ESET uncovered a new cyber-espionage campaign tied to a South Korean APT group that used a remote code execution (RCE) vulnerability in WPS Office for Windows to deploy a custom backdoor called “SpyGlace.”
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-28 11:06:552024-08-28 11:06:55South Korean APT Group Exploits WPS Office Zero-Day for Espionage
This flaw allows attackers to execute remote code without authentication, posing a serious risk. Versions up to 18.12.14 are affected, and organizations are advised to upgrade to version 18.12.15 to mitigate the issue.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-28 10:06:392024-08-28 10:06:39950,000 Impacted by Young Consulting Data Breach
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-28 07:07:272024-08-28 07:07:27Zimbabwe Trains Government Officials in Cybersecurity Skills
Cybersecurity researchers are calling attention to a new QR code phishing (aka quishing) campaign that leverages Microsoft Sway infrastructure to host fake pages, once again highlighting the abuse of legitimate cloud offerings for malicious purposes.
“By using legitimate cloud applications, attackers provide credibility to victims, helping them to trust the content it serves,” Netskope Threat
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-28 07:07:272024-08-28 07:07:27New QR Code Phishing Campaign Exploits Microsoft Sway to Steal Credentials
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw affecting the Apache OFBiz open-source enterprise resource planning (ERP) system to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild.
The vulnerability, known as CVE-2024-38856, carries a CVSS score of 9.8, indicating critical severity.
A critical security flaw has been disclosed in the WPML WordPress multilingual plugin that could allow authenticated users to execute arbitrary code remotely under certain circumstances.
The vulnerability, tracked as CVE-2024-6386 (CVSS score: 9.9), impacts all versions of the plugin before 4.6.13, which was released on August 20, 2024.
Arising due to missing input validation and sanitization,
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-27 22:06:562024-08-27 22:06:5677% of Educational Institutions Spotted a Cyberattack Within the Last 12 Months
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-27 21:06:522024-08-27 21:06:52PoC Exploit for Zero-Click Vulnerability Made Available to the Masses
BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
South Korean APT Group Exploits WPS Office Zero-Day for Espionage
/in General NewsESET uncovered a new cyber-espionage campaign tied to a South Korean APT group that used a remote code execution (RCE) vulnerability in WPS Office for Windows to deploy a custom backdoor called “SpyGlace.”
Cyware News – Latest Cyber News – Read More
Critical Apache OFBiz Vulnerability CVE-2024-38856 Identified and Actively Exploited
/in General NewsThis flaw allows attackers to execute remote code without authentication, posing a serious risk. Versions up to 18.12.14 are affected, and organizations are advised to upgrade to version 18.12.15 to mitigate the issue.
Cyware News – Latest Cyber News – Read More
950,000 Impacted by Young Consulting Data Breach
/in General NewsThe personal information of over 950,000 people was compromised in a BlackSuit ransomware attack on Young Consulting.
The post 950,000 Impacted by Young Consulting Data Breach appeared first on SecurityWeek.
SecurityWeek – Read More
Second Apache OFBiz Vulnerability Exploited in Attacks
/in General NewsCISA is warning organizations that a second Apache OFBiz flaw is being exploited in the wild shortly after the release of PoC exploits.
The post Second Apache OFBiz Vulnerability Exploited in Attacks appeared first on SecurityWeek.
SecurityWeek – Read More
Zimbabwe Trains Government Officials in Cybersecurity Skills
/in General NewsAfrican nation’s proactive approach to cybersecurity comes amid a rise in painful cyberattacks including the breach of a major bank.
darkreading – Read More
New QR Code Phishing Campaign Exploits Microsoft Sway to Steal Credentials
/in General NewsCybersecurity researchers are calling attention to a new QR code phishing (aka quishing) campaign that leverages Microsoft Sway infrastructure to host fake pages, once again highlighting the abuse of legitimate cloud offerings for malicious purposes.
“By using legitimate cloud applications, attackers provide credibility to victims, helping them to trust the content it serves,” Netskope Threat
The Hacker News – Read More
CISA Flags Critical Apache OFBiz Flaw Amid Active Exploitation Reports
/in General NewsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw affecting the Apache OFBiz open-source enterprise resource planning (ERP) system to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild.
The vulnerability, known as CVE-2024-38856, carries a CVSS score of 9.8, indicating critical severity.
The Hacker News – Read More
Critical WPML Plugin Flaw Exposes WordPress Sites to Remote Code Execution
/in General NewsA critical security flaw has been disclosed in the WPML WordPress multilingual plugin that could allow authenticated users to execute arbitrary code remotely under certain circumstances.
The vulnerability, tracked as CVE-2024-6386 (CVSS score: 9.9), impacts all versions of the plugin before 4.6.13, which was released on August 20, 2024.
Arising due to missing input validation and sanitization,
The Hacker News – Read More
77% of Educational Institutions Spotted a Cyberattack Within the Last 12 Months
/in General NewsPost Content
darkreading – Read More
PoC Exploit for Zero-Click Vulnerability Made Available to the Masses
/in General NewsThe exploit can be accessed on GitHub and makes it easier for the flaw to be exploited by threat actors.
darkreading – Read More