An operator of the HelloKitty ransomware operation announced they changed the name to ‘HelloGookie,’ releasing passwords for previously leaked CD Projekt source code, Cisco network information, and decryption keys from old attacks.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-04-22 08:06:512024-04-22 08:06:51HelloKitty Ransomware Rebrands, Releases CD Projekt and Cisco Data
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-04-22 07:06:372024-04-22 07:06:37North Koreans Secretly Animated Amazon and Max Shows, Researchers Say
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-04-22 05:07:252024-04-22 05:07:25Cannes Hospital Cancels Medical Procedures Following Cyberattack
Veriti Research exposes surge in Androxgh0st attacks, exploiting CVEs and building botnets for credential theft. Patch systems, monitor for web shells, and use behavioral analysis to protect yourself.
A new information stealer has been found leveraging Lua bytecode for added stealth and sophistication, findings from McAfee Labs reveal.
The cybersecurity firm has assessed it to be a variant of a known malware called RedLine Stealer owing to the fact that the command-and-control (C2) server IP address has been previously identified as associated with the malware.
RedLine Stealer, 
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-04-21 10:06:322024-04-21 10:06:32New RedLine Stealer Variant Disguised as Game Cheats Using Lua Bytecode for Stealth
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-04-20 10:10:582024-04-20 10:10:58AI-Controlled Fighter Jets Are Dogfighting With Human Pilots Now
As the company also explains in a public security advisory published on Friday, this zero-day bug enables unauthenticated attackers to escape the user’s virtual file system (VFS) and download system files.
Users of the CrushFTP enterprise file transfer software are being urged to update to the latest version following the discovery of a security flaw that has come under targeted exploitation in the wild.
“CrushFTP v11 versions below 11.1 have a vulnerability where users can escape their VFS and download system files,” CrushFTP said in an advisory released Friday.
Palo Alto Networks has shared more details of a critical security flaw impacting PAN-OS that has come under active exploitation in the wild by malicious actors.
The company described the vulnerability, tracked as CVE-2024-3400 (CVSS score: 10.0), as “intricate” and a combination of two bugs in versions PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1 of the software.
“In
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-04-20 07:08:062024-04-20 07:08:06Palo Alto Networks Discloses More Details on Critical PAN-OS Flaw Under Attack
BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
HelloKitty Ransomware Rebrands, Releases CD Projekt and Cisco Data
/in General NewsAn operator of the HelloKitty ransomware operation announced they changed the name to ‘HelloGookie,’ releasing passwords for previously leaked CD Projekt source code, Cisco network information, and decryption keys from old attacks.
Cyware News – Latest Cyber News – Read More
North Koreans Secretly Animated Amazon and Max Shows, Researchers Say
/in General NewsThousands of exposed files on a misconfigured North Korean server hint at one way the reclusive country may evade international sanctions.
Security Latest – Read More
Cannes Hospital Cancels Medical Procedures Following Cyberattack
/in General NewsCannes Hospital Centre – Simone Veil cancels medical procedures after shutting down systems in response to a cyberattack.
The post Cannes Hospital Cancels Medical Procedures Following Cyberattack appeared first on SecurityWeek.
SecurityWeek – Read More
Androxgh0st Malware Compromises Servers Worldwide for Botnet Attack
/in General NewsBy Deeba Ahmed
Veriti Research exposes surge in Androxgh0st attacks, exploiting CVEs and building botnets for credential theft. Patch systems, monitor for web shells, and use behavioral analysis to protect yourself.
This is a post from HackRead.com Read the original post: Androxgh0st Malware Compromises Servers Worldwide for Botnet Attack
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
New RedLine Stealer Variant Disguised as Game Cheats Using Lua Bytecode for Stealth
/in General NewsA new information stealer has been found leveraging Lua bytecode for added stealth and sophistication, findings from McAfee Labs reveal.
The cybersecurity firm has assessed it to be a variant of a known malware called RedLine Stealer owing to the fact that the command-and-control (C2) server IP address has been previously identified as associated with the malware.
RedLine Stealer, 
The Hacker News – Read More
AI-Controlled Fighter Jets Are Dogfighting With Human Pilots Now
/in General NewsPlus: New York’s legislature suffers a cyberattack, police disrupt a global phishing operation, and Apple removes encrypted messaging apps in China.
Security Latest – Read More
CrushFTP Warns Users to Patch Exploited Zero-Day “Immediately”
/in General NewsAs the company also explains in a public security advisory published on Friday, this zero-day bug enables unauthenticated attackers to escape the user’s virtual file system (VFS) and download system files.
Cyware News – Latest Cyber News – Read More
Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks
/in General NewsUsers of the CrushFTP enterprise file transfer software are being urged to update to the latest version following the discovery of a security flaw that has come under targeted exploitation in the wild.
“CrushFTP v11 versions below 11.1 have a vulnerability where users can escape their VFS and download system files,” CrushFTP said in an advisory released Friday.
The Hacker News – Read More
Palo Alto Networks Discloses More Details on Critical PAN-OS Flaw Under Attack
/in General NewsPalo Alto Networks has shared more details of a critical security flaw impacting PAN-OS that has come under active exploitation in the wild by malicious actors.
The company described the vulnerability, tracked as CVE-2024-3400 (CVSS score: 10.0), as “intricate” and a combination of two bugs in versions PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1 of the software.
“In
The Hacker News – Read More
CISO Corner: Breaking Staff Burnout, GPT-4 Exploits, Rebalancing NIST
/in General NewsSecOps highlights this week include the executive role in “cyber readiness;” Cisco’s Hypershield promise; and Middle East cyber ops heat up.
darkreading – Read More