BackBox News
Latest news and insights on Security
- Second career cyber: Attracting new talentby Jill Aitoro on October 26, 2020 at 2:26 pm
Wendy Nather, head of advisory CISOs at Duo Security spoke with Jill Bresin, a newly appointed cyber threat consultant at data analytics and risk assessment firm Verisk about career shifts that can bring new entrants to the cybersecurity market. Click here for complete coverage of SC […]
- The cyber immigrant experience, then and nowby Jill Aitoro on October 26, 2020 at 2:23 pm
Shamla Naidoo, Managing Partner at IBM and the tech giant’s former global chief information security officer spoke with newcomer Mrunmayi Churi, application security engineer at Twitter, about their distinctive experiences immigrating to the United States to pursue a cybersecurity education […]
- From Army to industry: A CISO comparisonby Jill Aitoro on October 26, 2020 at 2:21 pm
Alicia Lynch, vice president and chief information security officer at defense contractor SAIC, spent nearly three decades in the Department of Defense before transitioning to industry. As part of SC Media’s Women in IT Security program, she spoke to SC Media Editor in Chief Jill Aitoro about how […]
- Sylvia Acevedo, on how she schooled the Girls Scouts in techby Jill Aitoro on October 26, 2020 at 2:18 pm
Sylvia Acevedo, two months after stepping down as CEO of the Girl Scouts of the USA, spoke to SC Media Executive Editor Teri Robinson to discuss the evolution of her career from top tech executive with NASA’s Jet Propulsion Laboratory, Apple, Dell, and Autodesk among others, to […]
- US Insists on Need to Ban TikTokby AFP on October 26, 2020 at 2:17 pm
US President Donald Trump's administration has insisted on the need to ban TikTok due to national security concerns in a new court filing ahead of a plan to make the video app unavailable on November 12. read more
- How Google, Harvard tech leaders amplify women minority voicesby Jill Aitoro on October 26, 2020 at 2:13 pm
Lauren Zabierek of Harvard Kennedy School’s Belfer Center, and Camille Stewart of Google talk about the impact of the ShareTheMicInCyber initiative. The post How Google, Harvard tech leaders amplify women minority voices appeared first on SC Media.
- The Story of McAfee: How the Security Giant Arrived at a Second IPOby Kelly Sheridan Staff Editor, Dark Reading on October 26, 2020 at 2:00 pm
Industry watchers explore the story of McAfee, from its founding in 1987, to its spinoff from Intel, to how it's keeping up with competitors.
- HPE Patches Two Critical, Remotely Exploitable Vulnerabilitiesby Ionut Arghire on October 26, 2020 at 1:57 pm
Hewlett Packard Enterprise has released patches for two critical vulnerabilities, one identified in StoreServ Management Console and the other affecting BlueData EPIC Software Platform and Ezmeral Container Platform. read more
- Parisa Tabriz: ‘Security Princess’ killing Google bugsby Derek B. Johnson on October 26, 2020 at 1:20 pm
Parisa Tabriz is director of engineering at Google, overseeing Chrome and the Project Zero team of bug hunters. The post Parisa Tabriz: ‘Security Princess’ killing Google bugs appeared first on SC Media.
- Palo Alto Networks Threatens Legal Action Over Product Comparisonby Eduard Kovacs on October 26, 2020 at 1:15 pm
Palo Alto Networks has threatened legal action against cloud visibility solutions provider Orca Security after the latter published a video comparing products from the two companies. read more
Stories
- Naked Security Live – Who’s watching you? 5 mobile privacy tipsby Paul Ducklin on October 26, 2020 at 11:34 am
Here's the latest Naked Security Live video - enjoy (and please share with your friends)!
- How to Clean Up Your Digital Historyby David Nield on October 25, 2020 at 11:00 am
There are plenty of reasons to declutter your online traces. Here's how to tidy up.
- The Unsinkable Maddie Stone, Google's Bug-Hunting Badassby Lily Hay Newman on October 25, 2020 at 11:00 am
The Project Zero reverse engineer shuts down some of the world's most dangerous exploits—along with antiquated hacker stereotypes.
- Did a Security Researcher Guess Trump’s Twitter Password?by Brian Barrett on October 24, 2020 at 1:10 pm
Plus: An Among Us spam attack, China’s favorite vulnerabilities, and more of the week’s top security news.
- The US Sanctions Russians for Potentially ‘Fatal’ Malwareby Andy Greenberg on October 23, 2020 at 9:29 pm
The message is meant to deter any similar attack against US infrastructure.
The BackBox Team, ten years after its first release, is happy to announce the new major release of BackBox Linux, version 7.
https://t.co/JupE3qDRtP
Exploit
- [webapps] NodeBB Forum 1.12.2-1.14.2 - Account Takeover
- [local] Guild Wars 2 - Insecure Folder Permissions
- [webapps] berliCRM 1.0.24 - 'src_record' SQL Injection
- [local] Battle.Net 1.27.1.12428 - Insecure File Permissions
- [webapps] MedDream PACS Server 6.8.3.751 - Remote Code Execution (Unauthenticated)
- [webapps] Liman 0.7 - Cross-Site Request Forgery (Change Password)
- [webapps] Online Students Management System 1.0 - 'username' SQL Injections
- [webapps] Cisco ASA and FTD 9.6.4.42 - Path Traversal
- [webapps] Small CRM 2.0 - 'email' SQL Injection
- [webapps] openMAINT 1.1-2.4.2 - Arbitrary File Upload