https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-05 08:06:482024-08-05 08:06:48Ransomware Attack Cost Keytronic Over $17 Million
A high-severity security bypass vulnerability has been disclosed in Rockwell Automation ControlLogix 1756 devices that could be exploited to execute common industrial protocol (CIP) programming and configuration commands.
The flaw, which is assigned the CVE identifier CVE-2024-6242, carries a CVSS v3.1 score of 8.4.
“A vulnerability exists in the affected products that allows a threat actor to
The China-linked threat actor known as Evasive Panda compromised an unnamed internet service provider (ISP) to push malicious software updates to target companies in mid-2023, highlighting a new level of sophistication associated with the group.
Evasive Panda, also known by the names Bronze Highland, Daggerfly, and StormBamboo, is a cyber espionage group that’s been active since at least 2012,
Cybersecurity researchers have discovered a new Android banking trojan called BlankBot targeting Turkish users with an aim to steal financial information.
“BlankBot features a range of malicious capabilities, which include customer injections, keylogging, screen recording and it communicates with a control server over a WebSocket connection,” Intel 471 said in an analysis published last week.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-03 16:06:552024-08-03 16:06:55CISA Names Lisa Einstein as First Chief AI Officer
The U.S. Department of Justice (DoJ), along with the Federal Trade Commission (FTC), filed a lawsuit against popular video-sharing platform TikTok for “flagrantly violating” children’s privacy laws in the country.
The agencies claimed the company knowingly permitted children to create TikTok accounts and to view and share short-form videos and messages with adults and others on the service.
They
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-03 11:06:442024-08-03 11:06:44DOJ and FTC Sue TikTok for Violating Children’s Privacy Laws
Plus: Meta pays $1.4 million in a historic privacy settlement, Microsoft blames a cyberattack for a major Azure outage, and an artist creates a face recognition system to reveal your NYPD “coppelganger.”
Cybersecurity researchers have disclosed details of a new distributed denial-of-service (DDoS) attack campaign targeting misconfigured Jupyter Notebooks.
The activity, codenamed Panamorfi by cloud security firm Aqua, utilizes a Java-based tool called mineping to launch a TCP flood DDoS attack. Mineping is a DDoS package designed for Minecraft game servers.
Attack chains entail the exploitation
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-02 23:06:552024-08-02 23:06:55Millions of US Voter Data Exposed in 13 Misconfigured Databases
BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Ransomware Attack Cost Keytronic Over $17 Million
/in General NewsKeytronic says the recent ransomware attack resulted in expenses and lost revenue totaling more than $17 million.
The post Ransomware Attack Cost Keytronic Over $17 Million appeared first on SecurityWeek.
SecurityWeek – Read More
Critical Flaw in Rockwell Automation Devices Allows Unauthorized Access
/in General NewsA high-severity security bypass vulnerability has been disclosed in Rockwell Automation ControlLogix 1756 devices that could be exploited to execute common industrial protocol (CIP) programming and configuration commands.
The flaw, which is assigned the CVE identifier CVE-2024-6242, carries a CVSS v3.1 score of 8.4.
“A vulnerability exists in the affected products that allows a threat actor to
The Hacker News – Read More
China-Linked Hackers Compromise ISP to Deploy Malicious Software Updates
/in General NewsThe China-linked threat actor known as Evasive Panda compromised an unnamed internet service provider (ISP) to push malicious software updates to target companies in mid-2023, highlighting a new level of sophistication associated with the group.
Evasive Panda, also known by the names Bronze Highland, Daggerfly, and StormBamboo, is a cyber espionage group that’s been active since at least 2012,
The Hacker News – Read More
New Android Trojan “BlankBot” Targets Turkish Users’ Financial Data
/in General NewsCybersecurity researchers have discovered a new Android banking trojan called BlankBot targeting Turkish users with an aim to steal financial information.
“BlankBot features a range of malicious capabilities, which include customer injections, keylogging, screen recording and it communicates with a control server over a WebSocket connection,” Intel 471 said in an analysis published last week.
The Hacker News – Read More
CISA Names Lisa Einstein as First Chief AI Officer
/in General NewsEinstein has led CISA’s AI efforts since 2023 as CISA’s Senior Advisor for AI.
The post CISA Names Lisa Einstein as First Chief AI Officer appeared first on SecurityWeek.
SecurityWeek – Read More
DOJ and FTC Sue TikTok for Violating Children’s Privacy Laws
/in General NewsThe U.S. Department of Justice (DoJ), along with the Federal Trade Commission (FTC), filed a lawsuit against popular video-sharing platform TikTok for “flagrantly violating” children’s privacy laws in the country.
The agencies claimed the company knowingly permitted children to create TikTok accounts and to view and share short-form videos and messages with adults and others on the service.
They
The Hacker News – Read More
US Hands Over Russian Cybercriminals in WSJ Reporter Prisoner Swap
/in General NewsPlus: Meta pays $1.4 million in a historic privacy settlement, Microsoft blames a cyberattack for a major Azure outage, and an artist creates a face recognition system to reveal your NYPD “coppelganger.”
Security Latest – Read More
UK Shuts Down ‘Russian Coms’ Fraud Platform Defrauding Millions
/in General NewsThe UK’s National Crime Agency has dismantled Russian Coms, a major fraud platform responsible for global financial losses.…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Hackers Exploit Misconfigured Jupyter Notebooks with Repurposed Minecraft DDoS Tool
/in General NewsCybersecurity researchers have disclosed details of a new distributed denial-of-service (DDoS) attack campaign targeting misconfigured Jupyter Notebooks.
The activity, codenamed Panamorfi by cloud security firm Aqua, utilizes a Java-based tool called mineping to launch a TCP flood DDoS attack. Mineping is a DDoS package designed for Minecraft game servers.
Attack chains entail the exploitation
The Hacker News – Read More
Millions of US Voter Data Exposed in 13 Misconfigured Databases
/in General NewsCybersecurity researcher finds 4.6M Illinois voter records exposed in unsecured databases. Sensitive data including names, addresses, and SSNs…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More