BackBox News
Latest news and insights on Security
-
First Chrome version with Manifest V3 to land in Canary this summer
on June 24, 2019 at 9:49 am
Will ad blockers still work in Chrome? We'll see starting late July, early August. […]
-
US launches cyber-attack aimed at Iranian rocket and missile systems
on June 24, 2019 at 8:46 am
Attack took place last week, after President Trump backed off from using conventional weapons to strike Iran. […]
-
User data stolen from ‘human hacking’ forum Social Engineered, published on rival site
on June 24, 2019 at 8:45 am
A vulnerability in MyBB has been blamed. […]
-
US DHS CISA warns of Iran-linked hackers using data wipers in cyberattacks
by Pierluigi Paganini on June 24, 2019 at 7:45 am
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of a significant increase in cyberattacks from Iranian hackers spreading data wipers. US DHS CISA agency warns of increased cyber-activity from Iran aimed at spreading data-wiping malware through password […]
-
WeTransfer Security Incident: File Transfer Emails Sent to Wrong People
by Eduard Kovacs on June 24, 2019 at 5:51 am
The popular file transfer service WeTransfer issued a security notice on Friday after discovering that some file transfer emails were sent to the wrong individuals. read mor […]
-
Ex-Senate Aide Sentenced to 4 Years in Prison for Data Leak
by Associated Press on June 24, 2019 at 5:15 am
A former congressional staffer was sentenced to four years in prison Wednesday after pleading guilty to illegally posting online the home addresses and telephone numbers of five Republican senators who backed Brett Kavanaugh’s Supreme Court nomination. read mor […]
-
Huawei ramps up its technological Cold War propaganda
on June 24, 2019 at 3:17 am
Huawei's founder Ren Zhengfei positions himself as a humble student of American science and innovation, and his company as a servant of humanity. […]
-
Australia's future airport is closer than you think
on June 24, 2019 at 1:26 am
Your biometric information will continue to be captured and the trade off is efficiency. […]
-
US Entity List bans hit AMD joint venture
on June 24, 2019 at 12:55 am
Five Chinese companies added to list of companies acting against US national security. […]
-
Hundreds of million computers potentially exposed to hack due to a flaw in PC-Doctor component
by Pierluigi Paganini on June 23, 2019 at 2:25 pm
Hundreds of million computers from many vendors may have been exposed to hack due to a serious flaw in PC-Doctor software. Experts at SafeBreach discovered that the Dell SupportAssist software, that comes preinstalled on most Dell PCs, was affected by a DLL hijacking vulnerability tracked as […]
Stories
-
Facebook posts reveal your hidden illnesses, say researchers
by Lisa Vaas on June 24, 2019 at 10:02 am
The language we use could be indicators of disease and, with patient consent, could be monitored just like physical symptoms. […]
-
The Internet Has Made Dupes—and Cynics—of Us All
by Zeynep Tufekci on June 24, 2019 at 10:00 am
The typical response to the onslaught of falsehood is to say, lol, nothing matters. But when so many of us are reaching this point, it really does matter. […]
-
He Cyberstalked Teen Girls for Years—Then They Fought Back
by Stephanie Clifford on June 24, 2019 at 10:00 am
How a hacker shamed and humiliated high school girls in a small New Hampshire town, and how they helped take him down. […]
-
Monday review – the hot 20 stories of the week
by Naked Security writer on June 24, 2019 at 8:48 am
From Bella Thorne publishing her own nudes to the Yubikey recall - and everything in between. It's weekly roundup time. […]
-
Hackers Used Two Firefox Zero Days to Hit a Crypto Exchange
by Emily Dreyfuss on June 22, 2019 at 1:00 pm
A ransomware haul, a border security leak, and more of the week's top security news. […]
Exploit
- [remote] EA Origin < 10.5.38 - Remote Code Execution
- [papers] Threat Hunting - Hunter or Hunted
- [local] Cisco Prime Infrastructure - Runrshell Privilege Escalation (Metasploit)
- [webapps] WebERP 4.15 - SQL injection
- [remote] Cisco Prime Infrastructure Health Monitor - TarArchive Directory Traversal (Metasploit)
- [webapps] BlogEngine.NET 3.3.6/3.3.7 - XML External Entity Injection
- [dos] Linux - Use-After-Free via race Between modify_ldt() and #BR Exception
- [local] Tuneclone 2.20 - Local SEH Buffer Overflow
- [webapps] BlogEngine.NET 3.3.6/3.3.7 - 'theme Cookie' Directory Traversal / Remote Code Execution
- [webapps] BlogEngine.NET 3.3.6/3.3.7 - 'dirPath' Directory Traversal / Remote Code Execution