A 33-year-old Latvian national living in Moscow, Russia, has been charged in the U.S. for allegedly stealing data, extorting victims, and laundering ransom payments since August 2021.
Deniss Zolotarjovs (aka Sforza_cesarini) has been charged with conspiring to commit money laundering, wire fraud and Hobbs Act extortion. He was arrested in Georgia in December 2023 and has since been extradited to
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-23 06:06:582024-08-23 06:06:58Latvian Hacker Extradited to U.S. for Role in Karakurt Cybercrime Group
Cybersecurity researchers have uncovered a new information stealer that’s designed to target Apple macOS hosts and harvest a wide range of information, underscoring how threat actors are increasingly setting their sights on the operating system.
Dubbed Cthulhu Stealer, the malware has been available under a malware-as-a-service (MaaS) model for $500 a month from late 2023. It’s capable of
Australia is rapidly embracing renewable energy. But for the nation to successfully leverage renewable energy, it is imperative to establish strong IT foundations.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-22 19:06:382024-08-22 19:06:38Cyber Security and IT Leadership: A Growing Threat to Australia’s Renewable Energy Efforts
Cybersecurity researchers have uncovered a hardware backdoor within a particular model of MIFARE Classic contactless cards that could allow authentication with an unknown key and open hotel rooms and office doors.
The attacks have been demonstrated against FM11RF08S, a new variant of MIFARE Classic that was released by Shanghai Fudan Microelectronics in 2020.
“The FM11RF08S backdoor enables any
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-22 18:07:072024-08-22 18:07:07Hardware Backdoor Discovered in RFID Cards Used in Hotels and Offices Worldwide
SolarWinds has issued patches to address a new security flaw in its Web Help Desk (WHD) software that could allow remote unauthenticated users to gain unauthorized access to susceptible instances.
“The SolarWinds Web Help Desk (WHD) software is affected by a hardcoded credential vulnerability, allowing [a] remote unauthenticated user to access internal functionality and modify data,” the company
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-22 18:07:072024-08-22 18:07:07Hardcoded Credential Vulnerability Found in SolarWinds Web Help Desk
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-22 17:06:492024-08-22 17:06:49INE Security Launches Initiatives to Invest in the Education of Aspiring Cybersecurity Professionals
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-22 17:06:492024-08-22 17:06:49Fur Affinity Website Hacked in DNS Hijacking Attack
Details have emerged about a China-nexus threat group’s exploitation of a recently disclosed, now-patched security flaw in Cisco switches as a zero-day to seize control of the appliance and evade detection.
The activity, attributed to Velvet Ant, was observed early this year and involved the weaponization of CVE-2024-20399 (CVSS score: 6.0) to deliver bespoke malware and gain extensive control
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-22 17:06:492024-08-22 17:06:49Chinese Hackers Exploit Zero-Day Cisco Switch Flaw to Gain System Control
As many as 15,000 applications using Amazon Web Services’ (AWS) Application Load Balancer (ALB) for authentication are potentially susceptible to a configuration-based issue that could expose them to sidestep access controls and compromise applications.
That’s according to findings from Israeli cybersecurity company Miggo, which dubbed the problem ALBeast.
“This vulnerability allows attackers to
BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Latvian Hacker Extradited to U.S. for Role in Karakurt Cybercrime Group
/in General NewsA 33-year-old Latvian national living in Moscow, Russia, has been charged in the U.S. for allegedly stealing data, extorting victims, and laundering ransom payments since August 2021.
Deniss Zolotarjovs (aka Sforza_cesarini) has been charged with conspiring to commit money laundering, wire fraud and Hobbs Act extortion. He was arrested in Georgia in December 2023 and has since been extradited to
The Hacker News – Read More
New macOS Malware “Cthulhu Stealer” Targets Apple Users’ Data
/in General NewsCybersecurity researchers have uncovered a new information stealer that’s designed to target Apple macOS hosts and harvest a wide range of information, underscoring how threat actors are increasingly setting their sights on the operating system.
Dubbed Cthulhu Stealer, the malware has been available under a malware-as-a-service (MaaS) model for $500 a month from late 2023. It’s capable of
The Hacker News – Read More
Cyber Security and IT Leadership: A Growing Threat to Australia’s Renewable Energy Efforts
/in General NewsAustralia is rapidly embracing renewable energy. But for the nation to successfully leverage renewable energy, it is imperative to establish strong IT foundations.
Security | TechRepublic – Read More
Oil Giant Halliburton Confirms Cyber Incident, Details Scarce
/in General NewsUS oil giant Halliburton confirmed its computer systems were hit by a cyberattack that affected operations at its Houston offices.
The post Oil Giant Halliburton Confirms Cyber Incident, Details Scarce appeared first on SecurityWeek.
SecurityWeek – Read More
Hardware Backdoor Discovered in RFID Cards Used in Hotels and Offices Worldwide
/in General NewsCybersecurity researchers have uncovered a hardware backdoor within a particular model of MIFARE Classic contactless cards that could allow authentication with an unknown key and open hotel rooms and office doors.
The attacks have been demonstrated against FM11RF08S, a new variant of MIFARE Classic that was released by Shanghai Fudan Microelectronics in 2020.
“The FM11RF08S backdoor enables any
The Hacker News – Read More
Hardcoded Credential Vulnerability Found in SolarWinds Web Help Desk
/in General NewsSolarWinds has issued patches to address a new security flaw in its Web Help Desk (WHD) software that could allow remote unauthenticated users to gain unauthorized access to susceptible instances.
“The SolarWinds Web Help Desk (WHD) software is affected by a hardcoded credential vulnerability, allowing [a] remote unauthenticated user to access internal functionality and modify data,” the company
The Hacker News – Read More
INE Security Launches Initiatives to Invest in the Education of Aspiring Cybersecurity Professionals
/in General NewsCary, North Carolina, 22nd August 2024, CyberNewsWire
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Fur Affinity Website Hacked in DNS Hijacking Attack
/in General NewsFur Affinity’s domain and Twitter were compromised in a major DNS hijacking on August 20, 2024. Hackers redirected…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Chinese Hackers Exploit Zero-Day Cisco Switch Flaw to Gain System Control
/in General NewsDetails have emerged about a China-nexus threat group’s exploitation of a recently disclosed, now-patched security flaw in Cisco switches as a zero-day to seize control of the appliance and evade detection.
The activity, attributed to Velvet Ant, was observed early this year and involved the weaponization of CVE-2024-20399 (CVSS score: 6.0) to deliver bespoke malware and gain extensive control
The Hacker News – Read More
New ‘ALBeast’ Vulnerability Exposes Weakness in AWS Application Load Balancer
/in General NewsAs many as 15,000 applications using Amazon Web Services’ (AWS) Application Load Balancer (ALB) for authentication are potentially susceptible to a configuration-based issue that could expose them to sidestep access controls and compromise applications.
That’s according to findings from Israeli cybersecurity company Miggo, which dubbed the problem ALBeast.
“This vulnerability allows attackers to
The Hacker News – Read More