BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
ICS Patch Tuesday: Security Advisories Released by Siemens, Schneider, CISA, Others
/in General NewsDecember 2024 ICS Patch Tuesday brings advisories from CISA, as well as several major industrial automation companies.
The post ICS Patch Tuesday: Security Advisories Released by Siemens, Schneider, CISA, Others appeared first on SecurityWeek.
SecurityWeek – Read More
US Charges, Sanctions Chinese Man Accused of Sophos Firewall Hacking
/in General NewsThe US government announced charges, sanctions and a reward for Guan Tianfeng, a Chinese national accused of involvement in Sophos firewall hacks.
The post US Charges, Sanctions Chinese Man Accused of Sophos Firewall Hacking appeared first on SecurityWeek.
SecurityWeek – Read More
New DCOM Attack Exploits Windows Installer for Backdoor Access
/in General NewsSUMMARY Cybersecurity researchers at Deep Instinct have uncovered a novel and powerful Distributed Component Object Model (DCOM) based…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Romania’s Electrica Group Responds to Cybersecurity Incident
/in General NewsRomania’s largest electricity provider Electrica Group is currently responding to a cybersecurity incident, according to a company statement released Monday. Teams of specialists are working with national cybersecurity authorities to manage the situation, while the company assures that critical systems remain unaffected. Electrica group provides essential services to over 4 million users and…
Source
TechSplicer – Read More
Meta’s Role in Romania’s 2024 Election: A Critical Analysis of Platform Oversight
/in General NewsA thorough investigation published on December 9, 2024, by Check First in collaboration with Reset Tech and EU DisinfoLab, and lastly with significant contributions from independent journalists Luiza Vasiliu and Victor Ilie, has revealed real concerns about digital platform influence during Romania’s presidential election. Their research note, “Ads, Influence, and Democracy: Meta’s Role in…
Source
TechSplicer – Read More
Microsoft Fixes 72 Flaws, Including Patch for Actively Exploited CLFS Vulnerability
/in General NewsMicrosoft closed out its Patch Tuesday updates for 2024 with fixes for a total of 72 security flaws spanning its software portfolio, including one that it said has been exploited in the wild.
Of the 72 flaws, 17 are rated Critical, 54 are rated Important, and one is rated Moderate in severity. Thirty-one of the vulnerabilities are remote code execution flaws, and 27 of them allow for the
The Hacker News – Read More
U.S. Charges Chinese Hacker for Exploiting Zero-Day in 81,000 Sophos Firewalls
/in General NewsThe U.S. government on Tuesday unsealed charges against a Chinese national for allegedly breaking into thousands of Sophos firewall devices globally in 2020.
Guan Tianfeng (aka gbigmao and gxiaomao), who is said to have worked at Sichuan Silence Information Technology Company, Limited, has been charged with conspiracy to commit computer fraud and conspiracy to commit wire fraud. Guan has been
The Hacker News – Read More
Governments, Telcos Ward Off China’s Hacking Typhoons
/in General NewsInfiltrating other nations’ telecom networks is a cornerstone of China’s geopolitical strategy, and it’s having the unintended consequence of driving the uptake of encrypted communications.
darkreading – Read More
Ivanti Issues Critical Security Updates for CSA and Connect Secure Vulnerabilities
/in General NewsIvanti has released security updates to address multiple critical flaws in its Cloud Services Application (CSA) and Connect Secure products that could lead to privilege escalation and code execution.
The list of vulnerabilities is as follows –
CVE-2024-11639 (CVSS score: 10.0) – An authentication bypass vulnerability in the admin web console of Ivanti CSA before 5.0.3 that allows a remote
The Hacker News – Read More
The ‘Ghost Gun’ Linked to Luigi Mangione Shows Just How Far 3D-Printed Weapons Have Come
/in General NewsThe design of the gun police say they found on the alleged United Healthcare CEO’s killer—the FMDA or “Free Men Don’t Ask”—was released by a libertarian group.
Security Latest – Read More