Cybersecurity researchers have disclosed details of a new distributed denial-of-service (DDoS) attack campaign targeting misconfigured Jupyter Notebooks.
The activity, codenamed Panamorfi by cloud security firm Aqua, utilizes a Java-based tool called mineping to launch a TCP flood DDoS attack. Mineping is a DDoS package designed for Minecraft game servers.
Attack chains entail the exploitation
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-02 23:06:552024-08-02 23:06:55Millions of US Voter Data Exposed in 13 Misconfigured Databases
Now that the Authy Desktop app has reached EOL and is no longer accessible, users are hoping their 2FA tokens synced correctly with their mobile devices.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-02 20:07:112024-08-02 20:07:11Twilio Users Kicked Out of Desktop App, Forced to Switch to Mobile
The state-sponsored Chinese threat actor gained access to three systems and stole at least some research data around computing and related technologies.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-02 20:07:102024-08-02 20:07:10China’s APT41 Targets Taiwan Research Institute for Cyber Espionage
Australian regulators allege that cyber security failures at Optus and Medibank contributed to data breaches in 2022, leading to theft of sensitive customer data.
A Taiwanese government-affiliated research institute that specializes in computing and associated technologies was breached by nation-state threat actors with ties to China, according to new findings from Cisco Talos.
The unnamed organization was targeted as early as mid-July 2023 to deliver a variety of backdoors and post-compromise tools like ShadowPad and Cobalt Strike. It has been attributed
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-02 17:07:052024-08-02 17:07:05APT41 Hackers Use ShadowPad, Cobalt Strike in Taiwanese Institute Cyber Attack
In a monoculture, cybercriminals need to look for a weakness in only one product, or discover an exploitable vulnerability, to affect a significant portion of services.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-02 17:07:052024-08-02 17:07:05Is the US Federal Government Increasing Cyber-Risk Through Monoculture?
A Russia-linked threat actor has been linked to a new campaign that employed a car for sale as a phishing lure to deliver a modular Windows backdoor called HeadLace.
“The campaign likely targeted diplomats and began as early as March 2024,” Palo Alto Networks Unit 42 said in a report published today, attributing it with medium to high level of confidence to APT28, which is also referred to as
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-02 17:07:052024-08-02 17:07:05APT28 Targets Diplomats with HeadLace Malware via Car Sale Phishing Lure
BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
UK Shuts Down ‘Russian Coms’ Fraud Platform Defrauding Millions
/in General NewsThe UK’s National Crime Agency has dismantled Russian Coms, a major fraud platform responsible for global financial losses.…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Hackers Exploit Misconfigured Jupyter Notebooks with Repurposed Minecraft DDoS Tool
/in General NewsCybersecurity researchers have disclosed details of a new distributed denial-of-service (DDoS) attack campaign targeting misconfigured Jupyter Notebooks.
The activity, codenamed Panamorfi by cloud security firm Aqua, utilizes a Java-based tool called mineping to launch a TCP flood DDoS attack. Mineping is a DDoS package designed for Minecraft game servers.
Attack chains entail the exploitation
The Hacker News – Read More
Millions of US Voter Data Exposed in 13 Misconfigured Databases
/in General NewsCybersecurity researcher finds 4.6M Illinois voter records exposed in unsecured databases. Sensitive data including names, addresses, and SSNs…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Twilio Users Kicked Out of Desktop App, Forced to Switch to Mobile
/in General NewsNow that the Authy Desktop app has reached EOL and is no longer accessible, users are hoping their 2FA tokens synced correctly with their mobile devices.
darkreading – Read More
Fortune 50 Co. Pays Record-Breaking $75M Ransomware Demand
/in General NewsThe runaway success of an upstart ransomware outfit called “Dark Angels” may well influence the cyberattack landscape for years to come.
darkreading – Read More
China’s APT41 Targets Taiwan Research Institute for Cyber Espionage
/in General NewsThe state-sponsored Chinese threat actor gained access to three systems and stole at least some research data around computing and related technologies.
darkreading – Read More
Optus and Medibank Data Breach Cases Allege Cyber Security Failures
/in General NewsAustralian regulators allege that cyber security failures at Optus and Medibank contributed to data breaches in 2022, leading to theft of sensitive customer data.
Security | TechRepublic – Read More
APT41 Hackers Use ShadowPad, Cobalt Strike in Taiwanese Institute Cyber Attack
/in General NewsA Taiwanese government-affiliated research institute that specializes in computing and associated technologies was breached by nation-state threat actors with ties to China, according to new findings from Cisco Talos.
The unnamed organization was targeted as early as mid-July 2023 to deliver a variety of backdoors and post-compromise tools like ShadowPad and Cobalt Strike. It has been attributed
The Hacker News – Read More
Is the US Federal Government Increasing Cyber-Risk Through Monoculture?
/in General NewsIn a monoculture, cybercriminals need to look for a weakness in only one product, or discover an exploitable vulnerability, to affect a significant portion of services.
darkreading – Read More
APT28 Targets Diplomats with HeadLace Malware via Car Sale Phishing Lure
/in General NewsA Russia-linked threat actor has been linked to a new campaign that employed a car for sale as a phishing lure to deliver a modular Windows backdoor called HeadLace.
“The campaign likely targeted diplomats and began as early as March 2024,” Palo Alto Networks Unit 42 said in a report published today, attributing it with medium to high level of confidence to APT28, which is also referred to as
The Hacker News – Read More