BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
[wp-rss-aggregator feeds="kitploit" limit="10" pagination="off"]
Exploit DB
[wp-rss-aggregator feeds="exploit-db" limit="10" pagination="off"]
Latest news and insights on Security
Why SaaS Security is Suddenly Hot: Racing to Defend and Comply
/in General NewsRecent supply chain cyber-attacks are prompting cyber security regulations in the financial sector to tighten compliance requirements, and other industries are expected to follow. Many companies still don’t have efficient methods to manage related time-sensitive SaaS security and compliance tasks. Free SaaS risk assessment tools are an easy and practical way to bring visibility and initial
The Hacker News – Read More
AWS Announces Authentication and Malware Protection Enhancements
/in General NewsAWS announced passkey MFA for IAM and root users, IAM Access Analyzer updates, and Amazon GuardDuty Malware Protection for S3.
The post AWS Announces Authentication and Malware Protection Enhancements appeared first on SecurityWeek.
SecurityWeek – Read More
Know Your Adversary: Why Tuning Intelligence-Gathering to Your Sector Pays Dividends
/in General NewsWithout tuning your approach to fit your sector, amongst other variables, you’ll be faced with an unmanageable amount of noise.
The post Know Your Adversary: Why Tuning Intelligence-Gathering to Your Sector Pays Dividends appeared first on SecurityWeek.
SecurityWeek – Read More
Cybercriminals Employ PhantomLoader to Distribute SSLoad Malware
/in General NewsThe nascent malware known as SSLoad is being delivered by means of a previously undocumented loader called PhantomLoader, according to findings from cybersecurity firm Intezer.
“The loader is added to a legitimate DLL, usually EDR or AV products, by binary patching the file and employing self-modifying techniques to evade detection,” security researchers Nicole Fishbein and Ryan Robinson said in
The Hacker News – Read More
Life360 Says Personal Information Stolen From Tile Customer Support Platform
/in General NewsLife360 says hackers attempted to extort it after stealing personal information from a Tile customer support platform.
The post Life360 Says Personal Information Stolen From Tile Customer Support Platform appeared first on SecurityWeek.
SecurityWeek – Read More
Pakistan-linked Malware Campaign Evolves to Target Windows, Android, and macOS
/in General NewsThreat actors with ties to Pakistan have been linked to a long-running malware campaign dubbed Operation Celestial Force since at least 2018.
The activity, still ongoing, entails the use of an Android malware called GravityRAT and a Windows-based malware loader codenamed HeavyLift, according to Cisco Talos, which are administered using another standalone tool referred to as GravityAdmin.
The
The Hacker News – Read More
Prevalence and Impact of Password Exposure Vulnerabilities in ICS/OT
/in General NewsAnalysis and insights on the prevalence and impact of password exposure vulnerabilities in ICS and other OT products.
The post Prevalence and Impact of Password Exposure Vulnerabilities in ICS/OT appeared first on SecurityWeek.
SecurityWeek – Read More
Pakistani Hacking Team ‘Celestial Force’ Spies on Indian Gov’t, Defense
/in General NewsAgainst a backdrop of political conflict, a years-long cyber espionage campaign in South Asia is coming to light.
darkreading – Read More
Ukraine Police Arrest Suspect Linked to LockBit and Conti Ransomware Groups
/in General NewsThe Cyber Police of Ukraine has announced the arrest of a local man who is suspected to have offered their services to LockBit and Conti ransomware groups.
The unnamed 28-year-old native of the Kharkiv region allegedly specialized in the development of crypters to encrypt and obfuscate malicious payloads in order to evade detection by security programs.
The product is believed to have been
The Hacker News – Read More
City of Cleveland Scrambling to Restore Systems Following Cyberattack
/in General NewsThe City of Cleveland says emergency services, utilities, and airport are unaffected by a recent cyberattack.
The post City of Cleveland Scrambling to Restore Systems Following Cyberattack appeared first on SecurityWeek.
SecurityWeek – Read More