TECHCO

Cyber Security news

Cyber Security news, information and tips

How to Handle Retail SaaS Security on Cyber Monday
If forecasters are right, over the course of today, consumers will spend $13.7 billion. Just about every click, sale, and engagement will be captured by a CRM platform. Inventory applications will trigger automated re-orders; communication tools will send automated email and text messages confirming sales and sharing shipping information.  SaaS applications...
Published on: 5 months ago
Source: The Hackers News
Beneath the Surface: How Hackers Turn NetSupport Against Users
NetSupport malware variants have been a persistent threat, demonstrating adaptability and evolving infection techniques. In this technical analysis, we delve... The post Beneath the Surface: How Hackers Turn NetSupport Against Users appeared first on McAfee Blog....
Published on: 5 months ago
Source: McAfee
Cybersecurity tool investments are rising in Asia-Pacific as Cyberattacks grow
Investments in cybersecurity tools have been on the rise in the Asia-Pacific region, owing to the increased prevalence of cyberattacks. It is projected that the market will grow at a CAGR of 16.4% by 2032. The market for cyber warfare has been growing rapidly and was valued at $37.5 billion...
Published on: 5 months ago
Source: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
A New Telekopye Bots That Tricks Users to Steal Payment Details
Phishing bots are a tool used by hackers to fool people into disclosing private information such as- With the help of these automated tools, threat actors easily create deceptive, harmful emails and websites, which makes it easier for them to take advantage of vulnerabilities and access accounts or systems without...
Published on: 5 months ago
Source: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
NukeSped Malware Exploiting Apache ActiveMQ Vulnerability
The Andariel threat group has been discovered installing malware via the exploitation of the Apache ActiveMQ remote code execution vulnerability classified as CVE-2023-46604. The group is known to be either a subsidiary of Lazarus or in an active partnership with the Lazarus threat group. It primarily targets South Korean institutions and enterprises,...
Published on: 5 months ago
Source: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
Experts Uncover Passive Method to Extract Private RSA Keys from SSH Connections
A new study has demonstrated that it's possible for passive network attackers to obtain private RSA host keys from a vulnerable SSH server by observing when naturally occurring computational faults that occur while the connection is being established. The Secure Shell (SSH) protocol is a method for securely transmitting commands...
Published on: 5 months ago
Source: The Hackers News
DPRK Hackers Exploit MagicLine4NX Zero-day in Supply Chain Attacks
North Korea, DPRK threat actors, have been reportedly involved in several supply-chain attacks to gain unauthorized access to the intranet of an organization. One of the software exploited by the DPRK threat actors was the MagicLine4NX security authentication program, which contained a zero-day vulnerability. This vulnerability allowed initial intrusion into...
Published on: 5 months ago
Source: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
DPRK Crypto Theft | macOS RustBucket Droppers Pivot to Deliver KandyKorn Payloads
Two apparently separate North Korean crypto theft campaigns targeting macOS users appear to be linked as threat actors mix and match droppers and payloads....
Published on: 5 months ago
Source: Sentinelone
Konni Group Uses Weaponized Word Documents to Deliver RAT Malware
In the ever-evolving cybersecurity domain, the resurgence of NetSupport RAT, a Remote Access Trojan (RAT), has raised concerns among security professionals.  This sophisticated malware, initially developed as a legitimate remote administration tool, has been repurposed by malicious actors to infiltrate systems and establish remote control. NetSupport Manager, the software upon...
Published on: 5 months ago
Source: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
MOVEit Hack : Over 185,000 AutoZone Users Personal Data Hacked
AutoZone Inc., a US retailer of automotive parts and accessories, warned customers that their data had been compromised as a result of the Clop MOVEit file transfer attacks. Personal information, such as the names and social security numbers of 185,000 individuals, was impacted due to the extensive MOVEit hacking campaign....
