https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-27 21:06:522024-08-27 21:06:52PoC Exploit for Zero-Click Vulnerability Made Available to the Masses
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-27 20:06:522024-08-27 20:06:52Microsoft’s Sway Serves as Launchpad for ‘Quishing’ Campaign
According to AppOmni, one-third of organizations experienced SaaS data breaches last year due to a lack of visibility and control, as revealed by a survey of 644 enterprises globally.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-27 19:06:532024-08-27 19:06:53Report: A Third of Organizations Suffer SaaS Data Breaches Last Year
Lateral movement is a key indicator of ransomware attacks, with 44% of attacks being spotted during this phase, as reported by Barracuda Networks. Additionally, file modifications and off-pattern behavior were also significant triggers for detection.
This campaign is notable for its malicious apps for Windows, Linux, and macOS users. The attackers have created different versions of Cheana Stealer for each OS to widen their attack surface.
Users of Chinese instant messaging apps like DingTalk and WeChat are the target of an Apple macOS version of a backdoor named HZ RAT.
The artifacts “almost exactly replicate the functionality of the Windows version of the backdoor and differ only in the payload, which is received in the form of shell scripts from the attackers’ server,” Kaspersky researcher Sergey Puzan said.
HZ RAT was first
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-27 17:08:042024-08-27 17:08:04macOS Version of HZ RAT Backdoor Targets Chinese Messaging App Users
If privacy and security are central to you or your business, this new feature from the open-source office suite LibreOffice is worth checking out. Here’s how it works.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-27 17:08:032024-08-27 17:08:03LibreOffice now removes personal data from documents. Why that matters
The vulnerability, tracked as CVE-2024-7965 and reported by a security researcher known as TheDog, involved a bug in the compiler backend that could allow remote attackers to exploit heap corruption through a crafted HTML page.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-27 17:08:032024-08-27 17:08:03Google Tags a Tenth Chrome Zero-Day as Exploited This Year
Top universities in Australia will compete in the Australian Cybersecurity Games at UNSW from September 2-30, 2024. This event, organized by SECedu, features cybersecurity experts collaborating with leading universities like UNSW.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-27 17:08:032024-08-27 17:08:03Top Universities to Battle in Cybersecurity at UNSW’s Upcoming Australian Cybersecurity Games
BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
PoC Exploit for Zero-Click Vulnerability Made Available to the Masses
/in General NewsThe exploit can be accessed on GitHub and makes it easier for the flaw to be exploited by threat actors.
darkreading – Read More
Microsoft’s Sway Serves as Launchpad for ‘Quishing’ Campaign
/in General NewsThe attack is a mashup of QR codes and phishing that gets users to click on links to malicious Web pages.
darkreading – Read More
Report: A Third of Organizations Suffer SaaS Data Breaches Last Year
/in General NewsAccording to AppOmni, one-third of organizations experienced SaaS data breaches last year due to a lack of visibility and control, as revealed by a survey of 644 enterprises globally.
Cyware News – Latest Cyber News – Read More
Lateral Movement: Clearest Sign of Unfolding Ransomware Attack
/in General NewsLateral movement is a key indicator of ransomware attacks, with 44% of attacks being spotted during this phase, as reported by Barracuda Networks. Additionally, file modifications and off-pattern behavior were also significant triggers for detection.
Cyware News – Latest Cyber News – Read More
New Cheana Stealer Threat Targets VPN Users Across Multiple Operating Systems
/in General NewsThis campaign is notable for its malicious apps for Windows, Linux, and macOS users. The attackers have created different versions of Cheana Stealer for each OS to widen their attack surface.
Cyware News – Latest Cyber News – Read More
macOS Version of HZ RAT Backdoor Targets Chinese Messaging App Users
/in General NewsUsers of Chinese instant messaging apps like DingTalk and WeChat are the target of an Apple macOS version of a backdoor named HZ RAT.
The artifacts “almost exactly replicate the functionality of the Windows version of the backdoor and differ only in the payload, which is received in the form of shell scripts from the attackers’ server,” Kaspersky researcher Sergey Puzan said.
HZ RAT was first
The Hacker News – Read More
LibreOffice now removes personal data from documents. Why that matters
/in General NewsIf privacy and security are central to you or your business, this new feature from the open-source office suite LibreOffice is worth checking out. Here’s how it works.
Latest stories for ZDNET in Security – Read More
Google Tags a Tenth Chrome Zero-Day as Exploited This Year
/in General NewsThe vulnerability, tracked as CVE-2024-7965 and reported by a security researcher known as TheDog, involved a bug in the compiler backend that could allow remote attackers to exploit heap corruption through a crafted HTML page.
Cyware News – Latest Cyber News – Read More
Top Universities to Battle in Cybersecurity at UNSW’s Upcoming Australian Cybersecurity Games
/in General NewsTop universities in Australia will compete in the Australian Cybersecurity Games at UNSW from September 2-30, 2024. This event, organized by SECedu, features cybersecurity experts collaborating with leading universities like UNSW.
Cyware News – Latest Cyber News – Read More
New Unicode QR Code Phishing Scam Bypasses Traditional Security
/in General NewsCybercriminals are exploiting Unicode QR codes in a new wave of phishing attacks. This sophisticated technique bypasses traditional…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More