https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-10-03 10:06:532024-10-03 10:06:53New Vulnerabilities Expose Hundreds of Thousands of DrayTek Routers to Hacking
Meta has been fined $101 million by Ireland’s Data Protection Commission for storing hundreds of millions of user passwords in plaintext. We don’t really need to point the obvious, that storing passwords in plaintext is major violation of security best practices. Disclosed by Meta in 2019, it was then revealed that passwords for various Meta-owned platforms were logged in plaintext and stored…
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-10-03 09:06:572024-10-03 09:06:57Meta faces consequences for storing millions of passwords in plaintext
A new wave of international law enforcement actions has led to four arrests and the takedown of nine servers linked to the LockBit (aka Bitwise Spider) ransomware operation, marking the latest salvo against what was once a prolific financially motivated group.
This includes the arrest of a suspected LockBit developer in France while on holiday outside of Russia, two individuals in the U.K. who
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-10-03 09:06:572024-10-03 09:06:57LockBit Ransomware and Evil Corp Leaders Arrested and Sanctioned in Joint Global Effort
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a security flaw impacting Endpoint Manager (EPM) that the company patched in May to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The vulnerability, tracked as CVE-2024-29824, carries a CVSS score of 9.6 out of a maximum of 10.0, indicating critical severity.
“An
CeranaKeeper is bombarding Southeast Asia with data exfiltration attacks via file-sharing services such as Pastebin, OneDrive, and GitHub, researchers say.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-10-03 01:06:402024-10-03 01:06:40China-Backed APT Group Culling Thai Government Data
Organizations can use this guide to make decisions for designing, implementing, and managing OT environments to ensure they are both safe and secure, as well as enable business continuity for critical services.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-10-03 00:06:482024-10-03 00:06:48NSA Releases 6 Principles of OT Cybersecurity
Generative AI is being used to make cyberscams more believable. Here’s how organizations can counter that using newly emerging tools and reliable methods.
Despite a $10 million bounty on one member, APT45 is not slowing down, pivoting from intelligence gathering to extorting funds for Kim Jong-Un’s regime.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-10-02 22:06:412024-10-02 22:06:41Experts warn of DDoS attacks using linux printing vulnerability
BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
New Vulnerabilities Expose Hundreds of Thousands of DrayTek Routers to Hacking
/in General NewsForescout has identified more than a dozen new vulnerabilities in DrayTek routers, exposing hundreds of thousands of devices to attacks.
The post New Vulnerabilities Expose Hundreds of Thousands of DrayTek Routers to Hacking appeared first on SecurityWeek.
SecurityWeek – Read More
Meta faces consequences for storing millions of passwords in plaintext
/in General NewsMeta has been fined $101 million by Ireland’s Data Protection Commission for storing hundreds of millions of user passwords in plaintext. We don’t really need to point the obvious, that storing passwords in plaintext is major violation of security best practices. Disclosed by Meta in 2019, it was then revealed that passwords for various Meta-owned platforms were logged in plaintext and stored…
Source
TechSplicer – Read More
LockBit Ransomware and Evil Corp Leaders Arrested and Sanctioned in Joint Global Effort
/in General NewsA new wave of international law enforcement actions has led to four arrests and the takedown of nine servers linked to the LockBit (aka Bitwise Spider) ransomware operation, marking the latest salvo against what was once a prolific financially motivated group.
This includes the arrest of a suspected LockBit developer in France while on holiday outside of Russia, two individuals in the U.K. who
The Hacker News – Read More
Ivanti Endpoint Manager Flaw Actively Targeted, CISA Warns Agencies to Patch
/in General NewsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a security flaw impacting Endpoint Manager (EPM) that the company patched in May to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The vulnerability, tracked as CVE-2024-29824, carries a CVSS score of 9.6 out of a maximum of 10.0, indicating critical severity.
“An
The Hacker News – Read More
China-Backed APT Group Culling Thai Government Data
/in General NewsCeranaKeeper is bombarding Southeast Asia with data exfiltration attacks via file-sharing services such as Pastebin, OneDrive, and GitHub, researchers say.
darkreading – Read More
NSA Releases 6 Principles of OT Cybersecurity
/in General NewsOrganizations can use this guide to make decisions for designing, implementing, and managing OT environments to ensure they are both safe and secure, as well as enable business continuity for critical services.
darkreading – Read More
4 Ways to Fight AI-Based Fraud
/in General NewsGenerative AI is being used to make cyberscams more believable. Here’s how organizations can counter that using newly emerging tools and reliable methods.
darkreading – Read More
North Korea’s ‘Stonefly’ APT Swarms US Private Co’s. for Profit
/in General NewsDespite a $10 million bounty on one member, APT45 is not slowing down, pivoting from intelligence gathering to extorting funds for Kim Jong-Un’s regime.
darkreading – Read More
Unix Printing Vulnerabilities Enable Easy DDoS Attacks
/in General NewsAll an attacker needs to exploit flaws in the Common Unix Printing System is a few seconds and less than 1 cent in computing costs.
darkreading – Read More
Experts warn of DDoS attacks using linux printing vulnerability
/in General NewsA set of bugs that has caused alarm among cybersecurity experts may enable threat actors to launch powerful attacks designed to knock systems offline.
The Record from Recorded Future News – Read More