TECHZONE™
Kanalga Telegram’da o‘tish
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
Ko'proq ko'rsatish595
Obunachilar
-124 soatlar
Ma'lumot yo'q7 kunlar
-930 kunlar
Postlar arxiv
595
HUMINT: Diving Deep into the Dark Web
https://thehackernews.com/2024/07/humint-diving-deep-into-dark-web.html
Clear Web vs. Deep Web vs. Dark Web
Threat intelligence professionals divide the internet into three main components:
Clear Web - Web assets that can be viewed through public search engines, including media, blogs, and other pages and sites.
Deep Web - Websites and forums that are unindexed by search engines. For example, webmail, online banking, corporate intranets, walled gardens, etc. Some
595
GuardZoo Malware Targets Over 450 Middle Eastern Military Personnel
https://thehackernews.com/2024/07/guardzoo-malware-targets-over-450.html
Military personnel from Middle East countries are the target of an ongoing surveillanceware operation that delivers an Android data-gathering tool called GuardZoo.
The campaign, believed to have commenced as early as October 2019, has been attributed to a Houthi-aligned threat actor based on the application lures, command-and-control (C2) server logs, targeting footprint, and the attack
595
Cybersecurity Agencies Warn of China-linked APT40's Rapid Exploit Adaptation
https://thehackernews.com/2024/07/cybersecurity-agencies-warn-of-china.html
Cybersecurity agencies from Australia, Canada, Germany, Japan, New Zealand, South Korea, the U.K., and the U.S. have released a joint advisory about a China-linked cyber espionage group called APT40, warning about its ability to co-opt exploits for newly disclosed security flaws within hours or days of public release.
"APT 40 has previously targeted organizations in various countries, including
595
Trojanized jQuery Packages Found on npm, GitHub, and jsDelivr Code Repositories
https://thehackernews.com/2024/07/trojanized-jquery-packages-found-on-npm.html
Unknown threat actors have been found propagating trojanized versions of jQuery on npm, GitHub, and jsDelivr in what appears to be an instance of a "complex and persistent" supply chain attack.
"This attack stands out due to the high variability across packages," Phylum said in an analysis published last week.
"The attacker has cleverly hidden the malware in the seldom-used 'end' function of
595
New APT Group "CloudSorcerer" Targets Russian Government Entities
https://thehackernews.com/2024/07/new-apt-group-cloudsorcerer-targets.html
A previously undocumented advanced persistent threat (APT) group dubbed CloudSorcerer has been observed targeting Russian government entities by leveraging cloud services for command-and-control (C2) and data exfiltration.
Cybersecurity firm Kaspersky, which discovered the activity in May 2024, the tradecraft adopted by the threat actor bears similarities with that of CloudWizard, but pointed
595
Dark Web Malware Logs Expose 3,300 Users Linked to Child Abuse Sites
https://thehackernews.com/2024/07/dark-web-malware-logs-expose-3300-users.html
An analysis of information-stealing malware logs published on the dark web has led to the discovery of thousands of consumers of child sexual abuse material (CSAM), indicating how such information could be used to combat serious crimes.
"Approximately 3,300 unique users were found with accounts on known CSAM sources," Recorded Future said in a proof-of-concept (PoC) report published last week. "
595
New Ransomware-as-a-Service 'Eldorado' Targets Windows and Linux Systems
https://thehackernews.com/2024/07/new-ransomware-as-service-eldorado.html
An emerging ransomware-as-a-service (RaaS) operation called Eldorado comes with locker variants to encrypt files on Windows and Linux systems.
Eldorado first appeared on March 16, 2024, when an advertisement for the affiliate program was posted on the ransomware forum RAMP, Singapore-headquartered Group-IB said.
The cybersecurity firm, which infiltrated the ransomware group, noted that its
595
5 Key Questions CISOs Must Ask Themselves About Their Cybersecurity Strategy
https://thehackernews.com/2024/07/5-key-questions-cisos-must-ask.html
Events like the recent massive CDK ransomware attack – which shuttered car dealerships across the U.S. in late June 2024 – barely raise public eyebrows anymore.
Yet businesses, and the people that lead them, are justifiably jittery. Every CISO knows that cybersecurity is an increasingly hot topic for executives and board members alike. And when the inevitable CISO/Board briefing rolls
595
Experts Warn of Mekotio Banking Trojan Targeting Latin American Countries
https://thehackernews.com/2024/07/experts-warn-of-mekotio-banking-trojan.html
Financial institutions in Latin America are being threatened by a banking trojan called Mekotio (aka Melcoz).
That's according to findings from Trend Micro, which said it recently observed a surge in cyber attacks distributing the Windows malware.
Mekotio, known to be actively put to use since 2015, is known to target Latin American countries like Brazil, Chile, Mexico, Spain, Peru, and Portugal
595
Critical Unpatched Flaws Disclosed in Popular Gogs Open-Source Git Service
https://thehackernews.com/2024/07/critical-vulnerabilities-disclosed-in.html
Four unpatched security flaws, including three critical ones, have been disclosed in the Gogs open-source, self-hosted Git service that could enable an authenticated attacker to breach susceptible instances, steal or wipe source code, and even plant backdoors.
