The Blue Report 2024 highlights alarming findings, with 40% of environments vulnerable to total takeover, emphasizing the importance of cybersecurity. Prevention effectiveness has improved to 69%, but detection effectiveness has dropped to 12%.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-07-31 11:06:542024-07-31 11:06:54Report: 40% of Environments Exposed to Full Take Over
TrustedSec released a post-exploitation framework called “Specula”, which exploits CVE-2017-11774 to create a custom Outlook Home Page using WebView and execute arbitrary commands on compromised Windows systems.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-07-31 11:06:542024-07-31 11:06:54New Specula Tool Uses Outlook for Remote Code Execution in Windows
Cybercriminals targeted Polish businesses with Agent Tesla and Formbook malware through widespread phishing campaigns in May 2024. Small and medium-sized businesses (SMBs) in Poland, Italy, and Romania have been affected.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-07-31 11:06:532024-07-31 11:06:53Cybercriminals Target Polish Businesses with Agent Tesla and Formbook Malware Delivered by ModiLoader
Initially detected in May 2020 by Bitdefender, Mandrake went undetected for four years. In April 2024, Kaspersky identified a new variant hidden in five Google Play apps from 2022 to 2024.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-07-31 10:06:422024-07-31 10:06:42Mandrake Spyware Infects 32,000 Devices via Google Play Apps
Initially relying on Qakbot botnet infections, UNC4393 now uses custom malware and diverse access techniques after the crackdown on Qakbot. They have quick reconnaissance and encryption objectives, with a median time of 42 hours to ransomware.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-07-31 10:06:422024-07-31 10:06:42Researchers Study Evolution of Ransomware Gang UNC4393’s Campaigns After Qakbot Takedown
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-07-31 10:06:412024-07-31 10:06:41Can ChatGPT-4o Be Trusted With Your Private Data?
Companies in Russia and Moldova have been the target of a phishing campaign orchestrated by a little-known cyber espionage group known as XDSpy.
The findings come from cybersecurity firm F.A.C.C.T., which said the infection chains lead to the deployment of a malware called DSDownloader. The activity was observed this month, it added.
XDSpy is a threat actor of indeterminate origin that was first
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-07-31 10:06:412024-07-31 10:06:41Cyber Espionage Group XDSpy Targets Companies in Russia and Moldova
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-07-31 10:06:412024-07-31 10:06:41Senate Passes Bill to Protect Kids Online and Make Tech Companies Accountable for Harmful Content
BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Microsoft Says Azure Outage Caused by DDoS Attack Response
/in General NewsMicrosoft’s response to a DDoS attack on Azure amplified the impact of the attack instead of mitigating it, causing outages.
The post Microsoft Says Azure Outage Caused by DDoS Attack Response appeared first on SecurityWeek.
SecurityWeek – Read More
Phishing Attack Steals Donations from Trump Voters Using Fake Websites
/in General NewsA phishing campaign targeting Donald Trump’s supporters has been launched involving fake donation websites. The campaign’s origins are…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Report: 40% of Environments Exposed to Full Take Over
/in General NewsThe Blue Report 2024 highlights alarming findings, with 40% of environments vulnerable to total takeover, emphasizing the importance of cybersecurity. Prevention effectiveness has improved to 69%, but detection effectiveness has dropped to 12%.
Cyware News – Latest Cyber News – Read More
New Specula Tool Uses Outlook for Remote Code Execution in Windows
/in General NewsTrustedSec released a post-exploitation framework called “Specula”, which exploits CVE-2017-11774 to create a custom Outlook Home Page using WebView and execute arbitrary commands on compromised Windows systems.
Cyware News – Latest Cyber News – Read More
Cybercriminals Target Polish Businesses with Agent Tesla and Formbook Malware Delivered by ModiLoader
/in General NewsCybercriminals targeted Polish businesses with Agent Tesla and Formbook malware through widespread phishing campaigns in May 2024. Small and medium-sized businesses (SMBs) in Poland, Italy, and Romania have been affected.
Cyware News – Latest Cyber News – Read More
Mandrake Spyware Infects 32,000 Devices via Google Play Apps
/in General NewsInitially detected in May 2020 by Bitdefender, Mandrake went undetected for four years. In April 2024, Kaspersky identified a new variant hidden in five Google Play apps from 2022 to 2024.
Cyware News – Latest Cyber News – Read More
Researchers Study Evolution of Ransomware Gang UNC4393’s Campaigns After Qakbot Takedown
/in General NewsInitially relying on Qakbot botnet infections, UNC4393 now uses custom malware and diverse access techniques after the crackdown on Qakbot. They have quick reconnaissance and encryption objectives, with a median time of 42 hours to ransomware.
Cyware News – Latest Cyber News – Read More
Can ChatGPT-4o Be Trusted With Your Private Data?
/in General NewsOpenAI’s newest model is “a data hoover on steroids,” says one expert—but there are still ways to use it while minimizing risk.
Security Latest – Read More
Cyber Espionage Group XDSpy Targets Companies in Russia and Moldova
/in General NewsCompanies in Russia and Moldova have been the target of a phishing campaign orchestrated by a little-known cyber espionage group known as XDSpy.
The findings come from cybersecurity firm F.A.C.C.T., which said the infection chains lead to the deployment of a malware called DSDownloader. The activity was observed this month, it added.
XDSpy is a threat actor of indeterminate origin that was first
The Hacker News – Read More
Senate Passes Bill to Protect Kids Online and Make Tech Companies Accountable for Harmful Content
/in General NewsThe US Senate has passed a bill to protect kids online and make tech companies accountable for harmful content.
The post Senate Passes Bill to Protect Kids Online and Make Tech Companies Accountable for Harmful Content appeared first on SecurityWeek.
SecurityWeek – Read More