The China-nexus cyber espionage actor linked to the zero-day exploitation of security flaws in Fortinet, Ivanti, and VMware devices has been observed utilizing multiple persistence mechanisms in order to maintain unfettered access to compromised environments.
“Persistence mechanisms encompassed network devices, hypervisors, and virtual machines, ensuring alternative channels remain available
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-06-19 15:09:512024-06-19 15:09:51Broadcom Advises Urgent Patch for Severe VMware vCenter Server Vulnerabilities
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-06-19 14:11:182024-06-19 14:11:18Cybersecurity M&A Roundup for First Half of June 2024
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-06-19 13:07:392024-06-19 13:07:39Perplexity Is a Bullshit Machine
Are your tags really safe with Google Tag Manager? If you’ve been thinking that using GTM means that your tracking tags and pixels are safely managed, then it might be time to think again. In this article we look at how a big-ticket seller that does business on every continent came unstuck when it forgot that you can’t afford to allow tags to go unmanaged or become misconfigured.
Read the
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-06-19 12:07:502024-06-19 12:07:50New Case Study: Unmanaged GTM Tags Become a Security Nightmare
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-06-19 11:08:152024-06-19 11:08:15CISA Informs Organizations of Vulnerability in RAD SecFlow-2 Industrial Switch
Chinese-speaking users are the target of a never-before-seen threat activity cluster codenamed Void Arachne that employs malicious Windows Installer (MSI) files for virtual private networks (VPNs) to deliver a command-and-control (C&C) framework called Winos 4.0.
“The campaign also promotes compromised MSI files embedded with nudifiers and deepfake pornography-generating software, as well as
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-06-19 11:08:152024-06-19 11:08:15Void Arachne Uses Deepfakes and AI to Deliver Malicious VPNs to Chinese Users
A threat actor who goes by alias markopolo has been identified as behind a large-scale cross-platform scam that targets digital currency users on social media with information stealer malware and carries out cryptocurrency theft.
The attack chains involve the use of a purported virtual meeting software named Vortax (and 23 other apps) that are used as a conduit to deliver Rhadamanthys, StealC,
BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Chinese Cyber Espionage Group Exploits Fortinet, Ivanti and VMware Zero-Days
/in General NewsThe China-nexus cyber espionage actor linked to the zero-day exploitation of security flaws in Fortinet, Ivanti, and VMware devices has been observed utilizing multiple persistence mechanisms in order to maintain unfettered access to compromised environments.
“Persistence mechanisms encompassed network devices, hypervisors, and virtual machines, ensuring alternative channels remain available
The Hacker News – Read More
Broadcom Advises Urgent Patch for Severe VMware vCenter Server Vulnerabilities
/in General NewsCritical security vulnerabilities (CVE-2024-37079, CVE-2024-37080, CVE-2024-37081) found in VMware vCenter Server! Patch immediately to safeguard virtual environments from remote code execution & privilege escalation attacks.
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Cybersecurity M&A Roundup for First Half of June 2024
/in General NewsRoundup of the cybersecurity-related merger and acquisition (M&A) deals announced in the first half of June 2024.
The post Cybersecurity M&A Roundup for First Half of June 2024 appeared first on SecurityWeek.
SecurityWeek – Read More
US, Allies Publish Guidance on Securing Network Access
/in General NewsGovernment agencies in the US, New Zealand, and Canada have published new guidance on improving network security.
The post US, Allies Publish Guidance on Securing Network Access appeared first on SecurityWeek.
SecurityWeek – Read More
Amtrak Says Guest Rewards Accounts Hacked in Credential Stuffing Attacks
/in General NewsNational passenger railroad company Amtrak is notifying customers that hackers have breached their Guest Rewards Accounts.
The post Amtrak Says Guest Rewards Accounts Hacked in Credential Stuffing Attacks appeared first on SecurityWeek.
SecurityWeek – Read More
Perplexity Is a Bullshit Machine
/in General NewsA WIRED investigation shows that the AI search startup Perplexity is surreptitiously downloading your data.
Security Latest – Read More
New Case Study: Unmanaged GTM Tags Become a Security Nightmare
/in General NewsAre your tags really safe with Google Tag Manager? If you’ve been thinking that using GTM means that your tracking tags and pixels are safely managed, then it might be time to think again. In this article we look at how a big-ticket seller that does business on every continent came unstuck when it forgot that you can’t afford to allow tags to go unmanaged or become misconfigured.
Read the
The Hacker News – Read More
CISA Informs Organizations of Vulnerability in RAD SecFlow-2 Industrial Switch
/in General NewsCISA has notified RAD after finding a PoC exploit targeting a high-severity vulnerability in an outdated industrial switch.
The post CISA Informs Organizations of Vulnerability in RAD SecFlow-2 Industrial Switch appeared first on SecurityWeek.
SecurityWeek – Read More
Void Arachne Uses Deepfakes and AI to Deliver Malicious VPNs to Chinese Users
/in General NewsChinese-speaking users are the target of a never-before-seen threat activity cluster codenamed Void Arachne that employs malicious Windows Installer (MSI) files for virtual private networks (VPNs) to deliver a command-and-control (C&C) framework called Winos 4.0.
“The campaign also promotes compromised MSI files embedded with nudifiers and deepfake pornography-generating software, as well as
The Hacker News – Read More
Warning: Markopolo’s Scam Targeting Crypto Users via Fake Meeting Software
/in General NewsA threat actor who goes by alias markopolo has been identified as behind a large-scale cross-platform scam that targets digital currency users on social media with information stealer malware and carries out cryptocurrency theft.
The attack chains involve the use of a purported virtual meeting software named Vortax (and 23 other apps) that are used as a conduit to deliver Rhadamanthys, StealC,
The Hacker News – Read More