BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
[wp-rss-aggregator feeds="kitploit" limit="10" pagination="off"]
Exploit DB
[wp-rss-aggregator feeds="exploit-db" limit="10" pagination="off"]
Latest news and insights on Security
Roundcube Webmail Flaws Allow Hackers to Steal Emails and Passwords
/in General NewsCybersecurity researchers have disclosed details of security flaws in the Roundcube webmail software that could be exploited to execute malicious JavaScript in a victim’s web browser and steal sensitive information from their account under specific circumstances.
“When a victim views a malicious email in Roundcube sent by an attacker, the attacker can execute arbitrary JavaScript in the victim’s
The Hacker News – Read More
Researcher Sounds Alarm on Windows Update Flaws Allowing Undetectable Downgrade Attacks
/in General NewsResearcher showcases hack against Microsoft Windows Update architecture, turning fixed vulnerabilities into zero-days.
The post Researcher Sounds Alarm on Windows Update Flaws Allowing Undetectable Downgrade Attacks appeared first on SecurityWeek.
SecurityWeek – Read More
Implement MFA or Risk Non-Compliance With GDPR
/in General NewsThe UK Information Commissioner’s Office announced its intention to fine Advanced Computer Software Group £6.09 million.
The post Implement MFA or Risk Non-Compliance With GDPR appeared first on SecurityWeek.
SecurityWeek – Read More
Federal Watchdog Urges EPA to Develop Comprehensive Cyber Strategy to Protect Water Systems
/in General NewsThe U.S. Government Accountability Office is urging the Environmental Protection Agency (EPA) to develop a comprehensive strategy to protect the nation’s drinking and wastewater systems from cyber threats.
Cyware News – Latest Cyber News – Read More
New Linux Kernel Exploit Technique ‘SLUBStick’ Discovered by Researchers
/in General NewsCybersecurity researchers have shed light on a novel Linux kernel exploitation technique dubbed SLUBStick that could be exploited to elevate a limited heap vulnerability to an arbitrary memory read-and-write primitive.
“Initially, it exploits a timing side-channel of the allocator to perform a cross-cache attack reliably,” a group of academics from the Graz University of Technology said [PDF]. ”
The Hacker News – Read More
NHS Software Supplier Advanced Faces $7.6 Million Fine Over Ransomware Attack Failings
/in General NewsNHS software supplier Advanced faces a hefty fine of over £6 million (~$7.6 Million) for failing to protect personal information during a ransomware attack that impacted the National Health Service in the UK.
Cyware News – Latest Cyber News – Read More
Phishing Attacks Can Bypass Microsoft 365 Email Safety Warnings
/in General NewsA vulnerability in Microsoft 365’s anti-phishing measures allows malicious actors to deceive users into opening harmful emails by…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Black Hat Roundup 2024: What to Expect From This Week’s Security Events
/in General NewsDiscover the latest cybersecurity trends and techniques in this year’s Black Hat and DEF CON roundup.
Security | TechRepublic – Read More
The API Security Crisis: Why Your Company Could Be Next
/in General NewsYou’re only as strong as your weakest security link.
darkreading – Read More
Scamnetic Emerges From Stealth With AI-Based Scam Detection Solution
/in General NewsScamnetic emerges from stealth mode with an AI-based scam detection solution and over $1 million in pre-seed funding.
The post Scamnetic Emerges From Stealth With AI-Based Scam Detection Solution appeared first on SecurityWeek.
SecurityWeek – Read More