Allan “dwangoAC” has made it his mission to expose speedrunning phonies. At the Defcon hacker conference, he’ll challenge one record that’s stood for 15 years.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-10 22:06:482024-08-10 22:06:48The Hacker Who Hunts Video Game Speedrunning Cheaters
On the hunt for corporate devices being sold secondhand, a researcher found a trove of Apple corporate data, a Mac Mini from the Foxconn assembly line, an iPhone 14 prototype, and more.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-10 20:06:382024-08-10 20:06:38Apple Prototypes and Corporate Secrets Are for Sale Online—If You Know Where to Look
As many as 10 security flaws have been uncovered in Google’s Quick Share data transfer utility for Android and Windows that could be assembled to trigger remote code execution (RCE) chain on systems that have the software installed.
“The Quick Share application implements its own specific application-layer communication protocol to support file transfers between nearby, compatible devices,”
An ongoing, widespread malware campaign has been observed installing rogue Google Chrome and Microsoft Edge extensions via a trojan distributed via fake websites masquerading as popular software.
“The trojan malware contains different deliverables ranging from simple adware extensions that hijack searches to more sophisticated malicious scripts that deliver local extensions to steal private data
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-10 12:07:052024-08-10 12:07:05Russian Midnight Blizzard Breached UK Home Office via Microsoft
Cisco has issued a warning about critical remote code execution zero-days affecting the web-based management interface of the Small Business SPA 300 and SPA 500 series IP phones, which are no longer supported.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-10 09:06:382024-08-10 09:06:38Cisco Warns of Critical RCE Zero-Days in End of Life IP Phones
Cybersecurity analysts have uncovered critical details about the North Korean advanced persistent threat (APT) group Kimsuky, which has been targeting universities as part of its global espionage operations.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-10 08:06:392024-08-10 08:06:39North Korea Kimsuky Launch Phishing Attacks on Universities
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has advised organizations to disable the legacy Cisco Smart Install (SMI) feature due to recent attacks exploiting it.
Russian spies hacked UK government systems earlier this year, stealing data and emails in a nation-state attack. The breach targeted the Home Office’s systems, which had not been previously reported.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-10 07:06:342024-08-10 07:06:34Russian Spies Hacked UK Government Systems Earlier This Year, Stole Data and Emails
Microsoft has disclosed an unpatched zero-day in Office that, if successfully exploited, could result in unauthorized disclosure of sensitive information to malicious actors.
The vulnerability, tracked as CVE-2024-38200 (CVSS score: 7.5), has been described as a spoofing flaw that affects the following versions of Office –
Microsoft Office 2016 for 32-bit edition and 64-bit editions
Microsoft
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-10 06:06:532024-08-10 06:06:53Microsoft Warns of Unpatched Office Vulnerability Leading to Data Breaches
BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
The Hacker Who Hunts Video Game Speedrunning Cheaters
/in General NewsAllan “dwangoAC” has made it his mission to expose speedrunning phonies. At the Defcon hacker conference, he’ll challenge one record that’s stood for 15 years.
Security Latest – Read More
Apple Prototypes and Corporate Secrets Are for Sale Online—If You Know Where to Look
/in General NewsOn the hunt for corporate devices being sold secondhand, a researcher found a trove of Apple corporate data, a Mac Mini from the Foxconn assembly line, an iPhone 14 prototype, and more.
Security Latest – Read More
Researchers Uncover 10 Flaws in Google’s File Transfer Tool Quick Share
/in General NewsAs many as 10 security flaws have been uncovered in Google’s Quick Share data transfer utility for Android and Windows that could be assembled to trigger remote code execution (RCE) chain on systems that have the software installed.
“The Quick Share application implements its own specific application-layer communication protocol to support file transfers between nearby, compatible devices,”
The Hacker News – Read More
New Malware Hits 300,000 Users with Rogue Chrome and Edge Extensions
/in General NewsAn ongoing, widespread malware campaign has been observed installing rogue Google Chrome and Microsoft Edge extensions via a trojan distributed via fake websites masquerading as popular software.
“The trojan malware contains different deliverables ranging from simple adware extensions that hijack searches to more sophisticated malicious scripts that deliver local extensions to steal private data
The Hacker News – Read More
Russian Midnight Blizzard Breached UK Home Office via Microsoft
/in General NewsRussian hacking group Midnight Blizzard breached the UK Home Office, stealing sensitive data. Learn how they exploited supply…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Cisco Warns of Critical RCE Zero-Days in End of Life IP Phones
/in General NewsCisco has issued a warning about critical remote code execution zero-days affecting the web-based management interface of the Small Business SPA 300 and SPA 500 series IP phones, which are no longer supported.
Cyware News – Latest Cyber News – Read More
North Korea Kimsuky Launch Phishing Attacks on Universities
/in General NewsCybersecurity analysts have uncovered critical details about the North Korean advanced persistent threat (APT) group Kimsuky, which has been targeting universities as part of its global espionage operations.
Cyware News – Latest Cyber News – Read More
CISA Warns of Hackers Abusing Cisco Smart Install Feature
/in General NewsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has advised organizations to disable the legacy Cisco Smart Install (SMI) feature due to recent attacks exploiting it.
Cyware News – Latest Cyber News – Read More
Russian Spies Hacked UK Government Systems Earlier This Year, Stole Data and Emails
/in General NewsRussian spies hacked UK government systems earlier this year, stealing data and emails in a nation-state attack. The breach targeted the Home Office’s systems, which had not been previously reported.
Cyware News – Latest Cyber News – Read More
Microsoft Warns of Unpatched Office Vulnerability Leading to Data Breaches
/in General NewsMicrosoft has disclosed an unpatched zero-day in Office that, if successfully exploited, could result in unauthorized disclosure of sensitive information to malicious actors.
The vulnerability, tracked as CVE-2024-38200 (CVSS score: 7.5), has been described as a spoofing flaw that affects the following versions of Office –
Microsoft Office 2016 for 32-bit edition and 64-bit editions
Microsoft
The Hacker News – Read More