Researchers recently warned that Ecovacs vacuum and lawn mower robots could be hacked to spy on their owners, with one flaw that allows attackers to take over devices’ cameras and microphones via Bluetooth.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-26 11:06:562024-08-26 11:06:56Hackers can Take Over Ecovacs Home Robots to Spy on Device Owners
A memory-only dropper decrypts and executes a PowerShell-based downloader known as PEAKLIGHT, allowing for the distribution of malware such as Lumma Stealer, Hijack Loader, and CryptBot.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-26 11:06:552024-08-26 11:06:55Stealthy Memory-Only Dropper Delivers PEAKLIGHT Loader on Windows Systems
The C-suite’s lack of engagement in cybersecurity poses a significant risk despite the growing threat landscape. Organizations need to prioritize cyber-risk management to prevent financial losses and damage to their reputation.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-26 10:06:342024-08-26 10:06:34C-Suite Involvement in Cybersecurity is Little More Than Lip Service
The vulnerability, CVE-2024-39717, allows administrators to upload a malicious file disguised as a PNG image through the “Change Favicon” feature in Versa Director’s GUI.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-26 10:06:342024-08-26 10:06:34CISA Adds Versa Director Bug to its Known Exploited Vulnerabilities Catalog
YouTube has launched an AI tool to help users recover hacked accounts more easily. The AI chatbot called “support assistant” will guide users through the process of securing their login and recovering their account.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-26 10:06:332024-08-26 10:06:33YouTube Launches AI Tool to Recover Hacked Accounts
Meta Platforms revealed an Iranian hacker group targeting global political figures on WhatsApp. The Iranian state-sponsored threat actor APT42 used WhatsApp accounts to target individuals in Israel, Palestine, Iran, the U.K., and the U.S.
Equiniti Trust Company, a financial services company, has been fined $850,000 by the Securities and Exchange Commission for failing to protect customer assets in two separate cyberattacks that resulted in the theft of over $6.6 million.
As per GetApp’s 2024 Executive Cybersecurity Report, 72% of cybersecurity professionals in the US have reported attacks on senior executives in the past 18 months, with AI-generated deepfakes playing a role in 27% of these incidents.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-26 09:07:132024-08-26 09:07:13Why C-Suite Leaders are Prime Cyber Targets
SolarWinds has fixed another critical bug in Web Help Desk, known as CVE-2024-28987. This flaw involves hardcoded credentials that can be exploited by remote unauthenticated users to access internal functions and alter data.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-26 09:07:122024-08-26 09:07:12Patelco Credit Union Says Breach Impacts 726k After Ransomware Gang Auctions Data
BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Hackers can Take Over Ecovacs Home Robots to Spy on Device Owners
/in General NewsResearchers recently warned that Ecovacs vacuum and lawn mower robots could be hacked to spy on their owners, with one flaw that allows attackers to take over devices’ cameras and microphones via Bluetooth.
Cyware News – Latest Cyber News – Read More
Stealthy Memory-Only Dropper Delivers PEAKLIGHT Loader on Windows Systems
/in General NewsA memory-only dropper decrypts and executes a PowerShell-based downloader known as PEAKLIGHT, allowing for the distribution of malware such as Lumma Stealer, Hijack Loader, and CryptBot.
Cyware News – Latest Cyber News – Read More
C-Suite Involvement in Cybersecurity is Little More Than Lip Service
/in General NewsThe C-suite’s lack of engagement in cybersecurity poses a significant risk despite the growing threat landscape. Organizations need to prioritize cyber-risk management to prevent financial losses and damage to their reputation.
Cyware News – Latest Cyber News – Read More
CISA Adds Versa Director Bug to its Known Exploited Vulnerabilities Catalog
/in General NewsThe vulnerability, CVE-2024-39717, allows administrators to upload a malicious file disguised as a PNG image through the “Change Favicon” feature in Versa Director’s GUI.
Cyware News – Latest Cyber News – Read More
YouTube Launches AI Tool to Recover Hacked Accounts
/in General NewsYouTube has launched an AI tool to help users recover hacked accounts more easily. The AI chatbot called “support assistant” will guide users through the process of securing their login and recovering their account.
Cyware News – Latest Cyber News – Read More
Meta Says Iran-backed Hackers Targeted Political Figures on WhatsApp
/in General NewsMeta Platforms revealed an Iranian hacker group targeting global political figures on WhatsApp. The Iranian state-sponsored threat actor APT42 used WhatsApp accounts to target individuals in Israel, Palestine, Iran, the U.K., and the U.S.
Cyware News – Latest Cyber News – Read More
Financial Firm Fined $850K for Violating SEC Cyber Rules
/in General NewsEquiniti Trust Company, a financial services company, has been fined $850,000 by the Securities and Exchange Commission for failing to protect customer assets in two separate cyberattacks that resulted in the theft of over $6.6 million.
Cyware News – Latest Cyber News – Read More
Why C-Suite Leaders are Prime Cyber Targets
/in General NewsAs per GetApp’s 2024 Executive Cybersecurity Report, 72% of cybersecurity professionals in the US have reported attacks on senior executives in the past 18 months, with AI-generated deepfakes playing a role in 27% of these incidents.
Cyware News – Latest Cyber News – Read More
Another Critical SolarWinds Web Help Desk Bug Fixed (CVE-2024-28987)
/in General NewsSolarWinds has fixed another critical bug in Web Help Desk, known as CVE-2024-28987. This flaw involves hardcoded credentials that can be exploited by remote unauthenticated users to access internal functions and alter data.
Cyware News – Latest Cyber News – Read More
Patelco Credit Union Says Breach Impacts 726k After Ransomware Gang Auctions Data
/in General NewsPatelco Credit Union has confirmed a data breach impacting many individuals after the RansomHub ransomware group stole some databases.
The post Patelco Credit Union Says Breach Impacts 726k After Ransomware Gang Auctions Data appeared first on SecurityWeek.
SecurityWeek – Read More