Published on: 5 months ago
Source: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
North Korean Hackers Exploiting Zero-day Vulnerabilities & Supply Chains
The DPRK has been a great threat to organizations in recent times. Their attack methods have been discovered with several novel techniques involving different scenarios. Their recent attack method was associated with fake candidates and employers for supply chain attacks. A recent joint security advisory from the National Cyber Security...
Published on: 5 months ago
Source: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
U.S., U.K., and Global Partners Release Secure AI System Development Guidelines
The U.K. and U.S., along with international partners from 16 other countries, have released new guidelines for the development of secure artificial intelligence (AI) systems. "The approach prioritizes ownership of security outcomes for customers, embraces radical transparency and accountability, and establishes organizational structures where secure design is a top priority,"...
Published on: 5 months ago
Source: The Hackers News
Dell Command Configure Vulnerability Let Attackers Compromise Vulnerable Systems
It has been discovered that there is a high-severity vulnerability in Dell Command Configure that could potentially be exploited by malicious users to compromise the system. The vulnerability has been given a CVSS base score of 7.3 and has been classified as CVE-2023-43086. It is important to take note of...
Published on: 5 months ago
Source: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
DarkGate Malware-as-a-Service Evolved as Complete Toolkit
DarkGate is a complete toolkit, first discovered in 2018, that provides attackers with extensive capabilities to access target systems completely. On underground cybercrime forums, an actor known as RastaFarEye develops and sells the software as Malware-as-a-Service (MaaS). The malware is offered through a subscription-based approach that costs up to $15,000 per month, justified...
Published on: 5 months ago
Source: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
Online Shopping: The Dos and Don’ts
Internet shopping has become an integral part of our daily lives, providing convenience, variety, and easy price comparisons. However, with this convenience comes potential risks. This article explores the dos and don’ts of online shopping to help you navigate this virtual marketplace safely and effectively. The post Online Shopping: The...
Published on: 5 months ago
Source: McAfee
The RAT King “NetSupport RAT” is Back in Action Via fake browser updates
In the perpetually evolving realm of cybersecurity, the reawakening of NetSupport RAT, a Remote Access Trojan (RAT), casts a looming shadow that beckons the attention of vigilant security professionals.  This insidious malware, initially conceived as a bona fide remote administration tool, has metamorphosed into a potent weapon wielded by nefarious...
Published on: 5 months ago
Source: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
New 'HrServ.dll' Web Shell Detected in APT Attack Targeting Afghan Government
An unspecified government entity in Afghanistan was targeted by a previously undocumented web shell called HrServ in what’s suspected to be an advanced persistent threat (APT) attack. The web shell, a dynamic-link library (DLL) named “hrserv.dll,” exhibits “sophisticated features such as custom encoding methods for client communication and in-memory execution,” Kaspersky security...
Published on: 5 months ago
Source: The Hackers News
Warning: 3 Critical Vulnerabilities Expose ownCloud Users to Data Breaches
The maintainers of the open-source file-sharing software ownCloud have warned of three critical security flaws that could be exploited to disclose sensitive information and modify files. A brief description of the vulnerabilities is as follows - Disclosure of sensitive credentials and configuration in containerized deployments impacting graphapi versions from 0.2.0...
Published on: 5 months ago
Source: The Hackers News
Cybercriminals Using Telekopye Telegram Bot to Craft Phishing Scams on a Grand Scale
More details have emerged about a malicious Telegram bot called Telekopye that's used by threat actors to pull off large-scale phishing scams. "Telekopye can craft phishing websites, emails, SMS messages, and more," ESET security researcher Radek Jizba said in a new analysis. The threat actors behind the operation – codenamed Neanderthals – are known to run...
Published on: 5 months ago
Source: The Hackers News
The Good, the Bad and the Ugly in Cybersecurity – Week 47
FTC launches voice cloning and AI safety challenge, Rhysida RaaS claims attack on British Library, and U.S. nuclear center suffers breach....
