Technovage Solution Co., Ltd

ReliaQuest has reported that the ransomware group Black Basta is using Microsoft Teams messages and malicious QR codes in a social engineering campaign to gain initial access. The attackers add users to chats with fake accounts, posing as support personnel with misleading display names to trick users into believing they are legitimate. These activities likely originate from Russia, as Teams logs often show Moscow time zones. Once access is gained, attackers use remote monitoring and management (RMM) tools to deploy malicious files, initiating Cobalt Strike beaconing and Impacket modules for lateral movement within networks, with the primary goal of deploying ransomware. Read more: https://lnkd.in/gYEs-bdR For more information, please contact us: Phone: +855 (92) 282 412 Email: info@technovage.io Telegram: @TechnovageSolution Follow us on telegram for more news and discussion Our Channel: https://lnkd.in/gqMPM8iA Our Group: https://lnkd.in/gKb9CT7d #technovagesolution #ransomware #cyberthreatintelligence

GitLab has released patches 17.5.1, 17.4.3, and 17.3.6 for its Community and Enterprise Editions to fix a critical HTML injection vulnerability (CVE-2024-8312) that could lead to cross-site scripting (XSS) attacks. This flaw affects versions from 15.10 to the latest patches, allowing attackers to inject malicious HTML into the search field. GitLab urges all users to upgrade immediately, as the fixes are already applied on GitLab.com. Self-managed installations must be updated manually. The release also addresses a medium-severity Denial of Service (DoS) vulnerability (CVE-2024-6826) related to XML imports. Users are encouraged to regularly update and follow security best practices. Detailed vulnerability information will be available on GitLab’s issue tracker 30 days after release. Read more: https://lnkd.in/eq2-WhvE For more information, please contact us: Phone: +855 (92) 282 412 Email: info@technovage.io Telegram: @TechnovageSolution Follow us on telegram for more news and discussion Our Channel: https://lnkd.in/gqMPM8iA Our Group: https://lnkd.in/gKb9CT7d #technovagesolution #vulnerability #cyberthreatintelligence

Cisco has identified a critical vulnerability (CVE-2024-20481) in its Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software that is actively being exploited. This flaw allows unauthenticated remote attackers to cause denial of service (DoS) by overwhelming the Remote Access VPN (RAVPN) service with excessive requests.The vulnerability affects ASA and FTD software with the RAVPN service enabled. Customers should check Cisco’s advisory for their software version's status. Organizations can detect password spray attacks by monitoring specific log messages. Cisco has released updates to address this vulnerability, and customers are urged to upgrade immediately, as no workarounds are available. Timely patching is crucial to mitigate attack risks. Read more: https://lnkd.in/ev9-mwYq For more information, please contact us: Phone: +855 (92) 282 412 Email: info@technovage.io Telegram: @TechnovageSolution Follow us on telegram for more news and discussion Our Channel: https://lnkd.in/gqMPM8iA Our Group: https://lnkd.in/gKb9CT7d #technovagesolution #vulnerability #cyberthreatintelligence

We Have Successfully Concluded SOC Shield Cambodia 2024: Strengthening Cyber Resilience! We are pleased to announce that SOC Shield Cambodia 2024, Cambodia’s premier SOC event dedicated to advancing cybersecurity in critical industries, has successfully concluded. Senior leaders from Banking, Finance, Telecommunications, and Construction gathered to explore the latest in cybersecurity. Attendees discovered cutting-edge strategies, innovative solutions, and best practices in Security Operations Centers (SOC) that empower organizations to safeguard against evolving cyber threats. Participants learned from industry experts, networked with peers, and took significant steps to enhance their company’s cyber defense. Thank you to everyone who joined us at GIA Tower - Garden In the Air (Koh Pich), Phnom Penh, on 22nd October 2024. Together, we are committed to securing our organizations’ futures and strengthening resilience against cyber threats! For more information, please contact us: Phone: +855 (92) 282 412 Email: info@technovage.io Telegram: @TechnovageSolution Follow us on telegram for more news and discussion Our Channel: https://lnkd.in/gqMPM8iA Our Group: https://lnkd.in/gKb9CT7d #SOC #SOCShield2024  #TechnovageSolution #CABS #StellarCyber #SOTI #Revbits

