TECHZONE™
Kanalga Telegram’da o‘tish
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
Ko'proq ko'rsatish595
Obunachilar
Ma'lumot yo'q24 soatlar
-17 kunlar
-1030 kunlar
Postlar arxiv
595
Gcore DDoS Radar Reveals 56% YoY Increase in DDoS Attacks
https://thehackernews.com/2025/02/gcore-ddos-radar-reveals-56-yoy.html
Gcore’s latest DDoS Radar report analyzes attack data from Q3–Q4 2024, revealing a 56% YoY rise in the total number of DDoS attacks with the largest attack peaking at a record 2 Tbps. The financial services sector saw the most dramatic increase, with a 117% rise in attacks, while gaming remained the most-targeted industry. This period’s findings emphasize the need for robust, adaptive DDoS
595
Protecting Your Software Supply Chain: Assessing the Risks Before Deployment
https://thehackernews.com/2025/02/protecting-your-software-supply-chain.html
Imagine you're considering a new car for your family. Before making a purchase, you evaluate its safety ratings, fuel efficiency, and reliability. You might even take it for a test drive to ensure it meets your needs. The same approach should be applied to software and hardware products before integrating them into an organization's environment. Just as you wouldn’t buy a car without knowing its
595
Threat Actors Exploit ClickFix to Deploy NetSupport RAT in Latest Cyber Attacks
https://thehackernews.com/2025/02/threat-actors-exploit-clickfix-to.html
Threat actors have observed the increasingly common ClickFix technique to deliver a remote access trojan named NetSupport RAT since early January 2025.
NetSupport RAT, typically propagated via bogus websites and fake browser updates, grants attackers full control over the victim's host, allowing them to monitor the device's screen in real-time, control the keyboard and mouse, upload and download
595
8Base Ransomware Data Leak Sites Seized in International Law Enforcement Operation
https://thehackernews.com/2025/02/8base-ransomware-data-leak-sites-seized.html
Source: The Nation
A coordinated law enforcement operation has taken down the dark web data leak and negotiation sites associated with the 8Base ransomware gang.
Visitors to the data leak site are now greeted with a seizure banner that says: "This hidden site and the criminal content have been seized by the Bavarian State Criminal Police Office on behalf of the Office of the Public Prosecutor
595
Apple Patches Actively Exploited iOS Zero-Day CVE-2025-24200 in Emergency Update
https://thehackernews.com/2025/02/apple-patches-actively-exploited-ios.html
Apple on Monday released out-of-band security updates to address a security flaw in iOS and iPadOS that it said has been exploited in the wild.
Assigned the CVE identifier CVE-2025-24200, the vulnerability has been described as an authorization issue that could make it possible for a malicious actor to disable USB Restricted Mode on a locked device as part of a cyber physical attack.
This
595
XE Group Shifts From Card Skimming to Supply Chain Attacks
https://www.darkreading.com/cyber-risk/xe-group-shifts-card-skimming-supply-chain-attacks
595
120K Victims Compromised in Memorial Hospital Ransomware Attack
https://www.darkreading.com/cyber-risk/120k-victims-compromised-memorial-hospital-ransomware
595
Guilty Plea in Hacking of the SEC's X Account That Caused Bitcoin Value Spike
https://www.darkreading.com/cyber-risk/guilty-plea-in-hacking-of-the-sec-s-x-account-that-caused-bitcoin-value-spike
595
Newspaper Giant Lee Enterprises Reels From Cyberattack
https://www.darkreading.com/cyber-risk/newspaper-giant-lee-enterprise-cyberattack
595
Hackers Exploit Google Tag Manager to Deploy Credit Card Skimmers on Magento Stores
https://thehackernews.com/2025/02/hackers-exploit-google-tag-manager-to.html
Threat actors have been observed leveraging Google Tag Manager (GTM) to deliver credit card skimmer malware targeting Magento-based e-commerce websites.
