BOCRA website



Join us on Slack

Follow us on Facebook

Remcos RAT Disguises as Payslip to Infect Users null 600x487 https://cyware-ent.s3.amazonaws.com/image_bank/5bbe_shutterstock_490192042.jpg -1

                                                     LATEST CYBER HACKS 


Five Guys discloses hack of 2 employees’ emails

Five Guys disclosed a security breach where hackers gained access to the email accounts of two employees, according to consumer disclosure letters filed Friday with the attorneys general of California and Maine. 


British Library knocked offline by weekend cyberattack

The British Library has been hit by a major IT outage affecting its website and many of its services following a "cyber incident" that impacted its systems on Saturday, October 28.


Wihd leak exposes details of all torrent users

World-in-HD (WiHD), a French private video torrent community, left an open instance exposing the emails and passwords of all of its users and administrators.



Alert: F5 Warns of Active Attacks Exploiting BIG-IP Vulnerability

Tracked as CVE-2023-46747 (CVSS score: 9.8), the vulnerability allows an unauthenticated attacker with network access to the BIG-IP system through the management port to achieve code execution. A proof-of-concept (PoC) exploit has since been made available by ProjectDiscovery.


Exploit released for critical Cisco IOS XE flaw, many hosts still hacked

Public exploit code is now available for the critical Cisco IOS XE vulnerability tracked as CVE-2023-20198 that was leveraged as a zero-day to hack tens of thousands of devices.



Malicious NuGet Packages Caught Distributing SeroXen RAT Malware

Cybersecurity researchers have uncovered a new set of malicious packages published to the NuGet package manager using a lesser-known method for malware deployment.


TA571 Delivers IcedID Forked Loader

Proofpoint researchers identified TA571 delivering the Forked variant of IcedID in two campaigns on 11 and 18 October 2023. Both campaigns included over 6,000 messages, each impacting over 1,200 customers in a variety of industries globally.  


Trojanized PyCharm Software Version Delivered via Google Search Ads

A new malvertising campaign has been observed capitalizing on a compromised website to promote spurious versions of PyCharm on Google search results by leveraging Dynamic Search Ads.

                               GENERAL NEWS


PentestPad: Platform for Pentest Teams

Pen test solutions not only supercharge productivity but also provide a crucial layer of objectivity, ensuring efficiency and exceptional accuracy. The synergy between a skilled penetration tester and the precision of pen testing solutions are crucial for staying on top of today's high demand of security audits and daily rise of vulnerabilities and exploits.


Generative AI Models Are Sucking Data Up From All Over the Internet, Yours Included

In the rush to build and train ever-larger AI models, developers have swept up much of the searchable Internet, quite possibly including some of your own public (and possibly private) data.