Hackers are targeting older versions of the HTTP File Server from Rejetto to drop malware and cryptocurrency mining software by exploiting a critical vulnerability (CVE-2024-23692) that allows executing arbitrary commands without authentication.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-07-04 14:06:302024-07-04 14:06:30Hackers attack HFS servers to drop malware and Monero miners
The Mekotio banking trojan is a highly sophisticated malware that targets Latin American countries, with a focus on stealing banking credentials. It spreads through phishing emails, tricking users into interacting with malicious links or attachments.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-07-04 13:06:342024-07-04 13:06:34Mekotio Banking Trojan Threatens Financial Systems in Latin America
Canonical has released Ubuntu security updates to address bugs in Ghostscript, a tool used for interpreting PostScript and PDF files. These vulnerabilities could potentially allow attackers to bypass security restrictions or execute malicious code.
Splunk has released security updates to address 16 vulnerabilities in Splunk Enterprise and Cloud Platform. These vulnerabilities include high-severity flaws such as Remote Code Execution (RCE) and Serialized Session Payload exploits.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-07-04 12:07:292024-07-04 12:07:29Splunk fixed tens of flaws in Splunk Enterprise and Cloud Platform
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-07-04 12:07:292024-07-04 12:07:29New Android Spyware Steals Data from Gamers and TikTok Users
Microsoft has revealed two security flaws in Rockwell Automation PanelView Plus that could be weaponized by remote, unauthenticated attackers to execute arbitrary code and trigger a denial-of-service (DoS) condition.
“The [remote code execution] vulnerability in PanelView Plus involves two custom classes that can be abused to upload and load a malicious DLL into the device,” security researcher
OVHcloud successfully mitigated a record-breaking DDoS attack with a packet rate of 840 million packets per second. The attack originated from compromised MikroTik network devices, which were used to generate high packet rates.
The international law enforcement operation, Operation Morpheus, led to the takedown of 593 Cobalt Strike servers used by cybercriminals. This action was a collaborative effort involving multiple countries and private partners.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-07-04 10:07:152024-07-04 10:07:15Operation Morpheus took down 593 Cobalt Strike servers used by threat actors
Over 384,000 websites, including those of major companies and government entities, are still linking to the polyfill[.]io code library that was recently acquired by a Chinese firm and used to perform a supply chain attack.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-07-04 09:06:592024-07-04 09:06:59384,000 sites pull code from sketchy code library recently bought by Chinese firm
BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Hackers attack HFS servers to drop malware and Monero miners
/in General NewsHackers are targeting older versions of the HTTP File Server from Rejetto to drop malware and cryptocurrency mining software by exploiting a critical vulnerability (CVE-2024-23692) that allows executing arbitrary commands without authentication.
Cyware News – Latest Cyber News – Read More
Mekotio Banking Trojan Threatens Financial Systems in Latin America
/in General NewsThe Mekotio banking trojan is a highly sophisticated malware that targets Latin American countries, with a focus on stealing banking credentials. It spreads through phishing emails, tricking users into interacting with malicious links or attachments.
Cyware News – Latest Cyber News – Read More
Software Productivity Tools Hijacked to Deliver Infostealers
/in General NewsInnocuous little Windows programs were carrying cheap malware for weeks, exposing customers of the India-based software vendor to data theft.
darkreading – Read More
Ghostscript Vulnerabilities Patched in Recent Ubuntu Updates
/in General NewsCanonical has released Ubuntu security updates to address bugs in Ghostscript, a tool used for interpreting PostScript and PDF files. These vulnerabilities could potentially allow attackers to bypass security restrictions or execute malicious code.
Cyware News – Latest Cyber News – Read More
Splunk fixed tens of flaws in Splunk Enterprise and Cloud Platform
/in General NewsSplunk has released security updates to address 16 vulnerabilities in Splunk Enterprise and Cloud Platform. These vulnerabilities include high-severity flaws such as Remote Code Execution (RCE) and Serialized Session Payload exploits.
Cyware News – Latest Cyber News – Read More
New Android Spyware Steals Data from Gamers and TikTok Users
/in General NewsTransparent Tribe Expands Android Spyware Arsenal: Gamers, Weapons Fans, and TikTok Users Targeted!
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Microsoft Uncovers Critical Flaws in Rockwell Automation PanelView Plus
/in General NewsMicrosoft has revealed two security flaws in Rockwell Automation PanelView Plus that could be weaponized by remote, unauthenticated attackers to execute arbitrary code and trigger a denial-of-service (DoS) condition.
“The [remote code execution] vulnerability in PanelView Plus involves two custom classes that can be abused to upload and load a malicious DLL into the device,” security researcher
The Hacker News – Read More
OVHcloud blames record-breaking DDoS attack on MikroTik botnet
/in General NewsOVHcloud successfully mitigated a record-breaking DDoS attack with a packet rate of 840 million packets per second. The attack originated from compromised MikroTik network devices, which were used to generate high packet rates.
Cyware News – Latest Cyber News – Read More
Operation Morpheus took down 593 Cobalt Strike servers used by threat actors
/in General NewsThe international law enforcement operation, Operation Morpheus, led to the takedown of 593 Cobalt Strike servers used by cybercriminals. This action was a collaborative effort involving multiple countries and private partners.
Cyware News – Latest Cyber News – Read More
384,000 sites pull code from sketchy code library recently bought by Chinese firm
/in General NewsOver 384,000 websites, including those of major companies and government entities, are still linking to the polyfill[.]io code library that was recently acquired by a Chinese firm and used to perform a supply chain attack.
Cyware News – Latest Cyber News – Read More