Trend Micro reports that attackers are exploiting Docker remote API servers to deploy the SRBMiner crypto miner. They use the gRPC protocol over h2c to evade security measures and mine XRP by creating a container with a gRPC request. Additionally, attackers are deploying perfctl malware by creating a Docker container that executes a Base64-encoded payload to download a malicious binary disguised as a PHP file. To mitigate these threats, users should secure Docker API servers with strong access controls, monitor for unusual activity, and implement container security best practices. Read more: https://lnkd.in/ghgWuUcQ For more information, please contact us: Phone: +855 (92) 282 412 Email: info@technovage.io Telegram: @TechnovageSolution Follow us on telegram for more news and discussion Our Channel: https://lnkd.in/gqMPM8iA Our Group: https://lnkd.in/gKb9CT7d #technovagesolution #cyberattack #cyberthreatintelligence

Thank you for following Technovage and completing Week 4 of our M365 security series. You have learned how to secure your devices with compliance policies. Don't leave your data vulnerable to risks. Activate compliance policies today and enforce your security standards. Until next time, stay safe and secure! For more information, please contact us: Phone: +855 (92) 282 412 Email: info@technovage.io Telegram: @TechnovageSolution Follow us on telegram for more news and discussion Our Channel: https://lnkd.in/gqMPM8iA Our Group: https://lnkd.in/gKb9CT7d #technovagesolution #microsoft365 #compliancepolicies

An Alabama man, 25-year-old Eric Council, was arrested by the FBI for allegedly hacking the SEC's X account to post a fake announcement about Bitcoin ETFs being approved. The Department of Justice reported that Council and his conspirators executed a SIM-swap attack to impersonate the SEC account administrator. On January 9, 2024, they took over the SEC's X account and tweeted the fraudulent announcement. The SEC confirmed that the hackers used SIM swapping, a technique where cybercriminals persuade a wireless provider to transfer a phone number to their device, allowing them to access one-time passcodes and compromise accounts. Read more: https://lnkd.in/gZ3N358t For more information, please contact us: Phone: +855 (92) 282 412 Email: info@technovage.io Telegram: @TechnovageSolution Follow us on telegram for more news and discussion Our Channel: https://lnkd.in/gqMPM8iA Our Group: https://lnkd.in/gKb9CT7d #technovagesolution #cyberattack #cyberthreatintelligence

Why MDM is Crucial for Your Enterprise: - Data Security: Safeguard sensitive business information across all mobile devices with encryption, remote wipe, and secure access controls. - Device Management: Easily monitor and manage all mobile devices in one centralized system. Ensure that all employees have the right applications, updates, and configurations without disruptions. - Compliance & Control: Stay compliant with industry standards by enforcing security policies and access restrictions. Reduce risk and protect your business from breaches and data loss. - Boost Productivity: Equip your mobile workforce with the tools they need to be productive, anytime, anywhere. Seamlessly deploy apps and updates to ensure smooth operations on the go. - Cost Efficiency: Save time and resources by automating mobile device management processes and reducing the need for manual IT interventions. - Protect Your Enterprise. Empower Your Employees. Don't leave your mobile devices unprotected. Invest in a powerful MDM solution today and gain peace of mind with secure, scalable, and efficient management for your mobile workforce. Mobile Device Management: Your Gateway to a Secure and Productive Mobile Future! For more information, please contact us: Phone: +855 (92) 282 412 Email: info@technovage.io Telegram: @TechnovageSolution Follow us on telegram for more news and discussion Our Channel: https://lnkd.in/gqMPM8iA Our Group: https://lnkd.in/gKb9CT7d #SOC #SOCShield2024 #Cybersecurityevents #technovagesolution

Cerberus, an Android banking trojan from 2019, has evolved into new variants like Alien and ERMAC. In 2024, a campaign called "ErrorFather" emerged, using modified Cerberus code. ErrorFather targets Android users with a multi-stage dropper disguised as legitimate apps (e.g., Chrome). The malware steals credentials, collects personal data, and enables remote control using sophisticated evasion techniques. It communicates with C&C servers via encrypted channels and uses backup domains for persistence. Despite being based on old malware, ErrorFather highlights the ongoing risk of retooled software. Read more: https://lnkd.in/ga6iKVJn For more information, please contact us: Phone: +855 (92) 282 412 Email: info@technovage.io Telegram: @TechnovageSolution Follow us on telegram for more news and discussion Our Channel: https://lnkd.in/gqMPM8iA Our Group: https://lnkd.in/gKb9CT7d #technovagesolution #trojan #cyberthreatintelligence

Join us to discuss and engage learning how to transform your typical security operations to an effective SOC 2.0. SOC Shield Cambodia 2024 brings together people, processes and technologies that gearing up the SOC. Date: 22nd October 2024   Location: GIA Tower - Garden In the Air (Koh Pich), Phnom Penh Register here: https://lnkd.in/gMk24eWu #SOC #SOCShield2024 #Cybersecurityevents #technovagesolution