BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
New Orcinius Trojan Uses VBA Stomping to Mask Infection
/in General NewsThis multi-stage trojan utilizes Dropbox and Google Docs to update and deliver payloads. It uses the VBA stomping technique, removing the VBA source code in a Microsoft Office document, leaving only compiled p-code.
Cyware News – Latest Cyber News – Read More
Over 14M servers may be vulnerable to OpenSSH’s regreSSHion RCE flaw. Here’s what you need to do
/in General NewsOpenSSH, the bedrock of secure Linux network access, has a nasty security flaw.
Latest stories for ZDNET in Security – Read More
What Cybersecurity Defense Looks Like for School Districts
/in General NewsDark Reading chats with Johnathan Kim, director of technology at the Woodland Hills School District in North Braddock, Penn., about why cybercriminals target schools — and what they can do about it.
darkreading – Read More
Google Launches $250,000 kvmCTF Bug Bounty Program for KVM Exploits
/in General NewsGoogle offers up to $250,000 for finding security holes in KVM, a key technology for virtual machines. This…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Preparing for Q-Day as NIST Nears Approval of PQC Standards
/in General NewsQ-Day, the day when a quantum computer can break modern encryption, is approaching rapidly, leaving our society vulnerable to cyberattacks. Recent advancements in quantum technology suggest that Q-Day is coming sooner than expected.
Cyware News – Latest Cyber News – Read More
Stress-Testing Our Security Assumptions in a World of New & Novel Risks
/in General NewsCategorizing and stress-testing fundamental assumptions is a necessary exercise for any leader interested in ensuring long-term security and resilience in the face of an uncertain future.
darkreading – Read More
CapraRAT Spyware Variant Disguised as Popular Apps to Target Android Users
/in General NewsThe recent campaign shows updates to the group’s techniques and social engineering tactics, as well as efforts to maximize the spyware’s compatibility with older and modern versions of the Android operating system.
Cyware News – Latest Cyber News – Read More
Splunk Patches High-Severity Vulnerabilities in Enterprise Product
/in General NewsSplunk has patched multiple vulnerabilities in Splunk Enterprise, including high-severity remote code execution bugs.
The post Splunk Patches High-Severity Vulnerabilities in Enterprise Product appeared first on SecurityWeek.
SecurityWeek – Read More
Evolve Bank Shares Data Breach Details as Fintech Firms Report Being Hit
/in General NewsFintech companies Wise and Affirm are impacted by the data breach at Evolve Bank, which has shared additional details on the recent ransomware attack.
The post Evolve Bank Shares Data Breach Details as Fintech Firms Report Being Hit appeared first on SecurityWeek.
SecurityWeek – Read More
How Hacked YouTube Channels Spread Scams and Malware
/in General NewsThe most common attack methods against YouTube channels involve phishing attacks to steal login credentials, exploiting weak or reused passwords, and even bypassing two-factor authentication by stealing session cookies.
Cyware News – Latest Cyber News – Read More