BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
[wp-rss-aggregator feeds="kitploit" limit="10" pagination="off"]
Exploit DB
[wp-rss-aggregator feeds="exploit-db" limit="10" pagination="off"]
Latest news and insights on Security
MSFT-CrowdStrike ‘Rosetta Stone’ for Naming APTs: Meh?
/in General NewsMicrosoft and CrowdStrike announced an effort to deconflict the overlapping names of threat groups and reduce confusion for companies, but we’ve been here before.
darkreading – Read More
86 million A&T customer records reportedly up for sale on the dark web
/in General NewsThe leaked data contains names, dates of birth, phone numbers, email addresses, street addresses, and social security numbers.
Latest stories for ZDNET in Security – Read More
Kettering Health confirms attack by Interlock ransomware group as health record system is restored
/in General NewsThe Ohio-based Kettering Health system said a recent cyberattack was by the Interlock ransomware gang, which had claimed to steal troves of data from the organization.
The Record from Recorded Future News – Read More
MIND Raises $30 Million for Data Loss Prevention
/in General NewsData security firm MIND has raised $30 million in Series A funding to expand its R&D and go-to-market teams.
The post MIND Raises $30 Million for Data Loss Prevention appeared first on SecurityWeek.
SecurityWeek – Read More
Inside the Mind of the Adversary: Why More Security Leaders Are Selecting AEV
/in General NewsCybersecurity involves both playing the good guy and the bad guy. Diving deep into advanced technologies and yet also going rogue in the Dark Web. Defining technical policies and also profiling attacker behavior. Security teams cannot be focused on just ticking boxes, they need to inhabit the attacker’s mindset.
This is where AEV comes in.
AEV (Adversarial Exposure Validation) is an advanced
The Hacker News – Read More
Destructive ‘PathWiper’ Targeting Ukraine’s Critical Infrastructure
/in General NewsA Russia-linked threat actor has used the destructive malware dubbed PathWiper against a critical infrastructure organization in Ukraine.
The post Destructive ‘PathWiper’ Targeting Ukraine’s Critical Infrastructure appeared first on SecurityWeek.
SecurityWeek – Read More
Cisco Patches Critical ISE Vulnerability With Public PoC
/in General NewsCisco has released patches for a critical vulnerability impacting cloud deployments of Identity Services Engine (ISE).
The post Cisco Patches Critical ISE Vulnerability With Public PoC appeared first on SecurityWeek.
SecurityWeek – Read More
US Offering $10 Million Reward for RedLine Malware Developer
/in General NewsA reward is being offered for Maxim Alexandrovich Rudometov, who is accused of developing and managing the RedLine malware.
The post US Offering $10 Million Reward for RedLine Malware Developer appeared first on SecurityWeek.
SecurityWeek – Read More
New PathWiper Data Wiper Malware Disrupts Ukrainian Critical Infrastructure in 2025 Attack
/in General NewsA critical infrastructure entity within Ukraine was targeted by a previously unseen data wiper malware named PathWiper, according to new findings from Cisco Talos.
“The attack was instrumented via a legitimate endpoint administration framework, indicating that the attackers likely had access to the administrative console, that was then used to issue malicious commands and deploy PathWiper across
The Hacker News – Read More
HPE Patches Critical Vulnerability in StoreOnce
/in General NewsAn HPE StoreOnce vulnerability allows attackers to bypass authentication, potentially leading to remote code execution.
The post HPE Patches Critical Vulnerability in StoreOnce appeared first on SecurityWeek.
SecurityWeek – Read More