BackBox News
Latest news and insights on Security
Latest news and insights on Security
A new research published by academics from KU Leuven, Radboud University, and the University of Lausanne has revealed that users' email addresses are exfiltrated to tracking, marketing, and analytics domains before such is submitted and without prior consent. The study involved crawling 2.8 […]
CISA orders federal agencies to fix VMware CVE-2022-22972 and CVE-2022-22973 vulnerabilities by May 23, 2022. The Cybersecurity and Infrastructure Security Agency (CISA) issued the Emergency Directive 22-03 to order federal agencies to fix VMware CVE-2022-22972 and CVE-2022-22973 flaws or to remove […]
VMware has issued patches to contain two security flaws impacting Workspace ONE Access, Identity Manager, and vRealize Automation that could be exploited to backdoor enterprise networks. The first of the two flaws, tracked as CVE-2022-22972 (CVSS score: 9.8), concerns an authentication bypass […]
VMware addressed a critical authentication bypass vulnerability “affecting local domain users” in multiple products. The virtualization giant warns that a threat actor can exploit the flaw, tracked as CVE-2022-22972 (CVSSv3 base score of 9.8), to obtain admin privileges and urges customers to […]
System of Trust includes data-driven metrics for evaluating the integrity of software, services, and suppliers.
Experts urge victims to not pay ransoms, since it encourages criminals to continue attacking. Businesses, however, have a different mindset.
Last month attackers quickly reverse-engineered VMWare patches to launch RCE attacks. CISA warns it's going to happen again.
From a scrappy contest where hackers tried to win laptops, Pwn2Own has grown into a premier event that has helped normalize bug hunting.
Ivanti’s Ransomware Index Report Q1 2022, released today, helps to explain why ransomware is becoming more lethal.
Microsoft warns of brute-forcing attacks targeting Microsoft SQL Server (MSSQL) database servers exposed online. Microsoft warns of a new hacking campaign aimed at MSSQL servers, threat actors are launching brute-forcing attacks against poorly protected instances. The attacks are using the […]
Kaspersky excels with its easy to use interface and automation features, while Bitdefender gets the edge on overall detection rates and laboratory test results, but with a slightly more difficult learning curve. The post Bitdefender vs Kaspersky: EDR software comparison appeared first on […]
Three colleges have been victims of cyberattacks in the last three months alone. The post Higher education institutions being targeted for ransomware attacks appeared first on TechRepublic.
Endpoint detection and response software protects against a variety of threats and attacks. Learn about two of the most popular EDR options, CrowdStrike and McAfee, and how to protect your network. The post CrowdStrike vs McAfee: EDR software comparison appeared first on TechRepublic.
The digital world is changing, and you need cybersecurity solutions that change with it. Forescout Continuum can help. The post Sponsored: Helping organizations automate cybersecurity across their digital terrains appeared first on TechRepublic.
The agency touches on the most popular ways hackers are finding ways into victims’ networks, and issues tips on how to reduce risk. The post CISA issues advisory on top-10 attack vectors, finds hackers exploiting poor cyber practices appeared first on TechRepublic.