According to many reports, this is part of a campaign targeted at current and former mobile carrier workers who could have access to the systems required to perform a SIM swap.
Cybersecurity researchers have discovered a new campaign that’s exploiting a recently disclosed security flaw in Fortinet FortiClient EMS devices to deliver ScreenConnect and Metasploit Powerfun payloads.
The activity entails the exploitation of CVE-2023-48788 (CVSS score: 9.3), a critical SQL injection flaw that could permit an unauthenticated attacker to execute unauthorized code or
Recently, the Debian security team fixed several issues in GTKWave, an open-source waveform viewer for VCD files. These vulnerabilities, if exploited, could result in the execution of arbitrary code, posing a significant risk to users.
Threat actors are exploiting unpatched Atlassian servers to deploy a Linux variant of Cerber (aka C3RB3R) ransomware.
The attacks leverage CVE-2023-22518 (CVSS score: 9.1), a critical security vulnerability impacting the Atlassian Confluence Data Center and Server that allows an unauthenticated attacker to reset Confluence and create an administrator account.
Armed with this access, a
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-04-17 11:07:112024-04-17 11:07:11Critical Atlassian Flaw Exploited to Deploy Linux Variant of Cerber Ransomware
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-04-17 11:07:112024-04-17 11:07:11Oracle Patches 230 Vulnerabilities With April 2024 CPU
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-04-17 10:10:162024-04-17 10:10:16Exploitation of Palo Alto Firewall Vulnerability Picking Up After PoC Release
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-04-17 10:10:162024-04-17 10:10:16Cyberattacks Surge 325% in Philippines Amid South China Sea Standoff
Researchers at watchTowr Labs have released a technical analysis of the vulnerability CVE-2024-3400 in Palo Alto Networks’ PAN-OS and a proof-of-concept exploit that can be used to execute shell commands on vulnerable firewalls.
Recently, FortiGuard Labs observed multiple attacks focusing on this year-old vulnerability, spotlighting botnets like Moobot, Miori, the Golang-based agent “AGoent,” and the Gafgyt Variant.
Cyber Army of Russia Reborn, a group with ties to the Kremlin’s Sandworm unit, is crossing lines even that notorious cyberwarfare unit wouldn’t dare to.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-04-17 10:10:152024-04-17 10:10:15Hackers Linked to Russia’s Military Claim Credit for Sabotaging US Water Utilities
BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
T-Mobile, Verizon Workers Get Texts Offering $300 for SIM Swaps
/in General NewsAccording to many reports, this is part of a campaign targeted at current and former mobile carrier workers who could have access to the systems required to perform a SIM swap.
Cyware News – Latest Cyber News – Read More
Hackers Exploit Fortinet Flaw, Deploy ScreenConnect, Metasploit in New Campaign
/in General NewsCybersecurity researchers have discovered a new campaign that’s exploiting a recently disclosed security flaw in Fortinet FortiClient EMS devices to deliver ScreenConnect and Metasploit Powerfun payloads.
The activity entails the exploitation of CVE-2023-48788 (CVSS score: 9.3), a critical SQL injection flaw that could permit an unauthenticated attacker to execute unauthorized code or
The Hacker News – Read More
Several GTKWave Vulnerabilities Fixed in Debian
/in General NewsRecently, the Debian security team fixed several issues in GTKWave, an open-source waveform viewer for VCD files. These vulnerabilities, if exploited, could result in the execution of arbitrary code, posing a significant risk to users.
Cyware News – Latest Cyber News – Read More
Critical Atlassian Flaw Exploited to Deploy Linux Variant of Cerber Ransomware
/in General NewsThreat actors are exploiting unpatched Atlassian servers to deploy a Linux variant of Cerber (aka C3RB3R) ransomware.
The attacks leverage CVE-2023-22518 (CVSS score: 9.1), a critical security vulnerability impacting the Atlassian Confluence Data Center and Server that allows an unauthenticated attacker to reset Confluence and create an administrator account.
Armed with this access, a
The Hacker News – Read More
Oracle Patches 230 Vulnerabilities With April 2024 CPU
/in General NewsOracle releases 441 new security patches to address 230 vulnerabilities as part of its April 2024 Critical Patch Update.
The post Oracle Patches 230 Vulnerabilities With April 2024 CPU appeared first on SecurityWeek.
SecurityWeek – Read More
Exploitation of Palo Alto Firewall Vulnerability Picking Up After PoC Release
/in General NewsPalo Alto Networks firewall vulnerability CVE-2024-3400 increasingly exploited after PoC code has been released.
The post Exploitation of Palo Alto Firewall Vulnerability Picking Up After PoC Release appeared first on SecurityWeek.
SecurityWeek – Read More
Cyberattacks Surge 325% in Philippines Amid South China Sea Standoff
/in General NewsBy Deeba Ahmed
The Philippines finds itself under an online siege as tensions escalate in the South China Sea (SCS) with China, claims cybersecurity firm Resecurity.
This is a post from HackRead.com Read the original post: Cyberattacks Surge 325% in Philippines Amid South China Sea Standoff
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Update: Researchers Released Exploit Code for Actively Exploited Palo Alto Networks PAN-OS Bug
/in General NewsResearchers at watchTowr Labs have released a technical analysis of the vulnerability CVE-2024-3400 in Palo Alto Networks’ PAN-OS and a proof-of-concept exploit that can be used to execute shell commands on vulnerable firewalls.
Cyware News – Latest Cyber News – Read More
Botnets Continue Exploiting CVE-2023-1389 for Wide-Scale Spread
/in General NewsRecently, FortiGuard Labs observed multiple attacks focusing on this year-old vulnerability, spotlighting botnets like Moobot, Miori, the Golang-based agent “AGoent,” and the Gafgyt Variant.
Cyware News – Latest Cyber News – Read More
Hackers Linked to Russia’s Military Claim Credit for Sabotaging US Water Utilities
/in General NewsCyber Army of Russia Reborn, a group with ties to the Kremlin’s Sandworm unit, is crossing lines even that notorious cyberwarfare unit wouldn’t dare to.
Security Latest – Read More