uz
Feedback
TECHZONEā„¢

TECHZONEā„¢

Kanalga Telegram’da oā€˜tish

TECHZONE CYBERNEWS && UPDATES Wį“‡ŹŸį“„į“į“į“‡ Tį“ TECHZONEā„¢ āœ”ļøInfosec Facts āœ”ļøCheatsheets āœ”ļøFree Courses āœ”ļøOpen source tools āœ”ļøTech news

Ko'proq ko'rsatish
593
Obunachilar
Ma'lumot yo'q24 soatlar
-27 kunlar
-830 kunlar
Postlar arxiv
New Python-based FBot Hacking Toolkit Aims at Cloud and SaaS Platforms https://thehackernews.com/2024/01/new-python-based-fbot-hacking-toolkit.html A new Python-based hacking tool called FBot has been uncovered targeting web servers, cloud services, content management systems (CMS), and SaaS platforms such as Amazon Web Services (AWS), Microsoft 365, PayPal, Sendgrid, and Twilio. ā€œKey features include credential harvesting for spamming attacks, AWS account hijacking tools, and functions to enable attacks against PayPal and various

There is a Ransomware Armageddon Coming for Us All https://thehackernews.com/2024/01/there-is-ransomware-armageddon-coming.html Generative AI will enable anyone to launch sophisticated phishing attacks that only Next-generation MFA devices can stop The least surprising headline from 2023 is that ransomware again set new records for a number of incidents and the damage inflicted. We saw new headlines every week, which included a who’s-who of big-name organizations. If MGM, Johnson Controls, Chlorox, Hanes Brands, Caesars

Atomic Stealer Gets an Upgrade - Targeting Mac Users with Encrypted Payload https://thehackernews.com/2024/01/atomic-stealer-gets-upgrade-targeting.html Cybersecurity researchers have identified an updated version of a macOS information stealer called Atomic (or AMOS), indicating that the threat actors behind the malware are actively enhancing its capabilities. "It looks like Atomic Stealer was updated around mid to late December 2023, where its developers introduced payload encryption in an effort to bypass detection rules,"

Attack of the copycats: How fake messaging apps and app mods could bite you https://www.welivesecurity.com/en/mobile-security/attack-copycats-fake-messaging-apps-app-mods/ WhatsApp, Telegram and Signal clones and mods remain a popular vehicle for malware distribution. Don’t get taken for a ride.

Mandiant's X Account Was Hacked Using Brute-Force Attack https://thehackernews.com/2024/01/mandiants-x-account-was-hacked-using.html The compromise of Mandiant's X (formerly Twitter) account last week was likely the result of a "brute-force password attack," attributing the hack to a drainer-as-a-service (DaaS) group. "Normally, [two-factor authentication] would have mitigated this, but due to some team transitions and a change in X's 2FA policy, we were not adequately protected," the threat intelligence firm said 

Chinese Hackers Exploit Zero-Day Flaws in Ivanti Connect Secure and Policy Secure https://thehackernews.com/2024/01/chinese-hackers-exploit-zero-day-flaws.html A pair of zero-day flaws identified in Ivanti Connect Secure (ICS) and Policy Secure have been chained by suspected China-linked nation-state actors to breach less than 10 customers. Cybersecurity firm Volexity, which identified the activity on the network of one of its customers in the second week of December 2023, attributed it to a hacking group it tracks under the name UTA0178

Cisco Fixes High-Risk Vulnerability Impacting Unity Connection Software https://thehackernews.com/2024/01/cisco-fixes-high-risk-vulnerability.html Cisco has released software updates to address a critical security flaw impacting Unity Connection that could permit an adversary to execute arbitrary commands on the underlying system. Tracked as CVE-2024-20272 (CVSS score: 7.3), the vulnerability is an arbitrary file upload bug residing in the web-based management interface and is the result of a lack of authentication in a specific

Love is in the AI: Finding love online takes on a whole new meaning https://www.welivesecurity.com/en/we-live-progress/love-ai-finding-love-online-whole-new-meaning/ Is AI companionship the future of not-so-human connection – and even the cure for loneliness?

NoaBot: Latest Mirai-Based Botnet Targeting SSH Servers for Crypto Mining https://thehackernews.com/2024/01/noabot-latest-mirai-based-botnet.html A new Mirai-based botnet called NoaBot is being used by threat actors as part of a crypto mining campaign since the beginning of 2023. ā€œThe capabilities of the new botnet, NoaBot, include a wormable self-spreader and an SSH key backdoor to download and execute additional binaries or spread itself to new victims,ā€ Akamai security researcher Stiv Kupchik said in a report shared with The

Getting off the Attack Surface Hamster Wheel: Identity Can Help https://thehackernews.com/2024/01/getting-off-attack-surface-hamster.html IT professionals have developed a sophisticated understanding of the enterprise attack surface – what it is, how to quantify it and how to manage it.  The process is simple: begin by thoroughly assessing the attack surface, encompassing the entire IT environment. Identify all potential entry and exit points where unauthorized access could occur. Strengthen these vulnerable points using

