BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Chinese APT Mustang Panda Debuts 4 New Attack Tools
/in General NewsThe notorious nation-state-backed threat actor has added two new keyloggers, a lateral movement tool, and an endpoint detection and response (EDR) evasion driver to its arsenal.
darkreading – Read More
Attackers and Defenders Lean on AI in Identity Fraud Battle
/in General NewsIdentity verification, insurance claims, and financial services are all seeing surges in AI-enabled fraud, but organizations are taking advantage of AI systems to fight fire with fire.
darkreading – Read More
The Shadow AI Surge: Study Finds 50% of Workers Use Unapproved AI Tools
/in General NewsWith unapproved AI tools entrenched in daily workflows, experts say it’s time to shift from monitoring to managing Shadow AI use across the enterprise.
The post The Shadow AI Surge: Study Finds 50% of Workers Use Unapproved AI Tools appeared first on SecurityWeek.
SecurityWeek – Read More
That Google email look real? Don’t click – it might be scam. Here’s how to tell
/in General NewsUntil Google rolls out a fix, you’ll have to be on the lookout for this particularly convincing phishing scam.
Latest stories for ZDNET in Security – Read More
Alleged SmokeLoader malware operator facing federal charges in Vermont
/in General NewsAn alleged operator of the SmokeLoader malware is now facing federal hacking charges in Vermont after accusations that he stole personal information on more than 65,000 people.
The Record from Recorded Future News – Read More
ICE Is Paying Palantir $30 Million to Build ‘ImmigrationOS’ Surveillance Platform
/in General NewsIn a document published Thursday, ICE explained the functions that it expects Palantir to include in a prototype of a new program to give the agency “near real-time” data about people self-deporting.
Security Latest – Read More
CISA Weighs In on Alleged Oracle Cloud Breach
/in General NewsThe agency is recommending that organizations and individuals implement its recommendations to prevent the misuse of stolen data, though Oracle has yet to publicly do the same for its customers.
darkreading – Read More
Chinese Smishing Kit Powers Widespread Toll Fraud Campaign Targeting U.S. Users in 8 States
/in General NewsCybersecurity researchers are warning of a “widespread and ongoing” SMS phishing campaign that’s been targeting toll road users in the United States for financial theft since mid-October 2024.
“The toll road smishing attacks are being carried out by multiple financially motivated threat actors using the smishing kit developed by ‘Wang Duo Yu,'” Cisco Talos researchers Azim Khodjibaev, Chetan
The Hacker News – Read More
New payment-card scam involves a phone call, some malware and a personal tap
/in General NewsA new payment card scam uses malware disguised as a security tool or verification utility to capture card details and access funds.
The Record from Recorded Future News – Read More
Think GeoGuessr is fun? Try using ChatGPT to guess locations in your photos
/in General NewsChatGPT can ‘read’ your photos for location clues – even without embedded GPS or EXIF data. Here’s why that could be a problem.
Latest stories for ZDNET in Security – Read More