A newly patched security flaw in Microsoft Windows was exploited as a zero-day by Lazarus Group, a prolific state-sponsored actor affiliated with North Korea.
The security vulnerability, tracked as CVE-2024-38193 (CVSS score: 7.8), has been described as a privilege escalation bug in the Windows Ancillary Function Driver (AFD.sys) for WinSock.
“An attacker who successfully exploited this
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-19 08:07:422024-08-19 08:07:42Microsoft Patches Zero-Day Flaw Exploited by North Korea’s Lazarus Group
Cybersecurity researchers have discovered new infrastructure linked to a financially motivated threat actor known as FIN7.
The two clusters of potential FIN7 activity “indicate communications inbound to FIN7 infrastructure from IP addresses assigned to Post Ltd (Russia) and SmartApe (Estonia), respectively,” Team Cymru said in a report published this week as part of a joint investigation with
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-19 06:07:102024-08-19 06:07:10Researchers Uncover New Infrastructure Tied to FIN7 Cybercrime Group
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-17 15:06:492024-08-17 15:06:49Did you get a fake McAfee or Norton invoice? How the scam works (and what not to do)
Plus: US regulators fine T-Mobile $60 million for mishap with sensitive data, New Zealand approves Kim Dotcom’s US extradition, and San Francisco takes on deepfake porn.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-17 14:06:432024-08-17 14:06:43Geofence Warrants Ruled Unconstitutional—but That’s Not the End of It
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-17 12:07:002024-08-17 12:07:007-Year-Old Pre-Installed Google Pixel App Flaw Puts Millions at Risk
Scammers have been targeting dozens of Google products through malicious search ads. They impersonated Google’s product line and used Looker Studio to lock up Windows and Mac users’ browsers.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-17 09:07:162024-08-17 09:07:16Dozens of Google Products Targeted by Scammers via Malicious Search Ads
OpenAI on Friday said it banned a set of accounts linked to what it said was an Iranian covert influence operation that leveraged ChatGPT to generate content that, among other things, focused on the upcoming U.S. presidential election.
“This week we identified and took down a cluster of ChatGPT accounts that were generating content for a covert Iranian influence operation identified as
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-17 07:06:362024-08-17 07:06:36OpenAI Blocks Iranian Influence Operation Using ChatGPT for U.S. Election Propaganda
Server-Side Template Injection (SSTI) vulnerabilities are a growing concern in web applications, allowing attackers to inject malicious code into templates and gain control over servers.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-17 07:06:362024-08-17 07:06:36Server-Side Template Injection: Transforming Web Applications from Assets to Liabilities – Check Point Research
The malware masquerades as legitimate applications like Microsoft Office and creates an empty file to lure users. It also checks for virtual machines and uses sleep obfuscation to evade memory scanners.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-17 07:06:352024-08-17 07:06:35A Deep Dive Into a New ValleyRAT Campaign Targeting Chinese Speakers
These vulnerabilities could allow attackers to execute arbitrary code, disclose sensitive information, or disrupt device functionality, posing a significant threat to industrial and commercial networks relying on these devices.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-17 06:06:352024-08-17 06:06:35CISA Warns Critical Vulnerabilities in Vonets WiFi Bridge Devices, No Patch Available
BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Microsoft Patches Zero-Day Flaw Exploited by North Korea’s Lazarus Group
/in General NewsA newly patched security flaw in Microsoft Windows was exploited as a zero-day by Lazarus Group, a prolific state-sponsored actor affiliated with North Korea.
The security vulnerability, tracked as CVE-2024-38193 (CVSS score: 7.8), has been described as a privilege escalation bug in the Windows Ancillary Function Driver (AFD.sys) for WinSock.
“An attacker who successfully exploited this
The Hacker News – Read More
Researchers Uncover New Infrastructure Tied to FIN7 Cybercrime Group
/in General NewsCybersecurity researchers have discovered new infrastructure linked to a financially motivated threat actor known as FIN7.
The two clusters of potential FIN7 activity “indicate communications inbound to FIN7 infrastructure from IP addresses assigned to Post Ltd (Russia) and SmartApe (Estonia), respectively,” Team Cymru said in a report published this week as part of a joint investigation with
The Hacker News – Read More
Did you get a fake McAfee or Norton invoice? How the scam works (and what not to do)
/in General NewsIf you’ve received emails with invoice PDFs attached for products you didn’t buy, here’s what’s going on and what to do next.
Latest stories for ZDNET in Security – Read More
Geofence Warrants Ruled Unconstitutional—but That’s Not the End of It
/in General NewsPlus: US regulators fine T-Mobile $60 million for mishap with sensitive data, New Zealand approves Kim Dotcom’s US extradition, and San Francisco takes on deepfake porn.
Security Latest – Read More
7-Year-Old Pre-Installed Google Pixel App Flaw Puts Millions at Risk
/in General NewsA critical 7-year-old security flaw in a pre-installed app on millions of Google Pixel devices has been exposed.…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Dozens of Google Products Targeted by Scammers via Malicious Search Ads
/in General NewsScammers have been targeting dozens of Google products through malicious search ads. They impersonated Google’s product line and used Looker Studio to lock up Windows and Mac users’ browsers.
Cyware News – Latest Cyber News – Read More
OpenAI Blocks Iranian Influence Operation Using ChatGPT for U.S. Election Propaganda
/in General NewsOpenAI on Friday said it banned a set of accounts linked to what it said was an Iranian covert influence operation that leveraged ChatGPT to generate content that, among other things, focused on the upcoming U.S. presidential election.
“This week we identified and took down a cluster of ChatGPT accounts that were generating content for a covert Iranian influence operation identified as
The Hacker News – Read More
Server-Side Template Injection: Transforming Web Applications from Assets to Liabilities – Check Point Research
/in General NewsServer-Side Template Injection (SSTI) vulnerabilities are a growing concern in web applications, allowing attackers to inject malicious code into templates and gain control over servers.
Cyware News – Latest Cyber News – Read More
A Deep Dive Into a New ValleyRAT Campaign Targeting Chinese Speakers
/in General NewsThe malware masquerades as legitimate applications like Microsoft Office and creates an empty file to lure users. It also checks for virtual machines and uses sleep obfuscation to evade memory scanners.
Cyware News – Latest Cyber News – Read More
CISA Warns Critical Vulnerabilities in Vonets WiFi Bridge Devices, No Patch Available
/in General NewsThese vulnerabilities could allow attackers to execute arbitrary code, disclose sensitive information, or disrupt device functionality, posing a significant threat to industrial and commercial networks relying on these devices.
Cyware News – Latest Cyber News – Read More