BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Innovative Approach Promises Faster Bug Fixes
/in General NewsBirgit Hofer and Thomas Hirsch from TU Graz have developed a new approach to speed up software bug fixes. By identifying bottlenecks in fault localization, they created a scalable solution using NLP and metrics to analyze code for faults.
Cyware News – Latest Cyber News – Read More
DigiCert Mass-Revoking TLS Certificates Due to Domain Validation Bug
/in General NewsDigiCert discovered a bug in how domain ownership was verified, leading to the mass revocation of SSL/TLS certificates. Approximately 0.4% of domain validations conducted between August 2019 and June 2024 are affected.
Cyware News – Latest Cyber News – Read More
Over 1 Million Domains at Risk of ‘Sitting Ducks’ Domain Hijacking Technique
/in General NewsOver a million domains are susceptible to takeover by malicious actors by means of what has been called a Sitting Ducks attack.
The powerful attack vector, which exploits weaknesses in the domain name system (DNS), is being exploited by over a dozen Russian-nexus cybercriminal actors to stealthily hijack domains, a joint analysis published by Infoblox and Eclypsium has revealed.
“In a Sitting
The Hacker News – Read More
Researchers Uncover Largest Ever Ransomware Payment of $75m
/in General NewsSecurity researchers have uncovered the largest ransomware payment ever recorded, amounting to $75m, which was made to the Dark Angels group. This finding was revealed in Zscaler’s ThreatLabz Ransom Report for 2024.
Cyware News – Latest Cyber News – Read More
He Was an FBI Informant—and Inspired a Generation of Violent Extremists
/in General NewsJoshua Caleb Sutter infiltrated far-right extremist organizations as a confidential FBI informant, all while promoting hateful ideologies that influenced some of the internet’s most violent groups.
Security Latest – Read More
US Senate Passes Landmark Bill Protecting Children’s Online Safety and Privacy
/in General NewsThe Kids Online Safety and Privacy Act (KOPSA) combines two bills to enhance protections for children under 17, prohibiting targeted advertising, requiring consent for data collection, and limiting exposure to harmful content.
Cyware News – Latest Cyber News – Read More
Hackers Distributing Malicious Python Packages via Popular Developer Q&A Platform
/in General NewsIn yet another sign that threat actors are always looking out for new ways to trick users into downloading malware, it has come to light that the question-and-answer (Q&A) platform known as Stack Exchange has been abused to direct unsuspecting developers to bogus Python packages capable of draining their cryptocurrency wallets.
“Upon installation, this code would execute automatically,
The Hacker News – Read More
Why geographical diversity is critical to build effective and safe AI tools
/in General NewsLeading AI players should invest in diversified partnerships to harness everything AI tools can offer.
Latest stories for ZDNET in Security – Read More
Insecure File-Sharing Practices in Healthcare Put Patient Privacy at Risk
/in General NewsHealthcare organizations are jeopardizing patient privacy due to insecure file-sharing practices, according to a report by Metomic. The study found that 25% of publicly shared files in healthcare contain Personally Identifiable Information (PII).
Cyware News – Latest Cyber News – Read More
Exploited Vulnerability Could Impact 20k Internet-Exposed VMware ESXi Instances
/in General NewsShadowserver has observed over 20,000 internet-accessible VMware ESXi instances impacted by an exploited vulnerability.
The post Exploited Vulnerability Could Impact 20k Internet-Exposed VMware ESXi Instances appeared first on SecurityWeek.
SecurityWeek – Read More