The “Census of Free and Open Source Software” report, which identifies the most critical software projects, sees more cloud infrastructure and Python software designated as critical software components.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-12-06 15:07:032024-12-06 15:07:03Open Source Security Priorities Get a Reshuffle
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-12-06 14:07:002024-12-06 14:07:00Ethyca Raises $10 Million for Data Privacy Platform
Noteworthy stories that might have slipped under the radar: ENISA and NCSC release cybersecurity reports, abuse of Cloudflare services, FBI warns of gen-AI enabling fraud.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-12-06 14:06:592024-12-06 14:06:59In Other News: Cloudflare Abuse, UK and EU Cybersecurity Reports, FBI Gen-AI Alert
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-12-06 12:06:562024-12-06 12:06:56Atrium Health Data Breach Impacts 585,000 People
The European Commission issued a retention order to TikTok on December 6, 2024, mandating the need to keep all data related to the Romanian elections for further investigations. This order comes a few days after Romanian’s president Klaus Iohannis ordered to declassify SRI’s (Romanian’s Intelligence Service) recent investigation. The Romanian Intelligence Service (SRI) accused Russia of…
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-12-06 11:06:542024-12-06 11:06:54European Commission Orders TikTok to Preserve Data on Romanian Election Under Digital Services Act
The threat actors behind the More_eggs malware have been linked to two new malware families, indicating an expansion of its malware-as-a-service (MaaS) operation.
This includes a novel information-stealing backdoor called RevC2 and a loader codenamed Venom Loader, both of which are deployed using VenomLNK, a staple tool that serves as an initial access vector for the deployment of follow-on
The threat actor known as Gamaredon has been observed leveraging Cloudflare Tunnels as a tactic to conceal its staging infrastructure hosting a malware called GammaDrop.
The activity is part of an ongoing spear-phishing campaign targeting Ukrainian entities since at least early 2024 that’s designed to drop the Visual Basic Script malware, Recorded Future’s Insikt Group said in a new analysis.
BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Open Source Security Priorities Get a Reshuffle
/in General NewsThe “Census of Free and Open Source Software” report, which identifies the most critical software projects, sees more cloud infrastructure and Python software designated as critical software components.
darkreading – Read More
Ethyca Raises $10 Million for Data Privacy Platform
/in General NewsData privacy solutions provider Ethyca has raised $10 million in a funding round led by Aspenwood Ventures and AVP.
The post Ethyca Raises $10 Million for Data Privacy Platform appeared first on SecurityWeek.
SecurityWeek – Read More
In Other News: Cloudflare Abuse, UK and EU Cybersecurity Reports, FBI Gen-AI Alert
/in General NewsNoteworthy stories that might have slipped under the radar: ENISA and NCSC release cybersecurity reports, abuse of Cloudflare services, FBI warns of gen-AI enabling fraud.
The post In Other News: Cloudflare Abuse, UK and EU Cybersecurity Reports, FBI Gen-AI Alert appeared first on SecurityWeek.
SecurityWeek – Read More
SonicWall Patches 6 Vulnerabilities in Secure Access Gateway
/in General NewsSonicWall has released patches for multiple high-severity flaws in the SMA100 SSL-VPN secure access gateway.
The post SonicWall Patches 6 Vulnerabilities in Secure Access Gateway appeared first on SecurityWeek.
SecurityWeek – Read More
Atrium Health Data Breach Impacts 585,000 People
/in General NewsAtrium Health has notified the HHS of a data breach impacting 585,000 individuals, and the incident may be related to online tracking.
The post Atrium Health Data Breach Impacts 585,000 People appeared first on SecurityWeek.
SecurityWeek – Read More
Google Open Sources Security Patch Validation Tool for Android
/in General NewsGoogle has announced the open source availability of Vanir, a patch validation tool for Android platform developers.
The post Google Open Sources Security Patch Validation Tool for Android appeared first on SecurityWeek.
SecurityWeek – Read More
European Commission Orders TikTok to Preserve Data on Romanian Election Under Digital Services Act
/in General NewsThe European Commission issued a retention order to TikTok on December 6, 2024, mandating the need to keep all data related to the Romanian elections for further investigations. This order comes a few days after Romanian’s president Klaus Iohannis ordered to declassify SRI’s (Romanian’s Intelligence Service) recent investigation. The Romanian Intelligence Service (SRI) accused Russia of…
Source
TechSplicer – Read More
More_eggs MaaS Expands Operations with RevC2 Backdoor and Venom Loader
/in General NewsThe threat actors behind the More_eggs malware have been linked to two new malware families, indicating an expansion of its malware-as-a-service (MaaS) operation.
This includes a novel information-stealing backdoor called RevC2 and a loader codenamed Venom Loader, both of which are deployed using VenomLNK, a staple tool that serves as an initial access vector for the deployment of follow-on
The Hacker News – Read More
Hackers Leveraging Cloudflare Tunnels, DNS Fast-Flux to Hide GammaDrop Malware
/in General NewsThe threat actor known as Gamaredon has been observed leveraging Cloudflare Tunnels as a tactic to conceal its staging infrastructure hosting a malware called GammaDrop.
The activity is part of an ongoing spear-phishing campaign targeting Ukrainian entities since at least early 2024 that’s designed to drop the Visual Basic Script malware, Recorded Future’s Insikt Group said in a new analysis.
The Hacker News – Read More
Critical Vulnerability Discovered in SailPoint IdentityIQ
/in General NewsA critical directory traversal vulnerability in the SailPoint IdentityIQ IAM platform exposes restricted files to attackers.
The post Critical Vulnerability Discovered in SailPoint IdentityIQ appeared first on SecurityWeek.
SecurityWeek – Read More