BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
[wp-rss-aggregator feeds="kitploit" limit="10" pagination="off"]
Exploit DB
[wp-rss-aggregator feeds="exploit-db" limit="10" pagination="off"]
Latest news and insights on Security
Why a Native-First Approach Is Key to Cloud Security
/in General NewsA native-first approach delivers better protections and a more efficient use of resources than best-of-breed solutions, benefiting cloud service providers and end-user customers alike.
darkreading – Read More
GenAI: A New Headache for SaaS Security Teams
/in General NewsThe introduction of Open AI’s ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS vendors are now rushing to upgrade tools with enhanced productivity capabilities that are driven by generative AI.
Among a wide range of uses, GenAI tools make it easier for developers to build software, assist sales teams in mundane email writing,
The Hacker News – Read More
Chrome 124, Firefox 125 Patch High-Severity Vulnerabilities
/in General NewsChrome and Firefox security updates resolve over 35 vulnerabilities, including a dozen high-severity bugs.
The post Chrome 124, Firefox 125 Patch High-Severity Vulnerabilities appeared first on SecurityWeek.
SecurityWeek – Read More
Recent OT and Espionage Attacks Linked to Russia’s Sandworm, Now Named APT44
/in General NewsMandiant summarizes some of the latest operations of Russia’s notorious Sandworm group, which it now tracks as APT44.
The post Recent OT and Espionage Attacks Linked to Russia’s Sandworm, Now Named APT44 appeared first on SecurityWeek.
SecurityWeek – Read More
T-Mobile, Verizon Workers Get Texts Offering $300 for SIM Swaps
/in General NewsAccording to many reports, this is part of a campaign targeted at current and former mobile carrier workers who could have access to the systems required to perform a SIM swap.
Cyware News – Latest Cyber News – Read More
Hackers Exploit Fortinet Flaw, Deploy ScreenConnect, Metasploit in New Campaign
/in General NewsCybersecurity researchers have discovered a new campaign that’s exploiting a recently disclosed security flaw in Fortinet FortiClient EMS devices to deliver ScreenConnect and Metasploit Powerfun payloads.
The activity entails the exploitation of CVE-2023-48788 (CVSS score: 9.3), a critical SQL injection flaw that could permit an unauthenticated attacker to execute unauthorized code or
The Hacker News – Read More
Several GTKWave Vulnerabilities Fixed in Debian
/in General NewsRecently, the Debian security team fixed several issues in GTKWave, an open-source waveform viewer for VCD files. These vulnerabilities, if exploited, could result in the execution of arbitrary code, posing a significant risk to users.
Cyware News – Latest Cyber News – Read More
Critical Atlassian Flaw Exploited to Deploy Linux Variant of Cerber Ransomware
/in General NewsThreat actors are exploiting unpatched Atlassian servers to deploy a Linux variant of Cerber (aka C3RB3R) ransomware.
The attacks leverage CVE-2023-22518 (CVSS score: 9.1), a critical security vulnerability impacting the Atlassian Confluence Data Center and Server that allows an unauthenticated attacker to reset Confluence and create an administrator account.
Armed with this access, a
The Hacker News – Read More
Oracle Patches 230 Vulnerabilities With April 2024 CPU
/in General NewsOracle releases 441 new security patches to address 230 vulnerabilities as part of its April 2024 Critical Patch Update.
The post Oracle Patches 230 Vulnerabilities With April 2024 CPU appeared first on SecurityWeek.
SecurityWeek – Read More
Exploitation of Palo Alto Firewall Vulnerability Picking Up After PoC Release
/in General NewsPalo Alto Networks firewall vulnerability CVE-2024-3400 increasingly exploited after PoC code has been released.
The post Exploitation of Palo Alto Firewall Vulnerability Picking Up After PoC Release appeared first on SecurityWeek.
SecurityWeek – Read More