TECHZONE™
Kanalga Telegram’da o‘tish
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
Ko'proq ko'rsatish593
Obunachilar
-124 soatlar
-27 kunlar
-830 kunlar
Postlar arxiv
593
Hands-on Review: Myrror Security Code-Aware and Attack-Aware SCA
https://thehackernews.com/2024/02/hands-on-review-myrror-security-code.html
Introduction
The modern software supply chain represents an ever-evolving threat landscape, with each package added to the manifest introducing new attack vectors. To meet industry requirements, organizations must maintain a fast-paced development process while staying up-to-date with the latest security patches. However, in practice, developers often face a large amount of security work without
593
New Coyote Trojan Targets 61 Brazilian Banks with Nim-Powered Attack
https://thehackernews.com/2024/02/new-coyote-trojan-targets-61-brazilian.html
Sixty-one banking institutions, all of them originating from Brazil, are the target of a new banking trojan called Coyote.
"This malware utilizes the Squirrel installer for distribution, leveraging Node.js and a relatively new multi-platform programming language called Nim as a loader to complete its infection," Russian cybersecurity firm Kaspersky said in a Thursday report.
What
593
Wazuh in the Cloud Era: Navigating the Challenges of Cybersecurity
https://thehackernews.com/2024/02/wazuh-in-cloud-era-navigating.html
Cloud computing has innovated how organizations operate and manage IT operations, such as data storage, application deployment, networking, and overall resource management. The cloud offers scalability, adaptability, and accessibility, enabling businesses to achieve sustainable growth. However, adopting cloud technologies into your infrastructure presents various cybersecurity risks and
593
Stealthy Zardoor Backdoor Targets Saudi Islamic Charity Organizations
https://thehackernews.com/2024/02/stealthy-zardoor-backdoor-targets-saudi.html
An unnamed Islamic non-profit organization in Saudi Arabia has been targeted as part of a stealthy cyber espionage campaign designed to drop a previously undocumented backdoor called Zardoor.
Cisco Talos, which discovered the activity in May 2023, said the campaign has likely persisted since at least March 2021, adding it has identified only one compromised target to date, although it's
593
Fortinet Warns of Critical FortiOS SSL VPN Vulnerability Under Active Exploitation
https://thehackernews.com/2024/02/fortinet-warns-of-critical-fortios-ssl.html
Fortinet has disclosed a new critical security flaw in FortiOS SSL VPN that it said is likely being exploited in the wild.
The vulnerability, CVE-2024-21762 (CVSS score: 9.6), allows for the execution of arbitrary code and commands.
"A out-of-bounds write vulnerability [CWE-787] in FortiOS may allow a remote unauthenticated attacker to execute arbitrary code or command via specially
593
The buck stops here: Why the stakes are high for CISOs
https://www.welivesecurity.com/en/business-security/buck-stops-stakes-high-cisos/
Heavy workloads and the specter of personal liability for incidents take a toll on security leaders, so much so that many of them look for the exits. What does this mean for corporate cyber-defenses?
593
Warning: New Ivanti Auth Bypass Flaw Affects Connect Secure and ZTA Gateways
https://thehackernews.com/2024/02/warning-new-ivanti-auth-bypass-flaw.html
Ivanti has alerted customers of yet another high-severity security flaw in its Connect Secure, Policy Secure, and ZTA gateway devices that could allow attackers to bypass authentication.
The issue, tracked as CVE-2024-22024, is rated 8.3 out of 10 on the CVSS scoring system.
"An XML external entity or XXE vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x), Ivanti
593
Chinese Hackers Operate Undetected in U.S. Critical Infrastructure for Half a Decade
https://thehackernews.com/2024/02/chinese-hackers-operate-undetected-in.html
The U.S. government on Wednesday said the Chinese state-sponsored hacking group known as Volt Typhoon had been embedded into some critical infrastructure networks in the country for at least five years.
Targets of the threat actor include communications, energy, transportation, and water and wastewater systems sectors in the U.S. and Guam.
"Volt Typhoon's choice of targets and pattern
593
Unified Identity – look for the meaning behind the hype!
https://thehackernews.com/2024/02/unified-identity-look-for-meaning.html
If you've listened to software vendors in the identity space lately, you will have noticed that “unified” has quickly become the buzzword that everyone is adopting to describe their portfolio. And this is great! Unified identity has some amazing benefits!
However (there is always a however, right?) not every “unified” “identity” “security” “platform” is made equal. Some vendors call the
593
HijackLoader Evolves: Researchers Decode the Latest Evasion Methods
https://thehackernews.com/2024/02/hijackloader-evolves-researchers-decode.html
The threat actors behind a loader malware called HijackLoader have added new techniques for defense evasion, as the malware continues to be increasingly used by other threat actors to deliver additional payloads and tooling.