Published on: 5 months ago
Source: Sentinelone
Tell Me Your Secrets Without Telling Me Your Secrets
The title of this article probably sounds like the caption to a meme. Instead, this is an actual problem GitGuardian's engineers had to solve in implementing the mechanisms for their new HasMySecretLeaked service. They wanted to help developers find out if their secrets (passwords, API keys, private keys, cryptographic certificates, etc.)...
Published on: 5 months ago
Source: The Hackers News
Hamas-Linked Cyberattacks Using Rust-Powered SysJoker Backdoor Against Israel
Cybersecurity researchers have shed light on a Rust version of a cross-platform backdoor called SysJoker, which is assessed to have been used by a Hamas-affiliated threat actor to target Israel amid the ongoing war in the region. “Among the most prominent changes is the shift to Rust language, which indicates the...
Published on: 5 months ago
Source: The Hackers News
Kubernetes Secrets of Fortune 500 Companies Exposed in Public Repositories
Cybersecurity researchers are warning of publicly exposed Kubernetes configuration secrets that could put organizations at risk of supply chain attacks. “These encoded Kubernetes configuration secrets were uploaded to public repositories,” Aqua security researchers Yakir Kadkoda and Assaf Morag said in a new research published earlier this week. Some of those impacted include...
Published on: 5 months ago
Source: The Hackers News
Konni Group Using Russian-Language Malicious Word Docs in Latest Attacks
A new phishing attack has been observed leveraging a Russian-language Microsoft Word document to deliver malware capable of harvesting sensitive information from compromised Windows hosts. The activity has been attributed to a threat actor called Konni, which is assessed to share overlaps with a North Korean cluster tracked as Kimsuky...
Published on: 5 months ago
Source: The Hackers News
Alert: New WailingCrab Malware Loader Spreading via Shipping-Themed Emails
Delivery- and shipping-themed email messages are being used to deliver a sophisticated malware loader known as WailingCrab. "The malware itself is split into multiple components, including a loader, injector, downloader and backdoor, and successful requests to C2-controlled servers are often necessary to retrieve the next stage," IBM X-Force researchers Charlotte Hammond,...
Published on: 5 months ago
Source: The Hackers News
Sextortion – What Every Parent Needs To Know
Imagine this. You’re 15, feeling unsure about yourself in the world, possibly even a little lonely. One day, a pretty... The post Sextortion – What Every Parent Needs To Know appeared first on McAfee Blog....
Published on: 5 months ago
Source: McAfee
6 Steps to Accelerate Cybersecurity Incident Response
Modern security tools continue to improve in their ability to defend organizations’ networks and endpoints against cybercriminals. But the bad actors still occasionally find a way in. Security teams must be able to stop threats and restore normal operations as quickly as possible. That’s why it’s essential that these teams...
Published on: 5 months ago
Source: The Hackers News
Mirai-based Botnet Exploiting Zero-Day Bugs in Routers and NVRs for Massive DDoS Attacks
An active malware campaign is leveraging two zero-day vulnerabilities with remote code execution (RCE) functionality to rope routers and video recorders into a Mirai-based distributed denial-of-service (DDoS) botnet. “The payload targets routers and network video recorder (NVR) devices with default admin credentials and installs Mirai variants when successful,” Akamai said in an...
Published on: 5 months ago
Source: The Hackers News
N. Korean Hackers Distribute Trojanized CyberLink Software in Supply Chain Attack
A North Korean state-sponsored threat actor tracked as Diamond Sleet is distributing a trojanized version of a legitimate application developed by a Taiwanese multimedia software developer called CyberLink to target downstream customers via a supply chain attack. "This malicious file is a legitimate CyberLink application installer that has been modified to include...
Published on: 5 months ago
Source: The Hackers News
How Typosquatting Scams Work
In our digital world, scamming techniques have become more sophisticated, leading to a growing threat not only to individuals but... The post How Typosquatting Scams Work appeared first on McAfee Blog....
Published on: 5 months ago
Source: McAfee