrainian Government with New SingleCamper RAT Variant
https://thehackernews.com/2024/10/russian-romcom-attacks-target-ukrainian.html
The Russian threat actor known as RomCom has been linked to a new wave of cyber attacks aimed at Ukrainian government agencies and unknown Polish entities since at least late 2023.
The intrusions are characterized by the use of a variant of the RomCom RAT dubbed SingleCamper (aka SnipBot or RomCom 5.0), said Cisco Talos, which is monitoring the activity cluster under the moniker UAT-5647.
"This
593
Researchers Uncover Cicada3301 Ransomware Operations and Its Affiliate Program
https://thehackernews.com/2024/10/cross-platform-cicada3301-ransomware.html
Cybersecurity researchers have gleaned additional insights into a nascent ransomware-as-a-service (RaaS) called Cicada3301 after successfully gaining access to the group's affiliate panel on the dark web.
Singapore-headquartered Group-IB said it contacted the threat actor behind the Cicada3301 persona on the RAMP cybercrime forum via the Tox messaging service after the latter put out an
593
SideWinder APT Strikes Middle East and Africa With Stealthy Multi-Stage Attack
https://thehackernews.com/2024/10/sidewinder-apt-strikes-middle-east-and.html
An advanced persistent threat (APT) actor with suspected ties to India has sprung forth with a flurry of attacks against high-profile entities and strategic infrastructures in the Middle East and Africa.
The activity has been attributed to a group tracked as SideWinder, which is also known as APT-C-17, Baby Elephant, Hardcore Nationalist, Leafperforator, Rattlesnake, Razor Tiger, and T-APT-04.
"
593
U.S. Charges Two Sudanese Brothers for Record 35,000 DDoS Attacks
https://thehackernews.com/2024/10/us-charges-two-sudanese-brothers-for.html
Federal prosecutors in the U.S. have charged two Sudanese brothers with running a distributed denial-of-service (DDoS) botnet for hire that conducted a record 35,000 DDoS attacks in a single year, including those that targeted Microsoft's services in June 2023.
The attacks, which were facilitated by Anonymous Sudan's "powerful DDoS tool," singled out critical infrastructure, corporate networks,
