https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-04-24 10:06:312024-04-24 10:06:31ShotSpotter Keeps Listening for Gunfire After Contracts Expire
The DIB Vulnerability Disclosure Program (DIB-VDP), a joint venture between the DoD Cyber Crime Center (DC3), the Defense Counterintelligence and Security Agency (DCSA), and HackerOne, will bring better vulnerability disclosure practices to the DIB.
A new malware campaign has been exploiting the updating mechanism of the eScan antivirus software to distribute backdoors and cryptocurrency miners like XMRig through a long-standing threat codenamed GuptiMiner targeting large corporate networks.
Cybersecurity firm Avast said the activity is the work of a threat actor with possible connections to a North Korean hacking group dubbed
Academics at a U.S. university found that if you feed a GPT-4 artificial intelligence agent public security advisories, it can exploit unpatched “real-world” vulnerabilities without precise technical information.
A new ongoing malware campaign has been observed distributing three different stealers, such as CryptBot, LummaC2, and Rhadamanthys hosted on Content Delivery Network (CDN) cache domains since at least February 2024.
Cisco Talos has attributed the activity with moderate confidence to a threat actor tracked as CoralRaider, a suspected Vietnamese-origin
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-04-23 21:06:432024-04-23 21:06:43CompTIA Supports Department of Defense Efforts to Strengthen Cyber Knowledge and Skills
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-04-23 21:06:432024-04-23 21:06:435 Hard Truths About the State of Cloud Security 2024
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-04-23 21:06:432024-04-23 21:06:43Siemens Working on Fix for Device Affected by Palo Alto Firewall Bug
A notorious Russian APT group has been stealing credentials for years by exploiting a Windows Print Spooler bug and using a novel post-compromise tool known as “GooseEgg,” Microsoft has revealed.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-04-23 19:09:292024-04-23 19:09:29Russian APT28 Group in New “GooseEgg” Hacking Campaign
BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
ShotSpotter Keeps Listening for Gunfire After Contracts Expire
/in General NewsInternal emails suggest that the company continued to provide gunshot data to police in cities where its contracts had been canceled.
Security Latest – Read More
Pentagon Launches DIB Vulnerability Disclosure Program
/in General NewsThe DIB Vulnerability Disclosure Program (DIB-VDP), a joint venture between the DoD Cyber Crime Center (DC3), the Defense Counterintelligence and Security Agency (DCSA), and HackerOne, will bring better vulnerability disclosure practices to the DIB.
Cyware News – Latest Cyber News – Read More
eScan Antivirus Update Mechanism Exploited to Spread Backdoors and Miners
/in General NewsA new malware campaign has been exploiting the updating mechanism of the eScan antivirus software to distribute backdoors and cryptocurrency miners like XMRig through a long-standing threat codenamed GuptiMiner targeting large corporate networks.
Cybersecurity firm Avast said the activity is the work of a threat actor with possible connections to a North Korean hacking group dubbed
The Hacker News – Read More
Study: GPT-4 Agent can Exploit Unpatched Vulnerabilities
/in General NewsAcademics at a U.S. university found that if you feed a GPT-4 artificial intelligence agent public security advisories, it can exploit unpatched “real-world” vulnerabilities without precise technical information.
Cyware News – Latest Cyber News – Read More
CoralRaider Malware Campaign Exploits CDN Cache to Spread Info-Stealers
/in General NewsA new ongoing malware campaign has been observed distributing three different stealers, such as CryptBot, LummaC2, and Rhadamanthys hosted on Content Delivery Network (CDN) cache domains since at least February 2024.
Cisco Talos has attributed the activity with moderate confidence to a threat actor tracked as CoralRaider, a suspected Vietnamese-origin
The Hacker News – Read More
CompTIA Supports Department of Defense Efforts to Strengthen Cyber Knowledge and Skills
/in General NewsPost Content
darkreading – Read More
5 Hard Truths About the State of Cloud Security 2024
/in General NewsDark Reading talks cloud security with John Kindervag, the godfather of zero trust.
darkreading – Read More
Siemens Working on Fix for Device Affected by Palo Alto Firewall Bug
/in General NewsGrowing attacks targeting the flaw prompted CISA to include it in the known exploited vulnerabilities catalog earlier this month.
darkreading – Read More
Hackers Create Legit Phishing Links With Ghost GitHub, GitLab Comments
/in General NewsAn utterly innocuous feature in popular Git CDNs allows anyone to conceal malware behind brand names, without those brands being any the wiser.
darkreading – Read More
Russian APT28 Group in New “GooseEgg” Hacking Campaign
/in General NewsA notorious Russian APT group has been stealing credentials for years by exploiting a Windows Print Spooler bug and using a novel post-compromise tool known as “GooseEgg,” Microsoft has revealed.
Cyware News – Latest Cyber News – Read More