The C-suite’s lack of engagement in cybersecurity poses a significant risk despite the growing threat landscape. Organizations need to prioritize cyber-risk management to prevent financial losses and damage to their reputation.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-26 10:06:342024-08-26 10:06:34C-Suite Involvement in Cybersecurity is Little More Than Lip Service
The vulnerability, CVE-2024-39717, allows administrators to upload a malicious file disguised as a PNG image through the “Change Favicon” feature in Versa Director’s GUI.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-26 10:06:342024-08-26 10:06:34CISA Adds Versa Director Bug to its Known Exploited Vulnerabilities Catalog
YouTube has launched an AI tool to help users recover hacked accounts more easily. The AI chatbot called “support assistant” will guide users through the process of securing their login and recovering their account.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-26 10:06:332024-08-26 10:06:33YouTube Launches AI Tool to Recover Hacked Accounts
Meta Platforms revealed an Iranian hacker group targeting global political figures on WhatsApp. The Iranian state-sponsored threat actor APT42 used WhatsApp accounts to target individuals in Israel, Palestine, Iran, the U.K., and the U.S.
Equiniti Trust Company, a financial services company, has been fined $850,000 by the Securities and Exchange Commission for failing to protect customer assets in two separate cyberattacks that resulted in the theft of over $6.6 million.
As per GetApp’s 2024 Executive Cybersecurity Report, 72% of cybersecurity professionals in the US have reported attacks on senior executives in the past 18 months, with AI-generated deepfakes playing a role in 27% of these incidents.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-26 09:07:132024-08-26 09:07:13Why C-Suite Leaders are Prime Cyber Targets
SolarWinds has fixed another critical bug in Web Help Desk, known as CVE-2024-28987. This flaw involves hardcoded credentials that can be exploited by remote unauthenticated users to access internal functions and alter data.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-26 09:07:122024-08-26 09:07:12Patelco Credit Union Says Breach Impacts 726k After Ransomware Gang Auctions Data
Two security vulnerabilities have been disclosed in the open-source Traccar GPS tracking system that could be potentially exploited by unauthenticated attackers to achieve remote code execution under certain circumstances.
Both the vulnerabilities are path traversal flaws and could be weaponized if guest registration is enabled, which is the default configuration for Traccar 5, Horizon3.ai
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-26 08:06:372024-08-26 08:06:37Critical Flaws in Traccar GPS System Expose Users to Remote Attacks
Cybercriminals are continuously evolving their tactics, emphasizing the need for organizations to have continuous monitoring to detect suspicious activities, according to a report by Malwarebytes.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-26 08:06:372024-08-26 08:06:37Most Ransomware Attacks Occur Between 1 AM and 5 AM
BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
C-Suite Involvement in Cybersecurity is Little More Than Lip Service
/in General NewsThe C-suite’s lack of engagement in cybersecurity poses a significant risk despite the growing threat landscape. Organizations need to prioritize cyber-risk management to prevent financial losses and damage to their reputation.
Cyware News – Latest Cyber News – Read More
CISA Adds Versa Director Bug to its Known Exploited Vulnerabilities Catalog
/in General NewsThe vulnerability, CVE-2024-39717, allows administrators to upload a malicious file disguised as a PNG image through the “Change Favicon” feature in Versa Director’s GUI.
Cyware News – Latest Cyber News – Read More
YouTube Launches AI Tool to Recover Hacked Accounts
/in General NewsYouTube has launched an AI tool to help users recover hacked accounts more easily. The AI chatbot called “support assistant” will guide users through the process of securing their login and recovering their account.
Cyware News – Latest Cyber News – Read More
Meta Says Iran-backed Hackers Targeted Political Figures on WhatsApp
/in General NewsMeta Platforms revealed an Iranian hacker group targeting global political figures on WhatsApp. The Iranian state-sponsored threat actor APT42 used WhatsApp accounts to target individuals in Israel, Palestine, Iran, the U.K., and the U.S.
Cyware News – Latest Cyber News – Read More
Financial Firm Fined $850K for Violating SEC Cyber Rules
/in General NewsEquiniti Trust Company, a financial services company, has been fined $850,000 by the Securities and Exchange Commission for failing to protect customer assets in two separate cyberattacks that resulted in the theft of over $6.6 million.
Cyware News – Latest Cyber News – Read More
Why C-Suite Leaders are Prime Cyber Targets
/in General NewsAs per GetApp’s 2024 Executive Cybersecurity Report, 72% of cybersecurity professionals in the US have reported attacks on senior executives in the past 18 months, with AI-generated deepfakes playing a role in 27% of these incidents.
Cyware News – Latest Cyber News – Read More
Another Critical SolarWinds Web Help Desk Bug Fixed (CVE-2024-28987)
/in General NewsSolarWinds has fixed another critical bug in Web Help Desk, known as CVE-2024-28987. This flaw involves hardcoded credentials that can be exploited by remote unauthenticated users to access internal functions and alter data.
Cyware News – Latest Cyber News – Read More
Patelco Credit Union Says Breach Impacts 726k After Ransomware Gang Auctions Data
/in General NewsPatelco Credit Union has confirmed a data breach impacting many individuals after the RansomHub ransomware group stole some databases.
The post Patelco Credit Union Says Breach Impacts 726k After Ransomware Gang Auctions Data appeared first on SecurityWeek.
SecurityWeek – Read More
Critical Flaws in Traccar GPS System Expose Users to Remote Attacks
/in General NewsTwo security vulnerabilities have been disclosed in the open-source Traccar GPS tracking system that could be potentially exploited by unauthenticated attackers to achieve remote code execution under certain circumstances.
Both the vulnerabilities are path traversal flaws and could be weaponized if guest registration is enabled, which is the default configuration for Traccar 5, Horizon3.ai
The Hacker News – Read More
Most Ransomware Attacks Occur Between 1 AM and 5 AM
/in General NewsCybercriminals are continuously evolving their tactics, emphasizing the need for organizations to have continuous monitoring to detect suspicious activities, according to a report by Malwarebytes.
Cyware News – Latest Cyber News – Read More