The initiative, called Secure by Design, was introduced by the Cybersecurity and Infrastructure Security Agency at the RSA Conference, with an initial 70 firms committing to improving security features.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-12 10:07:112024-08-12 10:07:11Nearly 200 Firms Have Signed Pledge to Build More Secure Software, Top Cyber Official Says
A global deal on the criminal use of computer technology is moving ahead despite worries it will let governments around the world violate human rights.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-12 10:07:112024-08-12 10:07:11The UN Is Moving to Fight Cybercrime but Privacy Groups Say Human Rights Will Be Violated
Gaining visibility in OT networks is challenging due to differences in communication protocols between IT and OT systems. Building trust between OT and IT teams is essential, as their priorities often conflict.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-12 10:07:102024-08-12 10:07:10How Network Segmentation can Strengthen Visibility in OT Networks
The phishing site tricks users into downloading a malicious file disguised as Google Authenticator, which then drops the two malware components. The ACR Stealer exfiltrates data to a C&C server, while Latrodectus maintains persistence on the machine.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-12 10:07:102024-08-12 10:07:10Latrodectus and ACR Stealer Observed Spreading via Google Authenticator Phishing Site
he vulnerability, tracked as CVE-2024-20419, allows unauthenticated attackers to change any user’s password remotely. To secure vulnerable Cisco Smart Software Manager On-Prem servers, admins must upgrade to a fixed release.
A comprehensive analysis of data theft incidents investigated by ReliaQuest from September 2023 to July 2024 revealed that Rclone, WinSCP, and cURL are among the most prevalent exfiltration tools used by threat actors.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-12 09:06:452024-08-12 09:06:45Analysis of Data Exfiltration Tools Used by Threat Actors
Researchers discovered that a solar grid responsible for 20% of the world’s solar power output, enough to power the entire United States, is at risk of being hijacked due to vulnerabilities in PV plant management platforms.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-12 09:06:452024-08-12 09:06:45Vulnerabilities in Solar Power Management Platform can Lead to Blackouts
The malware attack flow involves luring users with fake websites imitating popular downloads, then executing PowerShell scripts to download and install malicious extensions that steal private data and control browser settings.
Security vulnerabilities have been disclosed in the industrial remote access solution Ewon Cosy+ that could be abused to gain root privileges to the devices and stage follow-on attacks.
The elevated access could then be weaponized to decrypt encrypted firmware files and encrypted data such as passwords in configuration files, and even get correctly signed X.509 VPN certificates for foreign
Recent findings indicate that the 7777 botnet (aka Quad7) has likely expanded, adding new bots with open port 63256, primarily including Asus routers. As of August 5, 2024, the total number of active bots stood at 12,783.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-12 08:06:352024-08-12 08:06:35Botnet 7777: Are You Betting on a Compromised Router?
BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Nearly 200 Firms Have Signed Pledge to Build More Secure Software, Top Cyber Official Says
/in General NewsThe initiative, called Secure by Design, was introduced by the Cybersecurity and Infrastructure Security Agency at the RSA Conference, with an initial 70 firms committing to improving security features.
Cyware News – Latest Cyber News – Read More
The UN Is Moving to Fight Cybercrime but Privacy Groups Say Human Rights Will Be Violated
/in General NewsA global deal on the criminal use of computer technology is moving ahead despite worries it will let governments around the world violate human rights.
The post The UN Is Moving to Fight Cybercrime but Privacy Groups Say Human Rights Will Be Violated appeared first on SecurityWeek.
SecurityWeek – Read More
How Network Segmentation can Strengthen Visibility in OT Networks
/in General NewsGaining visibility in OT networks is challenging due to differences in communication protocols between IT and OT systems. Building trust between OT and IT teams is essential, as their priorities often conflict.
Cyware News – Latest Cyber News – Read More
Latrodectus and ACR Stealer Observed Spreading via Google Authenticator Phishing Site
/in General NewsThe phishing site tricks users into downloading a malicious file disguised as Google Authenticator, which then drops the two malware components. The ACR Stealer exfiltrates data to a C&C server, while Latrodectus maintains persistence on the machine.
Cyware News – Latest Cyber News – Read More
Update: Exploit Released for Cisco SSM Bug Allowing Admin Password Changes
/in General Newshe vulnerability, tracked as CVE-2024-20419, allows unauthenticated attackers to change any user’s password remotely. To secure vulnerable Cisco Smart Software Manager On-Prem servers, admins must upgrade to a fixed release.
Cyware News – Latest Cyber News – Read More
Analysis of Data Exfiltration Tools Used by Threat Actors
/in General NewsA comprehensive analysis of data theft incidents investigated by ReliaQuest from September 2023 to July 2024 revealed that Rclone, WinSCP, and cURL are among the most prevalent exfiltration tools used by threat actors.
Cyware News – Latest Cyber News – Read More
Vulnerabilities in Solar Power Management Platform can Lead to Blackouts
/in General NewsResearchers discovered that a solar grid responsible for 20% of the world’s solar power output, enough to power the entire United States, is at risk of being hijacked due to vulnerabilities in PV plant management platforms.
Cyware News – Latest Cyber News – Read More
New Widespread Extension Trojan Malware Campaign
/in General NewsThe malware attack flow involves luring users with fake websites imitating popular downloads, then executing PowerShell scripts to download and install malicious extensions that steal private data and control browser settings.
Cyware News – Latest Cyber News – Read More
Industrial Remote Access Tool Ewon Cosy+ Vulnerable to Root Access Attacks
/in General NewsSecurity vulnerabilities have been disclosed in the industrial remote access solution Ewon Cosy+ that could be abused to gain root privileges to the devices and stage follow-on attacks.
The elevated access could then be weaponized to decrypt encrypted firmware files and encrypted data such as passwords in configuration files, and even get correctly signed X.509 VPN certificates for foreign
The Hacker News – Read More
Botnet 7777: Are You Betting on a Compromised Router?
/in General NewsRecent findings indicate that the 7777 botnet (aka Quad7) has likely expanded, adding new bots with open port 63256, primarily including Asus routers. As of August 5, 2024, the total number of active bots stood at 12,783.
Cyware News – Latest Cyber News – Read More