https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-06-12 14:07:442024-06-12 14:07:44Microsoft Patches Zero-Click Outlook Vulnerability That Could Soon Be Exploited
Cybersecurity researchers have warned of an ongoing cryptojacking campaign targeting misconfigured Kubernetes clusters to mine Dero cryptocurrency.
Cloud security firm Wiz, which shed light on the activity, said it’s an updated variant of a financially motivated operation that was first documented by CrowdStrike in March 2023.
“In this incident, the threat actor abused anonymous access to an
Verizon’s exec leading AI for network enablement, Michael Raj, said that the field of AI auditing is still in its early stages and that companies need to accelerate their efforts. The steady drumbeat of big mistakes by customer support AI agents, for example from big names like Chevy, Air Canada, and even New York City, or even by leading LLM providers like Google, which featured black Nazis, has brought a renewed focus on the need for more reliability.Read More
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-06-12 13:07:532024-06-12 13:07:53Ransomware Group May Have Exploited Windows Vulnerability as Zero-Day
Last week, the notorious hacker gang, ShinyHunters, sent shockwaves across the globe by allegedly plundering 1.3 terabytes of data from 560 million Ticketmaster users. This colossal breach, with a price tag of $500,000, could expose the personal information of a massive swath of the live event company’s clientele, igniting a firestorm of concern and outrage.
A massive data breach
Let’s
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-06-12 12:07:422024-06-12 12:07:42Lessons from the Ticketmaster-Snowflake Breach
Threat actors linked to the Black Basta ransomware may have exploited a recently disclosed privilege escalation flaw in the Microsoft Windows Error Reporting Service as zero-day, according to new findings from Symantec.
The security flaw in question is CVE-2024-26169 (CVSS score: 7.8), an elevation of privilege bug in the Windows Error Reporting Service that could be exploited to achieve SYSTEM
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-06-12 12:07:422024-06-12 12:07:42Black Basta Ransomware May Have Exploited MS Windows Zero-Day Flaw
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-06-12 12:07:412024-06-12 12:07:41Data Security Firm Cyberhaven Raises $88 Million at $488 Million Valuation
Cybersecurity firm Recorded Future counted 44 health-care-related incidents in the month after Change Healthcare’s payment came to light—the most it’s ever seen in a single month.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-06-12 11:09:032024-06-12 11:09:03Medical-Targeted Ransomware Is Breaking Records After Change Healthcare’s $22M Payout
BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Microsoft Patches Zero-Click Outlook Vulnerability That Could Soon Be Exploited
/in General NewsMicrosoft’s June 2024 Patch Tuesday updates resolve a zero-click Outlook vulnerability leading to remote code execution.
The post Microsoft Patches Zero-Click Outlook Vulnerability That Could Soon Be Exploited appeared first on SecurityWeek.
SecurityWeek – Read More
Why CIO & CISO Collaboration Is Key to Organizational Resilience
/in General NewsAlignment between these domains is quickly becoming a strategic imperative.
darkreading – Read More
Cryptojacking Campaign Targets Misconfigured Kubernetes Clusters
/in General NewsCybersecurity researchers have warned of an ongoing cryptojacking campaign targeting misconfigured Kubernetes clusters to mine Dero cryptocurrency.
Cloud security firm Wiz, which shed light on the activity, said it’s an updated variant of a financially motivated operation that was first documented by CrowdStrike in March 2023.
“In this incident, the threat actor abused anonymous access to an
The Hacker News – Read More
Verizon exec reveals responsible AI strategy amid ‘Wild West’ landscape
/in General NewsVerizon’s exec leading AI for network enablement, Michael Raj, said that the field of AI auditing is still in its early stages and that companies need to accelerate their efforts. The steady drumbeat of big mistakes by customer support AI agents, for example from big names like Chevy, Air Canada, and even New York City, or even by leading LLM providers like Google, which featured black Nazis, has brought a renewed focus on the need for more reliability.Read More
Security News | VentureBeat – Read More
Fortinet Patches Code Execution Vulnerability in FortiOS
/in General NewsFortinet has patched multiple vulnerabilities in FortiOS, including a high-severity code execution security flaw.
The post Fortinet Patches Code Execution Vulnerability in FortiOS appeared first on SecurityWeek.
SecurityWeek – Read More
Ransomware Group May Have Exploited Windows Vulnerability as Zero-Day
/in General NewsThe Black Basta ransomware gang may have exploited the Windows privilege escalation flaw CVE-2024-26169 before it was patched.
The post Ransomware Group May Have Exploited Windows Vulnerability as Zero-Day appeared first on SecurityWeek.
SecurityWeek – Read More
Lessons from the Ticketmaster-Snowflake Breach
/in General NewsLast week, the notorious hacker gang, ShinyHunters, sent shockwaves across the globe by allegedly plundering 1.3 terabytes of data from 560 million Ticketmaster users. This colossal breach, with a price tag of $500,000, could expose the personal information of a massive swath of the live event company’s clientele, igniting a firestorm of concern and outrage.
A massive data breach
Let’s
The Hacker News – Read More
Black Basta Ransomware May Have Exploited MS Windows Zero-Day Flaw
/in General NewsThreat actors linked to the Black Basta ransomware may have exploited a recently disclosed privilege escalation flaw in the Microsoft Windows Error Reporting Service as zero-day, according to new findings from Symantec.
The security flaw in question is CVE-2024-26169 (CVSS score: 7.8), an elevation of privilege bug in the Windows Error Reporting Service that could be exploited to achieve SYSTEM
The Hacker News – Read More
Data Security Firm Cyberhaven Raises $88 Million at $488 Million Valuation
/in General NewsData security company Cyberhaven has raised $88 million in a Series C funding round that brings the total to $136 million.
The post Data Security Firm Cyberhaven Raises $88 Million at $488 Million Valuation appeared first on SecurityWeek.
SecurityWeek – Read More
Medical-Targeted Ransomware Is Breaking Records After Change Healthcare’s $22M Payout
/in General NewsCybersecurity firm Recorded Future counted 44 health-care-related incidents in the month after Change Healthcare’s payment came to light—the most it’s ever seen in a single month.
Security Latest – Read More