"The malware developer used a standard process hollowing technique coupled with an additional trigger that was activated by the parent process writing to a pipe,"
593
Google Starts Blocking Sideloading of Potentially Dangerous Android Apps in Singapore
https://thehackernews.com/2024/02/google-starts-blocking-sideloading-of.html
Google has unveiled a new pilot program in Singapore that aims to prevent users from sideloading certain apps that abuse Android app permissions to read one-time passwords and gather sensitive data.
"This enhanced fraud protection will analyze and automatically block the installation of apps that may use sensitive runtime permissions frequently abused for financial fraud when the user attempts
593
Kimsuky's New Golang Stealer 'Troll' and 'GoBear' Backdoor Target South Korea
https://thehackernews.com/2024/02/kimsukys-new-golang-stealer-troll-and.html
The North Korea-linked nation-state actor known as Kimsuky is suspected of using a previously undocumented Golang-based information stealer called Troll Stealer.
The malware steals "SSH, FileZilla, C drive files/directories, browsers, system information, [and] screen captures" from infected systems, South Korean cybersecurity company S2W said in a new technical report.
Troll
593
Critical Patches Released for New Flaws in Cisco, Fortinet, VMware Products
https://thehackernews.com/2024/02/critical-patches-released-for-new-flaws.html
Cisco, Fortinet, and VMware have released security fixes for multiple security vulnerabilities, including critical weaknesses that could be exploited to perform arbitrary actions on affected devices.
The first set from Cisco consists of three flaws – CVE-2024-20252 and CVE-2024-20254 (CVSS score: 9.6) and CVE-2024-20255 (CVSS score: 8.2) – impacting Cisco Expressway Series that could allow an
593
After FBI Takedown, KV-Botnet Operators Shift Tactics in Attempt to Bounce Back
https://thehackernews.com/2024/02/after-fbi-takedown-kv-botnet-operators.html
The threat actors behind the KV-botnet made "behavioral changes" to the malicious network as U.S. law enforcement began issuing commands to neutralize the activity.
KV-botnet is the name given to a network of compromised small office and home office (SOHO) routers and firewall devices across the world, with one specific cluster acting as a covert data transfer system for other Chinese
593
Critical Bootloader Vulnerability in Shim Impacts Nearly All Linux Distros
https://thehackernews.com/2024/02/critical-bootloader-vulnerability-in.html
The maintainers of shim have released version 15.8 to address six security flaws, including a critical bug that could pave the way for remote code execution under specific circumstances.
Tracked as CVE-2023-40547 (CVSS score: 9.8), the vulnerability could be exploited to achieve a Secure Boot bypass. Bill Demirkapi of the Microsoft Security Response Center (MSRC) has been&
593
New Webinar: 5 Steps to vCISO Success for MSPs and MSSPs
https://thehackernews.com/2024/02/new-webinar-5-steps-to-vciso-success.html
2024 will be the year of the vCISO. An incredible 45% of MSPs and MSSPs are planning to start offering vCISO services in 2024. As an MSP/MSSP providing vCISO services, you own the organization’s cybersecurity infrastructure and strategy. But you also need to position yourself as a reliable decision-maker, navigating professional responsibilities, business needs and leadership
593
Global Coalition and Tech Giants Unite Against Commercial Spyware Abuse
https://thehackernews.com/2024/02/global-coalition-and-tech-giants-unite.html
A coalition of dozens of countries, including France, the U.K., and the U.S., along with tech companies such as Google, MDSec, Meta, and Microsoft, have signed a joint agreement to curb the abuse of commercial spyware to commit human rights abuses.
The initiative, dubbed the Pall Mall Process, aims to tackle the proliferation and irresponsible use of commercial cyber intrusion tools by
593
Left to their own devices: Security for employees using personal devices for work
https://www.welivesecurity.com/en/business-security/left-own-devices-security-employees-personal-devices-work/
As personal devices within corporate networks make for a potentially combustible mix, a cavalier approach to BYOD security won’t cut it
593
Chinese Hackers Exploited FortiGate Flaw to Breach Dutch Military Network
https://thehackernews.com/2024/02/chinese-hackers-exploited-fortigate.html
Chinese state-backed hackers broke into a computer network that's used by the Dutch armed forces by targeting Fortinet FortiGate devices.
"This [computer network] was used for unclassified research and development (R&D)," the Dutch Military Intelligence and Security Service (MIVD) said in a statement. "Because this system was self-contained, it did not lead to any damage to the
593
Critical JetBrains TeamCity On-Premises Flaw Exposes Servers to Takeover - Patch Now
https://thehackernews.com/2024/02/critical-jetbrains-teamcity-on-premises.html
JetBrains is alerting customers of a critical security flaw in its TeamCity On-Premises continuous integration and continuous deployment (CI/CD) software that could be exploited by threat actors to take over susceptible instances.
The vulnerability, tracked as CVE-2024-23917, carries a CVSS rating of 9.8 out of 10, indicative of its severity.
"The vulnerability may enable an unauthenticated
