A sophisticated trio of Chinese cyberespionage groups known as Cluster Alpha, Cluster Bravo, and Cluster Charlie are behind the Crimson Palace espionage campaign targeting government organizations in Southeast Asia.
Siemens has issued a critical security advisory for its User Management Component (UMC), revealing a heap-based buffer overflow vulnerability (CVE-2024-33698) with a 9. 3 CVSS score.
CosmicBeetle has unleashed a new ransomware called ScRansom, targeting SMBs in Europe, Asia, Africa, and South America, possibly working with RansomHub. The threat actor swapped its Scarab ransomware for ScRansom, showing ongoing enhancements.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-09-11 12:06:442024-09-11 12:06:44CosmicBeetle Upgrades Arsenal with New ScRansom Ransomware to Target SMBs
OpenZiti is an open-source networking project that embeds zero-trust principles directly into applications, offering features like strong identity, mTLS, E2EE, private DNS, and smart routing.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-09-11 12:06:442024-09-11 12:06:44OpenZiti: Secure, Open-Source Networking for Your Applications
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-09-11 11:06:442024-09-11 11:06:44Microsoft Adds Support for Post-Quantum Algorithms in SymCrypt Library
The HIUPAN worm allows Earth Preta to propagate malware into networks via removable drives, maintaining persistence by modifying registry values and creating autorun entries.
According to an FBI report, cryptocurrency scams surged in 2023, leading to victims reporting $5. 6 billion in financial losses associated with crypto schemes, a 45% increase from the previous year.
The agency is losing nearly a fifth of its cyber capacity annually due to a broken pay system, leading to increased costs with temporary labor and consultants making up over 10% of its budget.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-09-11 10:06:502024-09-11 10:06:50UK: National Crime Agency, Responsible for Fighting Cybercrime, ‘On Its Knees,’ Warns Report
Zyxel has released critical hotfixes for its end-of-support NAS devices, NAS326 and NAS542, to address a severe command injection vulnerability (CVE-2024-6342) with a CVSS score of 9. 8.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-09-11 10:06:502024-09-11 10:06:50Critical Command Injection Flaw in Zyxel NAS Devices, Hotfixes Released for End-of-Support Products
BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Chinese ‘Crimson Palace’ Espionage Campaign Keeps Hacking Southeast Asian Governments
/in General NewsA sophisticated trio of Chinese cyberespionage groups known as Cluster Alpha, Cluster Bravo, and Cluster Charlie are behind the Crimson Palace espionage campaign targeting government organizations in Southeast Asia.
Cyware News – Latest Cyber News – Read More
Siemens Issues Critical Security Advisory for User Management Component (UMC)
/in General NewsSiemens has issued a critical security advisory for its User Management Component (UMC), revealing a heap-based buffer overflow vulnerability (CVE-2024-33698) with a 9. 3 CVSS score.
Cyware News – Latest Cyber News – Read More
CosmicBeetle Upgrades Arsenal with New ScRansom Ransomware to Target SMBs
/in General NewsCosmicBeetle has unleashed a new ransomware called ScRansom, targeting SMBs in Europe, Asia, Africa, and South America, possibly working with RansomHub. The threat actor swapped its Scarab ransomware for ScRansom, showing ongoing enhancements.
Cyware News – Latest Cyber News – Read More
OpenZiti: Secure, Open-Source Networking for Your Applications
/in General NewsOpenZiti is an open-source networking project that embeds zero-trust principles directly into applications, offering features like strong identity, mTLS, E2EE, private DNS, and smart routing.
Cyware News – Latest Cyber News – Read More
Microsoft Adds Support for Post-Quantum Algorithms in SymCrypt Library
/in General NewsMicrosoft has started introducing support for post-quantum algorithms in SymCrypt, its main cryptographic library.
The post Microsoft Adds Support for Post-Quantum Algorithms in SymCrypt Library appeared first on SecurityWeek.
SecurityWeek – Read More
Earth Preta Upgrades Attack Strategy via Removable Drives
/in General NewsThe HIUPAN worm allows Earth Preta to propagate malware into networks via removable drives, maintaining persistence by modifying registry values and creating autorun entries.
Cyware News – Latest Cyber News – Read More
FBI Report Says Cryptocurrency Scams Surged in 2023
/in General NewsAccording to an FBI report, cryptocurrency scams surged in 2023, leading to victims reporting $5. 6 billion in financial losses associated with crypto schemes, a 45% increase from the previous year.
Cyware News – Latest Cyber News – Read More
UK: National Crime Agency, Responsible for Fighting Cybercrime, ‘On Its Knees,’ Warns Report
/in General NewsThe agency is losing nearly a fifth of its cyber capacity annually due to a broken pay system, leading to increased costs with temporary labor and consultants making up over 10% of its budget.
Cyware News – Latest Cyber News – Read More
Critical Command Injection Flaw in Zyxel NAS Devices, Hotfixes Released for End-of-Support Products
/in General NewsZyxel has released critical hotfixes for its end-of-support NAS devices, NAS326 and NAS542, to address a severe command injection vulnerability (CVE-2024-6342) with a CVSS score of 9. 8.
Cyware News – Latest Cyber News – Read More
Chrome 128 Update Resolves High-Severity Vulnerabilities
/in General NewsGoogle has released a Chrome 128 security update to resolve high-severity memory safety vulnerabilities.
The post Chrome 128 Update Resolves High-Severity Vulnerabilities appeared first on SecurityWeek.
SecurityWeek – Read More