The vulnerabilities, according to SonarSource researchers Thomas Chauchefoin and Paul Gerste, are listed below -
CVE-2024-39930 (CVSS
595
Apple Removes VPN Apps from Russian App Store Amid Government Pressure
https://thehackernews.com/2024/07/apple-removes-vpn-apps-from-russian-app.html
Apple removed a number of virtual private network (VPN) apps in Russia from its App Store on July 4, 2024, following a request by Russia's state communications watchdog Roskomnadzor, Russian news media reported.
This includes the mobile apps of 25 VPN service providers, including ProtonVPN, Red Shield VPN, NordVPN and Le VPN, according to MediaZona. It's worth noting that NordVPN previously shut
595
Webinar Alert: Learn How ITDR Solutions Stop Sophisticated Identity Attacks
https://thehackernews.com/2024/07/webinar-alert-learn-how-itdr-solutions.html
Identity theft isn't just about stolen credit cards anymore. Today, cybercriminals are using advanced tactics to infiltrate organizations and cause major damage with compromised credentials.
The stakes are high: ransomware attacks, lateral movement, and devastating data breaches.
Don't be caught off guard. Join us for a groundbreaking webinar that will change the way you approach cybersecurity.
595
OVHcloud Hit with Record 840 Million PPS DDoS Attack Using MikroTik Routers
https://thehackernews.com/2024/07/ovhcloud-hit-with-record-840-million.html
French cloud computing firm OVHcloud said it mitigated a record-breaking distributed denial-of-service (DDoS) attack in April 2024 that reached a packet rate of 840 million packets per second (Mpps).
This is just above the previous record of 809 million Mpps reported by Akamai as targeting a large European bank in June 2020.
The 840 Mpps DDoS attack is said to have been a combination of a TCP
595
Blueprint for Success: Implementing a CTEM Operation
https://thehackernews.com/2024/07/blueprint-for-success-implementing-ctem.html
The attack surface isn’t what it once was and it’s becoming a nightmare to protect. A constantly expanding and evolving attack surface means risk to the business has skyrocketed and current security measures are struggling to keep it protected. If you’ve clicked on this article, there’s a good chance you’re looking for solutions to manage this risk.
In 2022, a new framework was coined by Gartner
595
GootLoader Malware Still Active, Deploys New Versions for Enhanced Attacks
https://thehackernews.com/2024/07/gootloader-malware-delivers-new.html
The malware known as GootLoader continues to be in active use by threat actors looking to deliver additional payloads to compromised hosts.
"Updates to the GootLoader payload have resulted in several versions of GootLoader, with GootLoader 3 currently in active use," cybersecurity firm Cybereason said in an analysis published last week.
"While some of the particulars of GootLoader payloads have
595
Polyfill[.]io Attack Impacts Over 380,000 Hosts, Including Major Companies
https://thehackernews.com/2024/07/polyfillio-attack-impacts-over-380000.html
The supply chain attack targeting widely-used Polyfill[.]io JavaScript library is wider in scope than previously thought, with new findings from Censys showing that over 380,000 hosts are embedding a polyfill script linking to the malicious domain as of July 2, 2024.
This includes references to "https://cdn.polyfill[.]io" or "https://cdn.polyfill[.]com" in their HTTP responses, the attack
595
New Golang-Based Zergeca Botnet Capable of Powerful DDoS Attacks
https://thehackernews.com/2024/07/new-golang-based-zergeca-botnet-capable.html
Cybersecurity researchers have uncovered a new botnet called Zergeca that's capable of conducting distributed denial-of-service (DDoS) attacks.
Written in Golang, the botnet is so named for its reference to a string named "ootheca" present in the command-and-control (C2) servers ("ootheca[.]pw" and "ootheca[.]top").
"Functionally, Zergeca is not just a typical DDoS botnet; besides supporting six
595
Social media and teen mental health – Week in security with Tony Anscombe
https://www.welivesecurity.com/en/videos/social-media-teen-mental-health-week-security-tony-anscombe/
Social media sites are designed to make their users come back for more. Do laws restricting children's exposure to addictive social media feeds have teeth or are they a political gimmick?
595
Microsoft Uncovers Critical Flaws in Rockwell Automation PanelView Plus
https://thehackernews.com/2024/07/microsoft-uncovers-critical-flaws-in.html
Microsoft has revealed two security flaws in Rockwell Automation PanelView Plus that could be weaponized by remote, unauthenticated attackers to execute arbitrary code and trigger a denial-of-service (DoS) condition.
"The [remote code execution] vulnerability in PanelView Plus involves two custom classes that can be abused to upload and load a malicious DLL into the device," security researcher
595
Brazil Halts Meta's AI Data Processing Amid Privacy Concerns
https://thehackernews.com/2024/07/brazil-halts-metas-ai-data-processing.html
Brazil's data protection authority, Autoridade Nacional de Proteção de Dados (ANPD), has temporarily banned Meta from processing users' personal data to train the company's artificial intelligence (AI) algorithms.
The ANPD said it found "evidence of processing of personal data based on inadequate legal hypothesis, lack of transparency, limitation of the rights of data subjects, and risks to
