Cybersecurity researchers are calling attention to a new QR code phishing (aka quishing) campaign that leverages Microsoft Sway infrastructure to host fake pages, once again highlighting the abuse of legitimate cloud offerings for malicious purposes.
“By using legitimate cloud applications, attackers provide credibility to victims, helping them to trust the content it serves,” Netskope Threat
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-28 07:07:272024-08-28 07:07:27New QR Code Phishing Campaign Exploits Microsoft Sway to Steal Credentials
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw affecting the Apache OFBiz open-source enterprise resource planning (ERP) system to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild.
The vulnerability, known as CVE-2024-38856, carries a CVSS score of 9.8, indicating critical severity.
A critical security flaw has been disclosed in the WPML WordPress multilingual plugin that could allow authenticated users to execute arbitrary code remotely under certain circumstances.
The vulnerability, tracked as CVE-2024-6386 (CVSS score: 9.9), impacts all versions of the plugin before 4.6.13, which was released on August 20, 2024.
Arising due to missing input validation and sanitization,
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-27 22:06:562024-08-27 22:06:5677% of Educational Institutions Spotted a Cyberattack Within the Last 12 Months
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-27 21:06:522024-08-27 21:06:52PoC Exploit for Zero-Click Vulnerability Made Available to the Masses
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-27 20:06:522024-08-27 20:06:52Microsoft’s Sway Serves as Launchpad for ‘Quishing’ Campaign
According to AppOmni, one-third of organizations experienced SaaS data breaches last year due to a lack of visibility and control, as revealed by a survey of 644 enterprises globally.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-27 19:06:532024-08-27 19:06:53Report: A Third of Organizations Suffer SaaS Data Breaches Last Year
Lateral movement is a key indicator of ransomware attacks, with 44% of attacks being spotted during this phase, as reported by Barracuda Networks. Additionally, file modifications and off-pattern behavior were also significant triggers for detection.
This campaign is notable for its malicious apps for Windows, Linux, and macOS users. The attackers have created different versions of Cheana Stealer for each OS to widen their attack surface.
Users of Chinese instant messaging apps like DingTalk and WeChat are the target of an Apple macOS version of a backdoor named HZ RAT.
The artifacts “almost exactly replicate the functionality of the Windows version of the backdoor and differ only in the payload, which is received in the form of shell scripts from the attackers’ server,” Kaspersky researcher Sergey Puzan said.
HZ RAT was first
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-27 17:08:042024-08-27 17:08:04macOS Version of HZ RAT Backdoor Targets Chinese Messaging App Users
BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
New QR Code Phishing Campaign Exploits Microsoft Sway to Steal Credentials
/in General NewsCybersecurity researchers are calling attention to a new QR code phishing (aka quishing) campaign that leverages Microsoft Sway infrastructure to host fake pages, once again highlighting the abuse of legitimate cloud offerings for malicious purposes.
“By using legitimate cloud applications, attackers provide credibility to victims, helping them to trust the content it serves,” Netskope Threat
The Hacker News – Read More
CISA Flags Critical Apache OFBiz Flaw Amid Active Exploitation Reports
/in General NewsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw affecting the Apache OFBiz open-source enterprise resource planning (ERP) system to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild.
The vulnerability, known as CVE-2024-38856, carries a CVSS score of 9.8, indicating critical severity.
The Hacker News – Read More
Critical WPML Plugin Flaw Exposes WordPress Sites to Remote Code Execution
/in General NewsA critical security flaw has been disclosed in the WPML WordPress multilingual plugin that could allow authenticated users to execute arbitrary code remotely under certain circumstances.
The vulnerability, tracked as CVE-2024-6386 (CVSS score: 9.9), impacts all versions of the plugin before 4.6.13, which was released on August 20, 2024.
Arising due to missing input validation and sanitization,
The Hacker News – Read More
77% of Educational Institutions Spotted a Cyberattack Within the Last 12 Months
/in General NewsPost Content
darkreading – Read More
PoC Exploit for Zero-Click Vulnerability Made Available to the Masses
/in General NewsThe exploit can be accessed on GitHub and makes it easier for the flaw to be exploited by threat actors.
darkreading – Read More
Microsoft’s Sway Serves as Launchpad for ‘Quishing’ Campaign
/in General NewsThe attack is a mashup of QR codes and phishing that gets users to click on links to malicious Web pages.
darkreading – Read More
Report: A Third of Organizations Suffer SaaS Data Breaches Last Year
/in General NewsAccording to AppOmni, one-third of organizations experienced SaaS data breaches last year due to a lack of visibility and control, as revealed by a survey of 644 enterprises globally.
Cyware News – Latest Cyber News – Read More
Lateral Movement: Clearest Sign of Unfolding Ransomware Attack
/in General NewsLateral movement is a key indicator of ransomware attacks, with 44% of attacks being spotted during this phase, as reported by Barracuda Networks. Additionally, file modifications and off-pattern behavior were also significant triggers for detection.
Cyware News – Latest Cyber News – Read More
New Cheana Stealer Threat Targets VPN Users Across Multiple Operating Systems
/in General NewsThis campaign is notable for its malicious apps for Windows, Linux, and macOS users. The attackers have created different versions of Cheana Stealer for each OS to widen their attack surface.
Cyware News – Latest Cyber News – Read More
macOS Version of HZ RAT Backdoor Targets Chinese Messaging App Users
/in General NewsUsers of Chinese instant messaging apps like DingTalk and WeChat are the target of an Apple macOS version of a backdoor named HZ RAT.
The artifacts “almost exactly replicate the functionality of the Windows version of the backdoor and differ only in the payload, which is received in the form of shell scripts from the attackers’ server,” Kaspersky researcher Sergey Puzan said.
HZ RAT was first
The Hacker News – Read More