BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
[wp-rss-aggregator feeds="kitploit" limit="10" pagination="off"]
Exploit DB
[wp-rss-aggregator feeds="exploit-db" limit="10" pagination="off"]
Latest news and insights on Security
CrushFTP Patches Exploited Zero-Day Vulnerability
/in General NewsCrushFTP patches a zero-day vulnerability allowing unauthenticated attackers to escape the VFS and retrieve system files.
The post CrushFTP Patches Exploited Zero-Day Vulnerability appeared first on SecurityWeek.
SecurityWeek – Read More
MITRE Corporation Breached by Nation-State Hackers Exploiting Ivanti Flaws
/in General NewsThe MITRE Corporation revealed that it was the target of a nation-state cyber attack that exploited two zero-day flaws in Ivanti Connect Secure appliances starting in January 2024.
The intrusion led to the compromise of its Networked Experimentation, Research, and Virtualization Environment (NERVE), an unclassified research and prototyping network.
The unknown adversary “performed reconnaissance
The Hacker News – Read More
Pentera’s 2024 Report Reveals Hundreds of Security Events per Week, Highlighting the Criticality of Continuous Validation
/in General NewsOver the past two years, a shocking 51% of organizations surveyed in a leading industry report have been compromised by a cyberattack. Yes, over half.
And this, in a world where enterprises deploy an average of 53 different security solutions to safeguard their digital domain.
Alarming? Absolutely.
A recent survey of CISOs and CIOs, commissioned by Pentera and
The Hacker News – Read More
UK Cyber Agency NCSC Announces Richard Horne as its Next Chief Executive
/in General NewsThe hire marks another coup for the British public sector in poaching talent from the technology industry, particularly at the executive level, following the recruitment of Ollie Whitehouse as the NCSC’s chief technology officer earlier this year.
Cyware News – Latest Cyber News – Read More
Malvertising: Fake Popular Software Ads Deliver New MadMxShell Backdoor
/in General NewsBy Deeba Ahmed
IT professionals are under attack! This article exposes a malicious malvertising campaign targeting IT teams with a novel backdoor named MadMxShell. Learn how attackers use typosquatting and DNS techniques to compromise systems.
This is a post from HackRead.com Read the original post: Malvertising: Fake Popular Software Ads Deliver New MadMxShell Backdoor
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Thousands of Palo Alto Firewalls Potentially Impacted by Exploited Vulnerability
/in General NewsShadowserver has identified roughly 6,000 internet-accessible Palo Alto Networks firewalls potentially vulnerable to CVE-2024-3400.
The post Thousands of Palo Alto Firewalls Potentially Impacted by Exploited Vulnerability appeared first on SecurityWeek.
SecurityWeek – Read More
Ukrainian Soldiers’ Apps Increasingly Targeted for Spying, Cyber Agency Warns
/in General NewsThe agency is attributing the surge to a group tracked as UAC-0184, which was spotted in February targeting an unnamed Ukrainian entity in Finland. CERT-UA does not attribute UAC-0184’s activity to any specific foreign cyber threat group.
Cyware News – Latest Cyber News – Read More
Deciphering the Economics of Software Development: An In-Depth Exploration
/in General NewsBy Uzair Amir
The depth of activities within software development ranges from ideation and design to coding, testing, and deployment. The…
This is a post from HackRead.com Read the original post: Deciphering the Economics of Software Development: An In-Depth Exploration
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Ransomware Double-Dip: Re-Victimization in Cyber Extortion
/in General NewsBetween crossovers – Do threat actors play dirty or desperate?
In our dataset of over 11,000 victim organizations that have experienced a Cyber Extortion / Ransomware attack, we noticed that some victims re-occur. Consequently, the question arises why we observe a re-victimization and whether or not this is an actual second attack, an affiliate crossover (meaning an affiliate has gone to
The Hacker News – Read More
Researchers Find Dozens of Fake E-Zpass Toll Websites After FBI Warning
/in General NewsResearchers from cybersecurity firm DomainTools told Recorded Future News that they have found nearly 30 newly created domains related to tolls, 15 of which have a “high chance of being weaponized for phishing, malware, or spam.”
Cyware News – Latest Cyber News – Read More