BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
[wp-rss-aggregator feeds="kitploit" limit="10" pagination="off"]
Exploit DB
[wp-rss-aggregator feeds="exploit-db" limit="10" pagination="off"]
Latest news and insights on Security
Researchers Uncover Flaws in Python Package for AI Models and PDF.js Used by Firefox
/in General NewsA critical security flaw has been disclosed in the llama_cpp_python Python package that could be exploited by threat actors to achieve arbitrary code execution.
Tracked as CVE-2024-34359 (CVSS score: 9.7), the flaw has been codenamed Llama Drama by software supply chain security firm Checkmarx.
“If exploited, it could allow attackers to execute arbitrary code on your system,
The Hacker News – Read More
CISA Warns of Attacks Exploiting NextGen Healthcare Mirth Connect Flaw
/in General NewsCISA has added CVE-2023-43208, an unauthenticated remote code execution vulnerability, to its KEV catalog.
The post CISA Warns of Attacks Exploiting NextGen Healthcare Mirth Connect Flaw appeared first on SecurityWeek.
SecurityWeek – Read More
How to Install a VPN on Your Router
/in General NewsTrying to figure out how to install a VPN on your router? Read our step-by-step guide to help you get started.
Security | TechRepublic – Read More
CISA Warns of Actively Exploited NextGen Mirth Connect Pre-Auth RCE Vulnerability
/in General NewsThe CISA has required federal agencies to update to a patched version of Mirth Connect (version 4.4.1 or later) by June 10, 2024, to secure their networks against active threats.
Cyware News – Latest Cyber News – Read More
Chinese Telco Gear May Get Banned in Germany
/in General NewsGermany is considering banning the use of Huawei and ZTE equipment in its 5G networks due to national security concerns, despite industry opposition and the potential high costs associated with the removal of the Chinese-made technology.
Cyware News – Latest Cyber News – Read More
North Korea-Linked Kimsuky APT Attack Targets Victims via Messenger
/in General NewsResearchers at Genians Security Center (GSC) identified the North Korea-linked Kimsuky APT group targeting victims via Facebook Messenger, using fake accounts posing as South Korean officials to deliver malware.
Cyware News – Latest Cyber News – Read More
‘Linguistic Lumberjack’ Flaw in Logging Utility Fluent Bit Impacts Cloud Services
/in General NewsCybersecurity researchers have discovered a critical vulnerability, dubbed “Linguistic Lumberjack,” in the popular logging and metrics utility Fluent Bit that could allow for denial-of-service (DoS), information disclosure, or remote code execution.
Cyware News – Latest Cyber News – Read More
OmniVision Says Personal Information Stolen in Ransomware Attack
/in General NewsSemiconductor giant OmniVision Technologies says personal information was stolen in a September 2023 ransomware attack.
The post OmniVision Says Personal Information Stolen in Ransomware Attack appeared first on SecurityWeek.
SecurityWeek – Read More
The Mystery of the Targeted Ad and the Library Patron
/in General NewsAn attorney discovered that the mobile ads she saw were reflecting her recent library audiobook borrowing habits, raising concerns about the privacy of library patron data and the potential for targeted advertising based on that information.
Cyware News – Latest Cyber News – Read More
Cybercriminals Shift Tactics to Pressure More Victims Into Paying Ransoms
/in General NewsCybercriminals’ new tactics led to a 64% increase in ransomware claims in 2023, driven by a 415% rise in “indirect” incidents and remote access vulnerabilities, pressuring more victims to pay ransoms, according to At-Bay.
Cyware News – Latest Cyber News – Read More