Website security company Sucuri said the code, while appearing to be a typical GTM and Google Analytics script used for website analytics and advertising purposes, contains an obfuscated backdoor capable of providing attackers with persistent
595
Magecart Attackers Abuse Google Ad Tool to Steal Data
https://www.darkreading.com/cyberattacks-data-breaches/magecart-attackers-abuse-google-ad-tool-steal-data
595
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [10 February]
https://thehackernews.com/2025/02/thn-weekly-recap-top-cybersecurity_10.html
In cybersecurity, the smallest crack can lead to the biggest breaches. A leaked encryption key, an unpatched software bug, or an abandoned cloud storage bucket—each one seems minor until it becomes the entry point for an attack.
This week, we’ve seen cybercriminals turn overlooked weaknesses into major security threats, proving once again that no system is too small to be targeted. The question
595
Don't Overlook These 6 Critical Okta Security Configurations
https://thehackernews.com/2025/02/dont-overlook-these-6-critical-okta.html
Given Okta's role as a critical part of identity infrastructure, strengthening Okta security is essential. This article covers six key Okta security settings that provide a strong starting point, along with recommendations for implementing continuous monitoring of your Okta security posture.
With over 18,000 customers, Okta serves as the cornerstone of identity governance and security for
595
DragonRank Exploits IIS Servers with BadIIS Malware for SEO Fraud and Gambling Redirects
https://thehackernews.com/2025/02/dragonrank-exploits-iis-servers-with.html
Threat actors have been observed targeting Internet Information Services (IIS) servers in Asia as part of a search engine optimization (SEO) manipulation campaign designed to install BadIIS malware.
"It is likely that the campaign is financially motivated since redirecting users to illegal gambling websites shows that attackers deploy BadIIS for profit," Trend Micro researchers Ted Lee and
595
Zimbra Releases Security Updates for SQL Injection, Stored XSS, and SSRF Vulnerabilities
https://thehackernews.com/2025/02/zimbra-releases-security-updates-for.html
Zimbra has released software updates to address critical security flaws in its Collaboration software that, if successfully exploited, could result in information disclosure under certain conditions.
The vulnerability, tracked as CVE-2025-25064, carries a CVSS score of 9.8 out of a maximum of 10.0. It has been described as an SQL injection bug in the ZimbraSync Service SOAP endpoint affecting
595
XE Hacker Group Exploits VeraCore Zero-Day to Deploy Persistent Web Shells
https://thehackernews.com/2025/02/xe-hacker-group-exploits-veracore-zero.html
Threat actors have been observed exploiting multiple security flaws in various software products, including Progress Telerik UI for ASP.NET AJAX and Advantive VeraCore, to drop reverse shells and web shells, and maintain persistent remote access to compromised systems.
The zero-day exploitation of security flaws in VeraCore has been attributed to a threat actor known as XE Group, a cybercrime
595
Malicious ML Models on Hugging Face Leverage Broken Pickle Format to Evade Detection
https://thehackernews.com/2025/02/malicious-ml-models-found-on-hugging.html
Cybersecurity researchers have uncovered two malicious machine learning (ML) models on Hugging Face that leveraged an unusual technique of "broken" pickle files to evade detection.
"The pickle files extracted from the mentioned PyTorch archives revealed the malicious Python content at the beginning of the file," ReversingLabs researcher Karlo Zanki said in a report shared with The Hacker News. "
595
LLM Hijackers Quickly Incorporate DeepSeek API Keys
https://www.darkreading.com/application-security/llm-hijackers-deepseek-api-keys
595
SolarWinds to Go Private for $4.4B
https://www.darkreading.com/cybersecurity-operations/solarwinds-private-billions
595
Microsoft: Thousands of Public ASP.NET Keys Allow Web Server RCE
https://www.darkreading.com/remote-workforce/microsoft-public-asp-net-keys-web-server-rce
Endi mavjud! Telegram Tadqiqoti 2025 — yilning asosiy insaytlari 
