The Pay-Per-Install (PPI) ecosystem, originally intended for distributing advertisements, has evolved into a profitable platform for spreading spyware and malware, including threats like Glupteba.
The Bumblebee malware has re-emerged with a significantly different attack chain after a four-month absence, utilizing social engineering techniques and unique characteristics in its new campaign.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-02-13 15:07:402024-02-13 15:07:40Notorious Bumblebee Malware Re-emerges with New Attack Methods
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-02-13 15:07:392024-02-13 15:07:39CISO and CIO Convergence: Ready or Not, Here It Comes
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-02-13 14:11:072024-02-13 14:11:07Bank of America Customer Data Stolen in Data Breach
Major U.S. telecom carriers such as Verizon, T-Mobile, and AT&T have experienced significant data breaches in recent years, highlighting the crucial need for aligning FCC’s data breach rules with federal and state laws applicable to other sectors.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-02-13 10:06:322024-02-13 10:06:32FCC Orders Telecom Carriers to Report PII Data Breaches Within 30 Days
The campaign involves collaboration between Chinese cybersecurity firms, government agencies, and state media to amplify allegations of hacking operations by the United States.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-02-13 09:07:112024-02-13 09:07:11China Targets US Hacking Ops in Media Offensive
Threat actors are leveraging a recently disclosed security flaw impacting Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy a backdoor codenamed DSLog on susceptible devices.
That’s according to findings from Orange Cyberdefense, which said it observed the exploitation of CVE-2024-21893 within hours of the public release of the proof-the-concept (PoC) code.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-02-13 08:06:492024-02-13 08:06:49Ivanti Vulnerability Exploited to Install ‘DSLog’ Backdoor on 670+ IT Infrastructures
A malware tactic dubbed ‘hunter-killer’ is growing, based on an analysis of more than 600,000 malware samples. This may become the standard approach for advanced attacks.
BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Diving Into Glupteba’s UEFI Bootkit
/in General NewsThe Pay-Per-Install (PPI) ecosystem, originally intended for distributing advertisements, has evolved into a profitable platform for spreading spyware and malware, including threats like Glupteba.
Cyware News – Latest Cyber News – Read More
Notorious Bumblebee Malware Re-emerges with New Attack Methods
/in General NewsThe Bumblebee malware has re-emerged with a significantly different attack chain after a four-month absence, utilizing social engineering techniques and unique characteristics in its new campaign.
Cyware News – Latest Cyber News – Read More
CISO and CIO Convergence: Ready or Not, Here It Comes
/in General NewsRecent shifts underscore the importance of collaboration and alignment between these two IT leaders for successful digital transformation.
darkreading – Read More
Bank of America Customer Data Stolen in Data Breach
/in General NewsBank of America is notifying some customers that their personal information was stolen in a data breach at third-party services provider.
The post Bank of America Customer Data Stolen in Data Breach appeared first on SecurityWeek.
SecurityWeek – Read More
ICS Patch Tuesday: Siemens Addresses 270 Vulnerabilities
/in General NewsFebruary 2024 ICS Patch Tuesday: Siemens and Schneider Electric release a total of 18 new security advisories.
The post ICS Patch Tuesday: Siemens Addresses 270 Vulnerabilities appeared first on SecurityWeek.
SecurityWeek – Read More
CISA Warns of Roundcube Webmail Vulnerability Exploitation
/in General NewsCISA has added the Roundcube flaw tracked as CVE-2023-43770 to its known exploited vulnerabilities catalog.
The post CISA Warns of Roundcube Webmail Vulnerability Exploitation appeared first on SecurityWeek.
SecurityWeek – Read More
FCC Orders Telecom Carriers to Report PII Data Breaches Within 30 Days
/in General NewsMajor U.S. telecom carriers such as Verizon, T-Mobile, and AT&T have experienced significant data breaches in recent years, highlighting the crucial need for aligning FCC’s data breach rules with federal and state laws applicable to other sectors.
Cyware News – Latest Cyber News – Read More
China Targets US Hacking Ops in Media Offensive
/in General NewsThe campaign involves collaboration between Chinese cybersecurity firms, government agencies, and state media to amplify allegations of hacking operations by the United States.
Cyware News – Latest Cyber News – Read More
Ivanti Vulnerability Exploited to Install ‘DSLog’ Backdoor on 670+ IT Infrastructures
/in General NewsThreat actors are leveraging a recently disclosed security flaw impacting Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy a backdoor codenamed DSLog on susceptible devices.
That’s according to findings from Orange Cyberdefense, which said it observed the exploitation of CVE-2024-21893 within hours of the public release of the proof-the-concept (PoC) code.
The Hacker News – Read More
Hunter-Killer Malware Tactic Growing: Stealthy, Persistent and Aggressive
/in General NewsA malware tactic dubbed ‘hunter-killer’ is growing, based on an analysis of more than 600,000 malware samples. This may become the standard approach for advanced attacks.
The post Hunter-Killer Malware Tactic Growing: Stealthy, Persistent and Aggressive appeared first on SecurityWeek.
SecurityWeek – Read More