A massive database leak from Zenlayer, a global network service provider, exposed 384,658,212 records, including sensitive customer data and internal operations logs, without basic password protection.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-02-16 11:09:102024-02-16 11:09:10Unprotected Cloud Database Exposed Over 384 Million Records Including Sensitive Logs and Customer Data
Organizations using versions prior to v7.75 of the web application are urged to upgrade, and all organizations using this CMS should enable multi-factor authentication immediately to prevent potential breaches.
U.S. law enforcement disrupted a criminal botnet, “Moobot,” which Russian military hackers had repurposed for global cyberespionage, leading to the FBI obtaining a warrant to modify infected routers and shut down the botnet.
JKwerlo’s utilization of lateral movement techniques and exploitation of legitimate services like Dropbox and GitHub highlight its capability to spread across networks and evade traditional security measures.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-02-16 08:10:062024-02-16 08:10:06Newly Emerged JKwerlo Ransomware Targets Victims in France and Spain
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has revealed that an unnamed state government organization’s network environment was compromised via an administrator account belonging to a former employee.
“This allowed the threat actor to successfully authenticate to an internal virtual private network (VPN) access point,” the agency said in a joint advisory published
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-02-16 08:10:052024-02-16 08:10:05U.S. State Government Network Breached via Former Employee’s Account
The U.S. government on Thursday said it disrupted a botnet comprising hundreds of small office and home office (SOHO) routers in the country that was put to use by the Russia-linked APT28 actor to conceal its malicious activities.
“These crimes included vast spear-phishing and similar credential harvesting campaigns against targets of intelligence interest to the Russian government, such as U.S.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-02-16 00:06:522024-02-16 00:06:52Elon Musk’s X Gave Check Marks to Terrorist Group Leaders, Report Says
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-02-16 00:06:512024-02-16 00:06:51Google, Microsoft, OpenAI make AI pledges ahead of Munich Security Conference
BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Vulnerabilities in CUSG CMS Exposed Credit Unions to Attacks
/in General NewsThree vulnerabilities in CU Solutions Group CMS exposed 275 credit unions to credential theft, account takeover.
The post Vulnerabilities in CUSG CMS Exposed Credit Unions to Attacks appeared first on SecurityWeek.
SecurityWeek – Read More
Unprotected Cloud Database Exposed Over 384 Million Records Including Sensitive Logs and Customer Data
/in General NewsA massive database leak from Zenlayer, a global network service provider, exposed 384,658,212 records, including sensitive customer data and internal operations logs, without basic password protection.
Cyware News – Latest Cyber News – Read More
Critical Software Vulnerabilities Impacting Credit Unions Discovered
/in General NewsOrganizations using versions prior to v7.75 of the web application are urged to upgrade, and all organizations using this CMS should enable multi-factor authentication immediately to prevent potential breaches.
Cyware News – Latest Cyber News – Read More
US Disrupts Russian Military Intelligence Botnet
/in General NewsU.S. law enforcement disrupted a criminal botnet, “Moobot,” which Russian military hackers had repurposed for global cyberespionage, leading to the FBI obtaining a warrant to modify infected routers and shut down the botnet.
Cyware News – Latest Cyber News – Read More
Newly Emerged JKwerlo Ransomware Targets Victims in France and Spain
/in General NewsJKwerlo’s utilization of lateral movement techniques and exploitation of legitimate services like Dropbox and GitHub highlight its capability to spread across networks and evade traditional security measures.
Cyware News – Latest Cyber News – Read More
U.S. State Government Network Breached via Former Employee’s Account
/in General NewsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has revealed that an unnamed state government organization’s network environment was compromised via an administrator account belonging to a former employee.
“This allowed the threat actor to successfully authenticate to an internal virtual private network (VPN) access point,” the agency said in a joint advisory published
The Hacker News – Read More
U.S. Government Disrupts Russian-Linked Botnet Engaged in Cyber Espionage
/in General NewsThe U.S. government on Thursday said it disrupted a botnet comprising hundreds of small office and home office (SOHO) routers in the country that was put to use by the Russia-linked APT28 actor to conceal its malicious activities.
“These crimes included vast spear-phishing and similar credential harvesting campaigns against targets of intelligence interest to the Russian government, such as U.S.
The Hacker News – Read More
Elon Musk’s X Gave Check Marks to Terrorist Group Leaders, Report Says
/in General NewsA new report cited 28 “verified” accounts on X that appear to be tied to sanctioned groups or individuals.
Security Latest – Read More
Google, Microsoft, OpenAI make AI pledges ahead of Munich Security Conference
/in General NewsGoogle today launched an ‘AI Cyber Defense Initiative and made several AI-related commitments, following a charge by Microsoft and OpenAI.Read More
Security News | VentureBeat – Read More
Volt Typhoon Hits Multiple Electric Utilities, Expands Cyber Activity
/in General News“Voltzite,” the APT’s subset that focuses on OT networks and critical infrastructure, has also compromised targets in Africa.
darkreading – Read More