Google has warned that a security flaw impacting its Android operating system has come under active exploitation in the wild.
The vulnerability, tracked as CVE-2024-43093, has been described as a privilege escalation flaw in the Android Framework component that could result in unauthorized access to “Android/data,” “Android/obb,” and “Android/sandbox” directories and its sub-directories,
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-11-05 04:06:432024-11-05 04:06:43Google Warns of Actively Exploited CVE-2024-43093 Vulnerability in Android System
The Pakistan-based advanced persistent threat actor has been carrying on a cyber-espionage campaign targeting organizations on the subcontinent for more than a decade, and it’s now using a new and improved “ElizaRAT” malware.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-11-04 23:06:432024-11-04 23:06:43APT36 Refines Tools in Attacks on Indian Targets
UC San Diego and Tsinghua University researchers develop breakthrough AI method that teaches small language models when to use tools versus internal knowledge, achieving 28% better accuracy while using fewer resources than larger models like GPT-4.Read More
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-11-04 20:06:522024-11-04 20:06:52UC San Diego, Tsinghua University researchers just made AI way better at knowing when to ask for help
As businesses worry over deepfake scams and other AI attacks, organizations are adding guidance for cybersecurity teams on how to detect, and respond to, next-generation threats. That includes Exabeam, which was recently targeted by a deepfaked job candidate.
The Cybersecurity and Infrastructure Security Agency and the Federal Bureau of Investigation assert that C, C++, and other memory-unsafe languages contribute to potential security breaches.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-11-04 20:06:512024-11-04 20:06:51Software Makers Encouraged to Stop Using C/C++ by 2026
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-11-04 18:06:592024-11-04 18:06:59Ohio’s capital says July ransomware attack leaked info of 500,000
Discover how AI amplifies cloud security risks and how to mitigate them, with insights from Tenable’s Liat Hayun on managing data sensitivity, misconfigurations, and over-privileged access.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-11-04 18:06:582024-11-04 18:06:58How AI Is Changing the Cloud Security and Risk Equation
BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Google Warns of Actively Exploited CVE-2024-43093 Vulnerability in Android System
/in General NewsGoogle has warned that a security flaw impacting its Android operating system has come under active exploitation in the wild.
The vulnerability, tracked as CVE-2024-43093, has been described as a privilege escalation flaw in the Android Framework component that could result in unauthorized access to “Android/data,” “Android/obb,” and “Android/sandbox” directories and its sub-directories,
The Hacker News – Read More
Schneider Electric says hackers accessed internal project execution tracking platform
/in General NewsFrench multinational Schneider Electric confirmed on Monday that it is investigating a cyberattack following confirmation of a breach.
The Record from Recorded Future News – Read More
APT36 Refines Tools in Attacks on Indian Targets
/in General NewsThe Pakistan-based advanced persistent threat actor has been carrying on a cyber-espionage campaign targeting organizations on the subcontinent for more than a decade, and it’s now using a new and improved “ElizaRAT” malware.
darkreading – Read More
Okta Fixes Auth Bypass Bug After 3-Month Lull
/in General NewsThe bug affected accounts with 52-character user names, and had several pre-conditions that needed to be met in order to be exploited.
darkreading – Read More
Cisco notifies ‘limited set’ of customers after hacker accessed non-public files
/in General NewsThe company has said it didn’t suffer a breach, but announced a threat actor downloaded data on a public-facing DevHub environment.
The Record from Recorded Future News – Read More
UC San Diego, Tsinghua University researchers just made AI way better at knowing when to ask for help
/in General NewsUC San Diego and Tsinghua University researchers develop breakthrough AI method that teaches small language models when to use tools versus internal knowledge, achieving 28% better accuracy while using fewer resources than larger models like GPT-4.Read More
Security News | VentureBeat – Read More
OWASP Beefs Up GenAI Security Guidance Amid Growing Deepfakes
/in General NewsAs businesses worry over deepfake scams and other AI attacks, organizations are adding guidance for cybersecurity teams on how to detect, and respond to, next-generation threats. That includes Exabeam, which was recently targeted by a deepfaked job candidate.
darkreading – Read More
Software Makers Encouraged to Stop Using C/C++ by 2026
/in General NewsThe Cybersecurity and Infrastructure Security Agency and the Federal Bureau of Investigation assert that C, C++, and other memory-unsafe languages contribute to potential security breaches.
Security | TechRepublic – Read More
Ohio’s capital says July ransomware attack leaked info of 500,000
/in General NewsThe city government of Columbus, Ohio, said a ransomware attack that stirred up a high-profile lawsuit had exposed the data of about 500,000 people.
The Record from Recorded Future News – Read More
How AI Is Changing the Cloud Security and Risk Equation
/in General NewsDiscover how AI amplifies cloud security risks and how to mitigate them, with insights from Tenable’s Liat Hayun on managing data sensitivity, misconfigurations, and over-privileged access.
Security | TechRepublic – Read More