BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
[wp-rss-aggregator feeds="kitploit" limit="10" pagination="off"]
Exploit DB
[wp-rss-aggregator feeds="exploit-db" limit="10" pagination="off"]
Latest news and insights on Security
New TunnelVision Attack Allows Hijacking of VPN Traffic via DHCP Manipulation
/in General NewsResearchers have detailed a Virtual Private Network (VPN) bypass technique dubbed TunnelVision that allows threat actors to snoop on victim’s network traffic by just being on the same local network.
The “decloaking” method has been assigned the CVE identifier CVE-2024-3661 (CVSS score: 7.6). It impacts all operating systems that implement a DHCP client and has
The Hacker News – Read More
Vast Network of Fake Web Shops Defrauds 850,000 & Counting
/in General NewsChina-based cybercriminal group “BogusBazaar” created tens of thousands of fraudulent online stores based on expired domains to steal payment credentials.
darkreading – Read More
Dell Says Customer Names, Addresses Stolen in Database Breach
/in General NewsTech giant notifies millions of customers that full names and physical mailing addresses were stolen during a security incident.
The post Dell Says Customer Names, Addresses Stolen in Database Breach appeared first on SecurityWeek.
SecurityWeek – Read More
Kremlin-Backed APT28 Targets Polish Institutions in Large-Scale Malware Campaign
/in General NewsPolish government institutions have been targeted as part of a large-scale malware campaign orchestrated by a Russia-linked nation-state actor called APT28.
“The campaign sent emails with content intended to arouse the recipient’s interest and persuade him to click on the link,” the computer emergency response team, CERT Polska, said in a Wednesday bulletin.
Clicking on the link
The Hacker News – Read More
Update: Boeing Confirms Attempted $200 Million Ransomware Extortion Attempt
/in General NewsBoeing confirmed to CyberScoop that it is the unnamed multinational aeronautical and defense corporation referenced in an indictment unsealed Tuesday by the U.S. Department of Justice.
Cyware News – Latest Cyber News – Read More
How Workforce Reductions Affect Cybersecurity Postures
/in General NewsThe Cobalt State of Pentesting Report highlights the challenges faced by the cybersecurity industry in balancing the use of AI and protecting against it, amidst significant workforce reductions and resource constraints.
Cyware News – Latest Cyber News – Read More
Poland Says it was Targeted by Russian Military Intelligence Hackers
/in General NewsPoland’s CERT-PL said on Wednesday that it had observed a large-scale malware campaign, likely carried out by the hacker group APT28, also known as Fancy Bear, associated with Russia’s military intelligence agency, the GRU.
Cyware News – Latest Cyber News – Read More
Generative AI is a Looming Cybersecurity Threat
/in General NewsResearchers have not identified any AI-engineered cyberattack campaigns, yet, but they say it’s only a matter of time before an AI system is dominant enough in the market to draw attention.
Cyware News – Latest Cyber News – Read More
With Nation-State Threats in Mind, Nearly 70 Software Firms Agree to Secure by Design Pledge
/in General NewsThe CISA announced the first round of commitments at the RSA Conference on Wednesday, with Director Jen Easterly warning that it was necessary because of widespread hacking campaigns by nation-states like China.
Cyware News – Latest Cyber News – Read More
Criminal Use of AI Growing, But Lags Behind Defenders
/in General NewsWhen not scamming other criminals, criminals are concentrating on the use of mainstream AI products rather than developing their own AI systems.
The post Criminal Use of AI Growing, But Lags Behind Defenders appeared first on SecurityWeek.
SecurityWeek – Read More