Attackers create malicious GitHub repositories with popular names and topics, using techniques like automated updates and fake stars to boost search rankings and deceive users.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-04-11 11:07:052024-04-11 11:07:05New Technique Detected in an Open Source Supply Chain Attack
The lead investor for the Series C funding is Coatue, which is new to the startup’s cap table. Other new investors include Spark Capital, Georgian, and strategic backer AT&T Ventures.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-04-11 11:07:052024-04-11 11:07:05AI Data Security Startup Cyera Confirms $300M Raise at a $1.4B Valuation
The vulnerability, which carries a perfect 10 base severity score, is tracked as CVE-2024-24576. It affects the Rust standard library, which was found to be improperly escaping arguments when invoking batch files on Windows using the Command API.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-04-11 11:07:052024-04-11 11:07:05Rust Addresses Critical Vulnerability on Windows
First identified in late 2021, Raspberry Robin is a Windows worm initially seen targeting technology and manufacturing organizations. It has since grown to become one of the most prevalent threats facing enterprises.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-04-11 10:06:392024-04-11 10:06:39Raspberry Robin Now Spreading Through Windows Script Files
Only three critical vulnerabilities were fixed as part of the April 2024 Patch Tuesday updates, but there are over 67 remote code execution bugs. More than half of the RCE flaws are found within Microsoft SQL drivers, likely sharing a common flaw.
ARC Labs recently analyzed a phishing email used in a credential harvesting campaign that leveraged a lure notifying the target they received a voice message and needed to visit a link to access it.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-04-11 09:06:502024-04-11 09:06:50Alethea Raises $20 Million for Disinformation Detection and Mitigation Solution
Fortinet fixed a dozen vulnerabilities in multiple products, including a critical-severity remote code execution (RCE) issue, tracked as CVE-2023-45590 (CVSS score of 9.4), in FortiClientLinux.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-04-11 08:06:352024-04-11 08:06:35Fortinet Fixed a Critical RCE Bug in FortiClientLinux
BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
New Technique Detected in an Open Source Supply Chain Attack
/in General NewsAttackers create malicious GitHub repositories with popular names and topics, using techniques like automated updates and fake stars to boost search rankings and deceive users.
Cyware News – Latest Cyber News – Read More
AI Data Security Startup Cyera Confirms $300M Raise at a $1.4B Valuation
/in General NewsThe lead investor for the Series C funding is Coatue, which is new to the startup’s cap table. Other new investors include Spark Capital, Georgian, and strategic backer AT&T Ventures.
Cyware News – Latest Cyber News – Read More
Rust Addresses Critical Vulnerability on Windows
/in General NewsThe vulnerability, which carries a perfect 10 base severity score, is tracked as CVE-2024-24576. It affects the Rust standard library, which was found to be improperly escaping arguments when invoking batch files on Windows using the Command API.
Cyware News – Latest Cyber News – Read More
Raspberry Robin Now Spreading Through Windows Script Files
/in General NewsFirst identified in late 2021, Raspberry Robin is a Windows worm initially seen targeting technology and manufacturing organizations. It has since grown to become one of the most prevalent threats facing enterprises.
Cyware News – Latest Cyber News – Read More
Palo Alto Networks Patches Vulnerabilities Allowing Firewall Disruption
/in General NewsPalo Alto Networks patches several high-severity vulnerabilities, including ones that allow DoS attacks against its firewalls.
The post Palo Alto Networks Patches Vulnerabilities Allowing Firewall Disruption appeared first on SecurityWeek.
SecurityWeek – Read More
Google Cloud Unveils New AI-Powered Security Capabilities
/in General NewsGoogle adds AI to cloud security features and announces other security capabilities for cloud customers.
The post Google Cloud Unveils New AI-Powered Security Capabilities appeared first on SecurityWeek.
SecurityWeek – Read More
Microsoft April 2024 Patch Tuesday fixes 150 security flaws, 67 RCEs
/in General NewsOnly three critical vulnerabilities were fixed as part of the April 2024 Patch Tuesday updates, but there are over 67 remote code execution bugs. More than half of the RCE flaws are found within Microsoft SQL drivers, likely sharing a common flaw.
Cyware News – Latest Cyber News – Read More
Analyzing CryptoJS Encrypted Phishing Attempt
/in General NewsARC Labs recently analyzed a phishing email used in a credential harvesting campaign that leveraged a lure notifying the target they received a voice message and needed to visit a link to access it.
Cyware News – Latest Cyber News – Read More
Alethea Raises $20 Million for Disinformation Detection and Mitigation Solution
/in General NewsAlethea has raised $20 million in Series B funding for its technology designed to detect and mitigate disinformation.
The post Alethea Raises $20 Million for Disinformation Detection and Mitigation Solution appeared first on SecurityWeek.
SecurityWeek – Read More
Fortinet Fixed a Critical RCE Bug in FortiClientLinux
/in General NewsFortinet fixed a dozen vulnerabilities in multiple products, including a critical-severity remote code execution (RCE) issue, tracked as CVE-2023-45590 (CVSS score of 9.4), in FortiClientLinux.
Cyware News – Latest Cyber News – Read More