https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00adminhttps://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.pngadmin2025-01-15 14:07:042025-01-15 14:07:04Enhancing Health Care Cybersecurity: Bridging HIPAA Gaps with Innovation
As many as six security vulnerabilities have been disclosed in the popular Rsync file-synchronizing tool for Unix systems, some of which could be exploited to execute arbitrary code on a client.
“Attackers can take control of a malicious server and read/write arbitrary files of any connected client,” the CERT Coordination Center (CERT/CC) said in an advisory. “Sensitive data, such as SSH keys,
The U.S. Department of Justice (DoJ) on Tuesday disclosed that a court-authorized operation allowed the Federal Bureau of Investigation (FBI) to delete PlugX malware from over 4,250 infected computers as part of a “multi-month law enforcement operation.”
PlugX, also known as Korplug, is a remote access trojan (RAT) widely used by threat actors associated with the People’s Republic of China (PRC
Cybersecurity researchers have disclosed multiple security flaws in SimpleHelp remote access software that could lead to information disclosure, privilege escalation, and remote code execution.
Horizon3.ai researcher Naveen Sunkavally, in a technical report detailing the findings, said the “vulnerabilities are trivial to reverse and exploit.”
The list of identified flaws is as follows –
BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Enhancing Health Care Cybersecurity: Bridging HIPAA Gaps with Innovation
/in General NewsThe proposed HIPAA Security Rule introduces mandatory measures to prevent malicious cyberattacks in health care.
Security | TechRepublic – Read More
Nvidia, Zoom, Zyxel Patch High-Severity Vulnerabilities
/in General NewsNvidia, Zoom, and Zyxel have released patches for multiple high-severity vulnerabilities across their products.
The post Nvidia, Zoom, Zyxel Patch High-Severity Vulnerabilities appeared first on SecurityWeek.
SecurityWeek – Read More
Google Cloud Researchers Uncover Flaws in Rsync File Synchronization Tool
/in General NewsAs many as six security vulnerabilities have been disclosed in the popular Rsync file-synchronizing tool for Unix systems, some of which could be exploited to execute arbitrary code on a client.
“Attackers can take control of a malicious server and read/write arbitrary files of any connected client,” the CERT Coordination Center (CERT/CC) said in an advisory. “Sensitive data, such as SSH keys,
The Hacker News – Read More
Ivanti Patches Critical Vulnerabilities in Endpoint Manager
/in General NewsIvanti has released patches for multiple vulnerabilities in Endpoint Manager (EPM), including four critical-severity flaws.
The post Ivanti Patches Critical Vulnerabilities in Endpoint Manager appeared first on SecurityWeek.
SecurityWeek – Read More
Fortinet Confirms New Zero-Day Exploitation
/in General NewsFortinet patches critical vulnerabilities, including a zero-day that has been exploited in the wild since at least November 2024.
The post Fortinet Confirms New Zero-Day Exploitation appeared first on SecurityWeek.
SecurityWeek – Read More
Microsoft Discovers macOS Flaw CVE-2024-44243, Bypassing SIP
/in General NewsCVE-2024-44243, a critical macOS vulnerability discovered recently by Microsoft, can allow attackers to bypass Apple’s System Integrity Protection…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
ICS Patch Tuesday: Security Advisories Published by Schneider, Siemens, Phoenix Contact, CISA
/in General NewsSchneider Electric, Siemens, CISA, and Phoenix Contact have released January 2025 Patch Tuesday ICS security advisories.
The post ICS Patch Tuesday: Security Advisories Published by Schneider, Siemens, Phoenix Contact, CISA appeared first on SecurityWeek.
SecurityWeek – Read More
Wultra Secures €3M to Protect Financial Institutions from Quantum Threats
/in General NewsPrague, Czech republic, 15th January 2025, CyberNewsWire
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
FBI Deletes PlugX Malware from 4,250 Hacked Computers in Multi-Month Operation
/in General NewsThe U.S. Department of Justice (DoJ) on Tuesday disclosed that a court-authorized operation allowed the Federal Bureau of Investigation (FBI) to delete PlugX malware from over 4,250 infected computers as part of a “multi-month law enforcement operation.”
PlugX, also known as Korplug, is a remote access trojan (RAT) widely used by threat actors associated with the People’s Republic of China (PRC
The Hacker News – Read More
Critical SimpleHelp Flaws Allow File Theft, Privilege Escalation, and RCE Attacks
/in General NewsCybersecurity researchers have disclosed multiple security flaws in SimpleHelp remote access software that could lead to information disclosure, privilege escalation, and remote code execution.
Horizon3.ai researcher Naveen Sunkavally, in a technical report detailing the findings, said the “vulnerabilities are trivial to reverse and exploit.”
The list of identified flaws is as follows –
The Hacker News – Read More