Multiple security flaws, including actively exploited vulnerabilities and weaknesses in the Integrity Checker Tool, have been discovered, highlighting the need for enhanced visibility and validation of digital supply chains in enterprise products.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-02-16 14:07:552024-02-16 14:07:55Ivanti Pulse Secure Found Using 11-Year-Old Linux Version and Outdated Libraries
The US State Department has announced a reward of up to $10 million for information on the leaders of the AlphV ransomware group, with an additional $5 million for details leading to the arrest of those involved in attacks.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-02-16 13:08:222024-02-16 13:08:22US State Department Puts $10M Bounty on ALPHV Ransomware Group
A massive database leak from Zenlayer, a global network service provider, exposed 384,658,212 records, including sensitive customer data and internal operations logs, without basic password protection.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-02-16 11:09:102024-02-16 11:09:10Unprotected Cloud Database Exposed Over 384 Million Records Including Sensitive Logs and Customer Data
Organizations using versions prior to v7.75 of the web application are urged to upgrade, and all organizations using this CMS should enable multi-factor authentication immediately to prevent potential breaches.
U.S. law enforcement disrupted a criminal botnet, “Moobot,” which Russian military hackers had repurposed for global cyberespionage, leading to the FBI obtaining a warrant to modify infected routers and shut down the botnet.
JKwerlo’s utilization of lateral movement techniques and exploitation of legitimate services like Dropbox and GitHub highlight its capability to spread across networks and evade traditional security measures.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-02-16 08:10:062024-02-16 08:10:06Newly Emerged JKwerlo Ransomware Targets Victims in France and Spain
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has revealed that an unnamed state government organization’s network environment was compromised via an administrator account belonging to a former employee.
“This allowed the threat actor to successfully authenticate to an internal virtual private network (VPN) access point,” the agency said in a joint advisory published
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-02-16 08:10:052024-02-16 08:10:05U.S. State Government Network Breached via Former Employee’s Account
The U.S. government on Thursday said it disrupted a botnet comprising hundreds of small office and home office (SOHO) routers in the country that was put to use by the Russia-linked APT28 actor to conceal its malicious activities.
“These crimes included vast spear-phishing and similar credential harvesting campaigns against targets of intelligence interest to the Russian government, such as U.S.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-02-16 00:06:522024-02-16 00:06:52Elon Musk’s X Gave Check Marks to Terrorist Group Leaders, Report Says
BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Ivanti Pulse Secure Found Using 11-Year-Old Linux Version and Outdated Libraries
/in General NewsMultiple security flaws, including actively exploited vulnerabilities and weaknesses in the Integrity Checker Tool, have been discovered, highlighting the need for enhanced visibility and validation of digital supply chains in enterprise products.
Cyware News – Latest Cyber News – Read More
US State Department Puts $10M Bounty on ALPHV Ransomware Group
/in General NewsThe US State Department has announced a reward of up to $10 million for information on the leaders of the AlphV ransomware group, with an additional $5 million for details leading to the arrest of those involved in attacks.
Cyware News – Latest Cyber News – Read More
Vulnerabilities in CUSG CMS Exposed Credit Unions to Attacks
/in General NewsThree vulnerabilities in CU Solutions Group CMS exposed 275 credit unions to credential theft, account takeover.
The post Vulnerabilities in CUSG CMS Exposed Credit Unions to Attacks appeared first on SecurityWeek.
SecurityWeek – Read More
Unprotected Cloud Database Exposed Over 384 Million Records Including Sensitive Logs and Customer Data
/in General NewsA massive database leak from Zenlayer, a global network service provider, exposed 384,658,212 records, including sensitive customer data and internal operations logs, without basic password protection.
Cyware News – Latest Cyber News – Read More
Critical Software Vulnerabilities Impacting Credit Unions Discovered
/in General NewsOrganizations using versions prior to v7.75 of the web application are urged to upgrade, and all organizations using this CMS should enable multi-factor authentication immediately to prevent potential breaches.
Cyware News – Latest Cyber News – Read More
US Disrupts Russian Military Intelligence Botnet
/in General NewsU.S. law enforcement disrupted a criminal botnet, “Moobot,” which Russian military hackers had repurposed for global cyberespionage, leading to the FBI obtaining a warrant to modify infected routers and shut down the botnet.
Cyware News – Latest Cyber News – Read More
Newly Emerged JKwerlo Ransomware Targets Victims in France and Spain
/in General NewsJKwerlo’s utilization of lateral movement techniques and exploitation of legitimate services like Dropbox and GitHub highlight its capability to spread across networks and evade traditional security measures.
Cyware News – Latest Cyber News – Read More
U.S. State Government Network Breached via Former Employee’s Account
/in General NewsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has revealed that an unnamed state government organization’s network environment was compromised via an administrator account belonging to a former employee.
“This allowed the threat actor to successfully authenticate to an internal virtual private network (VPN) access point,” the agency said in a joint advisory published
The Hacker News – Read More
U.S. Government Disrupts Russian-Linked Botnet Engaged in Cyber Espionage
/in General NewsThe U.S. government on Thursday said it disrupted a botnet comprising hundreds of small office and home office (SOHO) routers in the country that was put to use by the Russia-linked APT28 actor to conceal its malicious activities.
“These crimes included vast spear-phishing and similar credential harvesting campaigns against targets of intelligence interest to the Russian government, such as U.S.
The Hacker News – Read More
Elon Musk’s X Gave Check Marks to Terrorist Group Leaders, Report Says
/in General NewsA new report cited 28 “verified” accounts on X that appear to be tied to sanctioned groups or individuals.
Security Latest – Read More