The threat actors behind the BlackByte ransomware group have been observed likely exploiting a recently patched security flaw impacting VMware ESXi hypervisors, while also leveraging various vulnerable drivers to disarm security protections.
“The BlackByte ransomware group continues to leverage tactics, techniques, and procedures (TTPs) that have formed the foundation of its tradecraft since its
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-28 11:06:572024-08-28 11:06:57Hundreds of LLM Servers Expose Corporate, Health & Other Online Data
CVE-2023-22527 is a critical vulnerability exploited for cryptojacking activities. Attack tactics include shell scripts, XMRig miners, targeting SSH endpoints, and establishing persistence through cron jobs.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-28 11:06:562024-08-28 11:06:56Cryptojacking via CVE-2023-22527: Dissecting a Full-Scale Cryptomining Ecosystem
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-28 11:06:562024-08-28 11:06:56How Lessons Learned From the 2016 Campaign Led US Officials to Be More Open About Iran Hack
ESET uncovered a new cyber-espionage campaign tied to a South Korean APT group that used a remote code execution (RCE) vulnerability in WPS Office for Windows to deploy a custom backdoor called “SpyGlace.”
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-28 11:06:552024-08-28 11:06:55South Korean APT Group Exploits WPS Office Zero-Day for Espionage
This flaw allows attackers to execute remote code without authentication, posing a serious risk. Versions up to 18.12.14 are affected, and organizations are advised to upgrade to version 18.12.15 to mitigate the issue.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-28 10:06:392024-08-28 10:06:39950,000 Impacted by Young Consulting Data Breach
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-28 07:07:272024-08-28 07:07:27Zimbabwe Trains Government Officials in Cybersecurity Skills
BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
BlackByte Ransomware Exploits VMware ESXi Flaw in Latest Attack Wave
/in General NewsThe threat actors behind the BlackByte ransomware group have been observed likely exploiting a recently patched security flaw impacting VMware ESXi hypervisors, while also leveraging various vulnerable drivers to disarm security protections.
“The BlackByte ransomware group continues to leverage tactics, techniques, and procedures (TTPs) that have formed the foundation of its tradecraft since its
The Hacker News – Read More
Hundreds of LLM Servers Expose Corporate, Health & Other Online Data
/in General NewsLLM automation tools and vector databases can be rife with sensitive data — and vulnerable to pilfering.
darkreading – Read More
US Offering $2.5 Million Reward for Belarusian Malware Distributor
/in General NewsThe US government is offering a $2.5 million reward for information leading to the arrest of malware distributor Volodymyr Kadariya.
The post US Offering $2.5 Million Reward for Belarusian Malware Distributor appeared first on SecurityWeek.
SecurityWeek – Read More
Cryptojacking via CVE-2023-22527: Dissecting a Full-Scale Cryptomining Ecosystem
/in General NewsCVE-2023-22527 is a critical vulnerability exploited for cryptojacking activities. Attack tactics include shell scripts, XMRig miners, targeting SSH endpoints, and establishing persistence through cron jobs.
Cyware News – Latest Cyber News – Read More
How Lessons Learned From the 2016 Campaign Led US Officials to Be More Open About Iran Hack
/in General NewsThe lessons learned from the 2016 election hacking made US officials more open about the recent Iranian hack targeting presidential campaigns.
The post How Lessons Learned From the 2016 Campaign Led US Officials to Be More Open About Iran Hack appeared first on SecurityWeek.
SecurityWeek – Read More
South Korean APT Group Exploits WPS Office Zero-Day for Espionage
/in General NewsESET uncovered a new cyber-espionage campaign tied to a South Korean APT group that used a remote code execution (RCE) vulnerability in WPS Office for Windows to deploy a custom backdoor called “SpyGlace.”
Cyware News – Latest Cyber News – Read More
Critical Apache OFBiz Vulnerability CVE-2024-38856 Identified and Actively Exploited
/in General NewsThis flaw allows attackers to execute remote code without authentication, posing a serious risk. Versions up to 18.12.14 are affected, and organizations are advised to upgrade to version 18.12.15 to mitigate the issue.
Cyware News – Latest Cyber News – Read More
950,000 Impacted by Young Consulting Data Breach
/in General NewsThe personal information of over 950,000 people was compromised in a BlackSuit ransomware attack on Young Consulting.
The post 950,000 Impacted by Young Consulting Data Breach appeared first on SecurityWeek.
SecurityWeek – Read More
Second Apache OFBiz Vulnerability Exploited in Attacks
/in General NewsCISA is warning organizations that a second Apache OFBiz flaw is being exploited in the wild shortly after the release of PoC exploits.
The post Second Apache OFBiz Vulnerability Exploited in Attacks appeared first on SecurityWeek.
SecurityWeek – Read More
Zimbabwe Trains Government Officials in Cybersecurity Skills
/in General NewsAfrican nation’s proactive approach to cybersecurity comes amid a rise in painful cyberattacks including the breach of a major bank.
darkreading – Read More