https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-06-29 16:07:322024-06-29 16:07:32Mirai-like Botnet Targets Zyxel NAS Devices in Europe for DDoS Attacks
Google has announced that it’s going to start blocking websites that use certificates from Entrust starting around November 1, 2024, in its Chrome browser, citing compliance failures and the certificate authority’s inability to address security issues in a timely manner.
“Over the past several years, publicly disclosed incident reports highlighted a pattern of concerning behaviors by Entrust
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-06-29 16:07:322024-06-29 16:07:32Google to Block Entrust Certificates in Chrome Starting November 2024
Police forces from 61 countries have collaborated in Operation First Light 2024, led by Interpol, resulting in the arrest of 3,950 suspects and the identification of 14,643 more.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-06-29 07:06:382024-06-29 07:06:38Operation First Light Seizes $257m in Global Scam Bust
A critical vulnerability has been discovered in certain versions of GitLab Community and Enterprise Edition products. This vulnerability allows an attacker to run pipelines as any user.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-06-29 06:06:332024-06-29 06:06:33Critical GitLab Bug Lets Attackers Run Pipelines as Any User
A sophisticated multi-stage malware campaign by the threat actor “Water Sigbin” (also known as the 8220 Gang) exploits Oracle WebLogic vulnerabilities to deliver a cryptocurrency miner called XMRig.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-06-29 06:06:332024-06-29 06:06:33Examining Water Sigbin’s Infection Routine Leading to an XMRig Cryptominer
MerkSpy is designed to covertly monitor user activities, capture sensitive information like keystrokes and Chrome login credentials, and exfiltrate the data to the attacker’s server.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-06-29 05:08:112024-06-29 05:08:11MerkSpy: Exploiting CVE-2021-40444 to Infiltrate Systems
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-06-28 22:06:432024-06-28 22:06:43Cybersecurity Veteran Kevin Mandia Named General Partner of Ballistic Ventures
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-06-28 22:06:422024-06-28 22:06:42The Mount Kisco Surgery Center LLC d/b/a The Ambulatory Surgery Center of Westchester – Notice of Data Security Incident
Despite warnings from Health-ISAC and the NCC Group, the remote access software maker says defense-in-depth kept customers’ data safe from Midnight Blizzard.
BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Mirai-like Botnet Targets Zyxel NAS Devices in Europe for DDoS Attacks
/in General NewsBeware, Zyxel customers, and keep your devices up to date.
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Google to Block Entrust Certificates in Chrome Starting November 2024
/in General NewsGoogle has announced that it’s going to start blocking websites that use certificates from Entrust starting around November 1, 2024, in its Chrome browser, citing compliance failures and the certificate authority’s inability to address security issues in a timely manner.
“Over the past several years, publicly disclosed incident reports highlighted a pattern of concerning behaviors by Entrust
The Hacker News – Read More
Operation First Light Seizes $257m in Global Scam Bust
/in General NewsPolice forces from 61 countries have collaborated in Operation First Light 2024, led by Interpol, resulting in the arrest of 3,950 suspects and the identification of 14,643 more.
Cyware News – Latest Cyber News – Read More
Critical GitLab Bug Lets Attackers Run Pipelines as Any User
/in General NewsA critical vulnerability has been discovered in certain versions of GitLab Community and Enterprise Edition products. This vulnerability allows an attacker to run pipelines as any user.
Cyware News – Latest Cyber News – Read More
Examining Water Sigbin’s Infection Routine Leading to an XMRig Cryptominer
/in General NewsA sophisticated multi-stage malware campaign by the threat actor “Water Sigbin” (also known as the 8220 Gang) exploits Oracle WebLogic vulnerabilities to deliver a cryptocurrency miner called XMRig.
Cyware News – Latest Cyber News – Read More
MerkSpy: Exploiting CVE-2021-40444 to Infiltrate Systems
/in General NewsMerkSpy is designed to covertly monitor user activities, capture sensitive information like keystrokes and Chrome login credentials, and exfiltrate the data to the attacker’s server.
Cyware News – Latest Cyber News – Read More
Cybersecurity Veteran Kevin Mandia Named General Partner of Ballistic Ventures
/in General NewsPost Content
darkreading – Read More
Landmark Admin, LLC Provides Notice of Data Privacy Incident
/in General NewsPost Content
darkreading – Read More
The Mount Kisco Surgery Center LLC d/b/a The Ambulatory Surgery Center of Westchester – Notice of Data Security Incident
/in General NewsPost Content
darkreading – Read More
TeamViewer Credits Network Segmentation for Rebuffing APT29 Attack
/in General NewsDespite warnings from Health-ISAC and the NCC Group, the remote access software maker says defense-in-depth kept customers’ data safe from Midnight Blizzard.
darkreading – Read More