Free Decryptor Released for Black Basta and Babuk's Tortilla Ransomware Victims https://thehackernews.com/2024/01/free-decryptor-released-for-black-basta.html A decryptor for the Tortilla variant of the Babuk ransomware has been released by Cisco Talos, allowing victims targeted by the malware to regain access to their files. The cybersecurity firm said the threat intelligence it shared with Dutch law enforcement authorities made it possible to arrest the threat actor behind the operations. The encryption key has also been shared with Avast,

FTC Bans Outlogic (X-Mode) From Selling Sensitive Location Data https://thehackernews.com/2024/01/ftc-bans-outlogic-x-mode-from-selling.html The U.S. Federal Trade Commission (FTC) on Tuesday prohibited data broker Outlogic, which was previously known as X-Mode Social, from sharing or selling any sensitive location data with third-parties. The ban is part of a settlement over allegations that the company "sold precise location data that could be used to track people's visits to sensitive locations such as medical and

Microsoft's January 2024 Windows Update Patches 48 New Vulnerabilities https://thehackernews.com/2024/01/microsofts-january-2024-windows-update.html Microsoft has addressed a total of 48 security flaws spanning its software as part of its Patch Tuesday updates for January 2024. Of the 48 bugs, two are rated Critical and 46 are rated Important in severity. There is no evidence that any of the issues are publicly known or under active attack at the time of release, making it the second consecutive Patch Tuesday with no zero-days. The

CISA Flags 6 Vulnerabilities - Apple, Apache, Adobe , D-Link, Joomla Under Attack https://thehackernews.com/2024/01/cisa-flags-6-vulnerabilities-apple.html The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added six security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. This includes CVE-2023-27524 (CVSS score: 8.9), a high-severity vulnerability impacting the Apache Superset open-source data visualization software that could enable remote code execution.

Alert: Water Curupira Hackers Actively Distributing PikaBot Loader Malware https://thehackernews.com/2024/01/alert-water-curupira-hackers-actively.html A threat actor called Water Curupira has been observed actively distributing the PikaBot loader malware as part of spam campaigns in 2023. ā€œPikaBot’s operators ran phishing campaigns, targeting victims via its two components — a loader and a core module — which enabled unauthorized remote access and allowed the execution of arbitrary commands through an established connection with

Turkish Hackers Exploiting Poorly Secured MS SQL Servers Across the Globe https://thehackernews.com/2024/01/turkish-hackers-exploiting-poorly.html Poorly secured Microsoft SQL (MS SQL) servers are being targeted in the U.S., European Union, and Latin American (LATAM) regions as part of an ongoing financially motivated campaign to gain initial access. ā€œThe analyzed threat campaign appears to end in one of two ways, either the selling of ā€˜access’ to the compromised host, or the ultimate delivery of ransomware payloads,ā€ Securonix researchers

Why Public Links Expose Your SaaS Attack Surface https://thehackernews.com/2024/01/why-public-links-expose-your-saas.html Collaboration is a powerful selling point for SaaS applications. Microsoft, Github, Miro, and others promote the collaborative nature of their software applications that allows users to do more. Links to files, repositories, and boards can be shared with anyone, anywhere. This encourages teamwork that helps create stronger campaigns and projects by encouraging collaboration among employees

Alert: New Vulnerabilities Discovered in QNAP and Kyocera Device Manager https://thehackernews.com/2024/01/alert-new-vulnerabilities-discovered-in.html A security flaw has been disclosed in Kyocera’s Device Manager product that could be exploited by bad actors to carry out malicious activities on affected systems. "This vulnerability allows attackers to coerce authentication attempts to their own resources, such as a malicious SMB share, to capture or relay Active Directory hashed credentials if the ā€˜Restrict NTLM: Outgoing NTLM

Beware! YouTube Videos Promoting Cracked Software Distribute Lumma Stealer https://thehackernews.com/2024/01/beware-youtube-videos-promoting-cracked.html Threat actors are resorting to YouTube videos featuring content related to cracked software in order to entice users into downloading an information stealer malware called Lumma. ā€œThese YouTube videos typically feature content related to cracked applications, presenting users with similar installation guides and incorporating malicious URLs often shortened using services like TinyURL and Cuttly,

Syrian Hackers Distributing Stealthy C#-Based Silver RAT to Cybercriminals https://thehackernews.com/2024/01/syrian-hackers-distributing-stealthy-c.html Threat actors operating under the name Anonymous Arabic have released a remote access trojan (RAT) called Silver RAT that’s equipped to bypass security software and stealthily launch hidden applications. ā€œThe developers operate on multiple hacker forums and social media platforms, showcasing an active and sophisticated presence,ā€ cybersecurity firm Cyfirma said in a report

TECHZONEā„¢ - Telegram kanali @techzoner statistikasi va tahlili