BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Critical GitLab Bug Under Exploit Enables Account Takeover, CISA Warns
/in General NewsPatch now: Cyberattackers are exploiting CVE-2023-7028 (CVSS 10) to take over and lock users out of GitLab accounts, steal source code, and more.
darkreading – Read More
How Are APAC Tech Salaries Faring in 2024?
/in General NewsThe year 2024 is bringing a return to stable tech salary growth in APAC, with AI and data jobs leading the way. This follows downward salary pressure in 2023, after steep increases in previous years.
Security | TechRepublic – Read More
North Korean Hackers Spoofing Journalist Emails to Spy on Experts
/in General NewsNorth Korean threat actors, specifically the Kimsuky group, are exploiting weakly configured DMARC protocols to spoof the email addresses of legitimate journalists, academics, and other experts in East Asian affairs.
Cyware News – Latest Cyber News – Read More
LayerX Raises $26 Million for Browser Security Platform
/in General NewsIsraeli startup LayerX Security banks $25 million in new financing as investors continue to pour money into secure web browsing technologies.
The post LayerX Raises $26 Million for Browser Security Platform appeared first on SecurityWeek.
SecurityWeek – Read More
US Says North Korean Hackers Exploiting Weak DMARC Settings
/in General NewsThe US government warns of a North Korean threat actor abusing weak email DMARC settings to hide spear-phishing attacks.
The post US Says North Korean Hackers Exploiting Weak DMARC Settings appeared first on SecurityWeek.
SecurityWeek – Read More
reNgine: Open-Source Automated Reconnaissance Framework for Web Applications
/in General NewsDeveloped to address limitations in existing tools, reNgine is beneficial for bug bounty hunters, penetration testers, and corporate security teams by automating and enhancing their information collection processes.
Cyware News – Latest Cyber News – Read More
DeepKeep Secures $10M in Seed Funding to Boost GenAI Protection Endeavors
/in General NewsFounded in 2021 by Rony Ohayon, DeepKeep specializes in AI-Native Trust, Risk, and Security Management (TRiSM). The platform caters to large corporations reliant on AI, GenAI, and LLM technologies for risk management and growth protection.
Cyware News – Latest Cyber News – Read More
Expert-Led Webinar – Uncovering Latest DDoS Tactics and Learn How to Fight Back
/in General NewsIn today’s rapidly evolving digital landscape, the threat of Distributed Denial of Service (DDoS) attacks looms more significant than ever. As these cyber threats grow in sophistication, understanding and countering them becomes crucial for any business seeking to protect its online presence.
To address this urgent need, we are thrilled to announce our upcoming webinar, “Uncovering Contemporary
The Hacker News – Read More
Hackers Increasingly Abusing Microsoft Graph API for Stealthy Malware Communications
/in General NewsThreat actors have been increasingly weaponizing Microsoft Graph API for malicious purposes with the aim of evading detection.
This is done to “facilitate communications with command-and-control (C&C) infrastructure hosted on Microsoft cloud services,” the Symantec Threat Hunter Team, part of Broadcom, said in a report shared with The Hacker News.
The Hacker News – Read More
Cybersecurity Consultant Arrested After Allegedly Extorting IT Firm
/in General NewsVincent Cannady, a former cybersecurity consultant, was arrested for allegedly extorting a publicly traded IT company by threatening to disclose confidential data unless they paid him $1.5 million.
Cyware News – Latest Cyber News – Read More