https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-05 09:06:492024-08-05 09:06:49Justice Department Sues TikTok, Accusing the Company of Illegally Collecting Children’s Data
Germany has summoned the Chinese ambassador over a cyberattack by a Beijing-backed threat actor on a cartography agency. The attack, aimed at espionage, was carried out at the end of 2021.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-05 09:06:482024-08-05 09:06:48Germany Summons Chinese Ambassador Over Cyberattack on Cartography Agency
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-05 08:06:482024-08-05 08:06:48HP Wolf: Not just software attacks; hackers are coming for enterprise hardware, too
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-05 08:06:482024-08-05 08:06:48Ransomware Attack Cost Keytronic Over $17 Million
A high-severity security bypass vulnerability has been disclosed in Rockwell Automation ControlLogix 1756 devices that could be exploited to execute common industrial protocol (CIP) programming and configuration commands.
The flaw, which is assigned the CVE identifier CVE-2024-6242, carries a CVSS v3.1 score of 8.4.
“A vulnerability exists in the affected products that allows a threat actor to
The China-linked threat actor known as Evasive Panda compromised an unnamed internet service provider (ISP) to push malicious software updates to target companies in mid-2023, highlighting a new level of sophistication associated with the group.
Evasive Panda, also known by the names Bronze Highland, Daggerfly, and StormBamboo, is a cyber espionage group that’s been active since at least 2012,
Cybersecurity researchers have discovered a new Android banking trojan called BlankBot targeting Turkish users with an aim to steal financial information.
“BlankBot features a range of malicious capabilities, which include customer injections, keylogging, screen recording and it communicates with a control server over a WebSocket connection,” Intel 471 said in an analysis published last week.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-03 16:06:552024-08-03 16:06:55CISA Names Lisa Einstein as First Chief AI Officer
The U.S. Department of Justice (DoJ), along with the Federal Trade Commission (FTC), filed a lawsuit against popular video-sharing platform TikTok for “flagrantly violating” children’s privacy laws in the country.
The agencies claimed the company knowingly permitted children to create TikTok accounts and to view and share short-form videos and messages with adults and others on the service.
They
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-03 11:06:442024-08-03 11:06:44DOJ and FTC Sue TikTok for Violating Children’s Privacy Laws
Plus: Meta pays $1.4 million in a historic privacy settlement, Microsoft blames a cyberattack for a major Azure outage, and an artist creates a face recognition system to reveal your NYPD “coppelganger.”
BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Justice Department Sues TikTok, Accusing the Company of Illegally Collecting Children’s Data
/in General NewsThe US Justice Department has sued TikTok, accusing the company of illegally collecting children’s data and violating an online privacy law.
The post Justice Department Sues TikTok, Accusing the Company of Illegally Collecting Children’s Data appeared first on SecurityWeek.
SecurityWeek – Read More
Germany Summons Chinese Ambassador Over Cyberattack on Cartography Agency
/in General NewsGermany has summoned the Chinese ambassador over a cyberattack by a Beijing-backed threat actor on a cartography agency. The attack, aimed at espionage, was carried out at the end of 2021.
Cyware News – Latest Cyber News – Read More
HP Wolf: Not just software attacks; hackers are coming for enterprise hardware, too
/in General NewsStudy finds threat actors are increasingly targeting physical supply chains and tampering with device hardware and firmware integrity.Read More
Security News | VentureBeat – Read More
Ransomware Attack Cost Keytronic Over $17 Million
/in General NewsKeytronic says the recent ransomware attack resulted in expenses and lost revenue totaling more than $17 million.
The post Ransomware Attack Cost Keytronic Over $17 Million appeared first on SecurityWeek.
SecurityWeek – Read More
Critical Flaw in Rockwell Automation Devices Allows Unauthorized Access
/in General NewsA high-severity security bypass vulnerability has been disclosed in Rockwell Automation ControlLogix 1756 devices that could be exploited to execute common industrial protocol (CIP) programming and configuration commands.
The flaw, which is assigned the CVE identifier CVE-2024-6242, carries a CVSS v3.1 score of 8.4.
“A vulnerability exists in the affected products that allows a threat actor to
The Hacker News – Read More
China-Linked Hackers Compromise ISP to Deploy Malicious Software Updates
/in General NewsThe China-linked threat actor known as Evasive Panda compromised an unnamed internet service provider (ISP) to push malicious software updates to target companies in mid-2023, highlighting a new level of sophistication associated with the group.
Evasive Panda, also known by the names Bronze Highland, Daggerfly, and StormBamboo, is a cyber espionage group that’s been active since at least 2012,
The Hacker News – Read More
New Android Trojan “BlankBot” Targets Turkish Users’ Financial Data
/in General NewsCybersecurity researchers have discovered a new Android banking trojan called BlankBot targeting Turkish users with an aim to steal financial information.
“BlankBot features a range of malicious capabilities, which include customer injections, keylogging, screen recording and it communicates with a control server over a WebSocket connection,” Intel 471 said in an analysis published last week.
The Hacker News – Read More
CISA Names Lisa Einstein as First Chief AI Officer
/in General NewsEinstein has led CISA’s AI efforts since 2023 as CISA’s Senior Advisor for AI.
The post CISA Names Lisa Einstein as First Chief AI Officer appeared first on SecurityWeek.
SecurityWeek – Read More
DOJ and FTC Sue TikTok for Violating Children’s Privacy Laws
/in General NewsThe U.S. Department of Justice (DoJ), along with the Federal Trade Commission (FTC), filed a lawsuit against popular video-sharing platform TikTok for “flagrantly violating” children’s privacy laws in the country.
The agencies claimed the company knowingly permitted children to create TikTok accounts and to view and share short-form videos and messages with adults and others on the service.
They
The Hacker News – Read More
US Hands Over Russian Cybercriminals in WSJ Reporter Prisoner Swap
/in General NewsPlus: Meta pays $1.4 million in a historic privacy settlement, Microsoft blames a cyberattack for a major Azure outage, and an artist creates a face recognition system to reveal your NYPD “coppelganger.”
Security Latest – Read More