The US water sector suffered a stream of cyberattacks over the past year and half, from a mix of cybercriminals, hacktivists, and nation-state hacking teams. Here’s how the industry and ICS/OT security experts are working to better secure vulnerable drinking and wastewater utilities.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-12-27 14:06:572024-12-27 14:06:57Hackers Are Hot for Water Utilities
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-12-27 14:06:562024-12-27 14:06:56Record-breaking ransoms and breaches: A timeline of ransomware in 2024
Sometimes it feels like burnout is an inevitable part of working in cybersecurity. But a little bit of knowledge can help you and your staff stay healthy.
Smartphones and face recognition are being combined to create new digital travel documents. The paper passport’s days are numbered—despite new privacy risks.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-12-27 12:07:062024-12-27 12:07:06The Paper Passport Is Dying
The threat actor known as Cloud Atlas has been observed using a previously undocumented malware called VBCloud as part of its cyber attack campaigns targeting “several dozen users” in 2024.
“Victims get infected via phishing emails containing a malicious document that exploits a vulnerability in the formula editor (CVE-2018-0802) to download and execute malware code,” Kaspersky researcher Oleg
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-12-27 12:07:062024-12-27 12:07:06Cloud Atlas Deploys VBCloud Malware: Over 80% of Targets Found in Russia
Cybersecurity researchers are warning about a spike in malicious activity that involves roping vulnerable D-Link routers into two different botnets, a Mirai variant dubbed FICORA and a Kaiten (aka Tsunami) variant called CAPSAICIN.
“These botnets are frequently spread through documented D-Link vulnerabilities that allow remote attackers to execute malicious commands via a GetDeviceSettings
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-12-27 09:07:572024-12-27 09:07:57FICORA and Kaiten Botnets Exploit Old D-Link Vulnerabilities for Global Attacks
Palo Alto Networks has disclosed a high-severity vulnerability impacting PAN-OS software that could cause a denial-of-service (DoS) condition on susceptible devices.
The flaw, tracked as CVE-2024-3393 (CVSS score: 8.7), impacts PAN-OS versions 10.X and 11.X, as well as Prisma Access running PAN-OS versions. It has been addressed in PAN-OS 10.1.14-h8, PAN-OS 10.2.10-h12, PAN-OS 11.1.5, PAN-OS
A request for proposal is a common method for soliciting vendor quotes and answers about potential product or service offerings. They specifically intend to gather details involving implementation, operations, and maintenance. This facilitates the decision-making process, allowing organizations to choose the RFP responses which best suit their needs. This guidebook, written by Scott Matteson for …
The Apache Software Foundation (ASF) has released patches to address a maximum severity vulnerability in the MINA Java network application framework that could result in remote code execution under specific conditions.
Tracked as CVE-2024-52046, the vulnerability carries a CVSS score of 10.0. It affects versions 2.0.X, 2.1.X, and 2.2.X.
“The ObjectSerializationDecoder in Apache MINA uses Java’s
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-12-27 05:06:582024-12-27 05:06:58Hackers Release Second Batch of Stolen Cisco Data
BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Hackers Are Hot for Water Utilities
/in General NewsThe US water sector suffered a stream of cyberattacks over the past year and half, from a mix of cybercriminals, hacktivists, and nation-state hacking teams. Here’s how the industry and ICS/OT security experts are working to better secure vulnerable drinking and wastewater utilities.
darkreading – Read More
Record-breaking ransoms and breaches: A timeline of ransomware in 2024
/in General NewsFrom LoanDepot to Evolve Bank and Blue Yonder, these ransomware attacks affect tens of millions of people.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Defining & Defying Cybersecurity Staff Burnout
/in General NewsSometimes it feels like burnout is an inevitable part of working in cybersecurity. But a little bit of knowledge can help you and your staff stay healthy.
darkreading – Read More
The Paper Passport Is Dying
/in General NewsSmartphones and face recognition are being combined to create new digital travel documents. The paper passport’s days are numbered—despite new privacy risks.
Security Latest – Read More
Cloud Atlas Deploys VBCloud Malware: Over 80% of Targets Found in Russia
/in General NewsThe threat actor known as Cloud Atlas has been observed using a previously undocumented malware called VBCloud as part of its cyber attack campaigns targeting “several dozen users” in 2024.
“Victims get infected via phishing emails containing a malicious document that exploits a vulnerability in the formula editor (CVE-2018-0802) to download and execute malware code,” Kaspersky researcher Oleg
The Hacker News – Read More
FICORA and Kaiten Botnets Exploit Old D-Link Vulnerabilities for Global Attacks
/in General NewsCybersecurity researchers are warning about a spike in malicious activity that involves roping vulnerable D-Link routers into two different botnets, a Mirai variant dubbed FICORA and a Kaiten (aka Tsunami) variant called CAPSAICIN.
“These botnets are frequently spread through documented D-Link vulnerabilities that allow remote attackers to execute malicious commands via a GetDeviceSettings
The Hacker News – Read More
Palo Alto Releases Patch for PAN-OS DoS Flaw — Update Immediately
/in General NewsPalo Alto Networks has disclosed a high-severity vulnerability impacting PAN-OS software that could cause a denial-of-service (DoS) condition on susceptible devices.
The flaw, tracked as CVE-2024-3393 (CVSS score: 8.7), impacts PAN-OS versions 10.X and 11.X, as well as Prisma Access running PAN-OS versions. It has been addressed in PAN-OS 10.1.14-h8, PAN-OS 10.2.10-h12, PAN-OS 11.1.5, PAN-OS
The Hacker News – Read More
RFP Templates and Guidebook
/in General NewsA request for proposal is a common method for soliciting vendor quotes and answers about potential product or service offerings. They specifically intend to gather details involving implementation, operations, and maintenance. This facilitates the decision-making process, allowing organizations to choose the RFP responses which best suit their needs. This guidebook, written by Scott Matteson for …
Security | TechRepublic – Read More
Apache MINA CVE-2024-52046: CVSS 10.0 Flaw Enables RCE via Unsafe Serialization
/in General NewsThe Apache Software Foundation (ASF) has released patches to address a maximum severity vulnerability in the MINA Java network application framework that could result in remote code execution under specific conditions.
Tracked as CVE-2024-52046, the vulnerability carries a CVSS score of 10.0. It affects versions 2.0.X, 2.1.X, and 2.2.X.
“The ObjectSerializationDecoder in Apache MINA uses Java’s
The Hacker News – Read More
Hackers Release Second Batch of Stolen Cisco Data
/in General NewsIN THIS ARTICLE: Hackers have released what they claim to be the second batch of data stolen in…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More