BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Cisco Warns of Backdoor Admin Account in Smart Licensing Utility
/in General NewsCisco has issued a warning about a backdoor admin account discovered in the Cisco Smart Licensing Utility (CSLU), allowing unauthorized access to unpatched systems. This critical flaw (CVE-2024-20439) enables remote access with admin privileges.
Cyware News – Latest Cyber News – Read More
EUCLEAK Attack Allows Yubico Security Keys to be Cloned
/in General NewsDespite this, the risk is limited as attackers would need physical access to the device, specific knowledge of targeted accounts, and specialized equipment for the attack.
Cyware News – Latest Cyber News – Read More
The AI Wild West: Unraveling the Security and Privacy Risks of GenAI Apps
/in General NewsGenAI users are uploading data to over eight apps every month – what are the security and privacy concerns?
The post The AI Wild West: Unraveling the Security and Privacy Risks of GenAI Apps appeared first on SecurityWeek.
SecurityWeek – Read More
U.S. Seizes 32 Pro-Russian Propaganda Domains in Major Disinformation Crackdown
/in General NewsThe U.S. Department of Justice (DoJ) on Wednesday announced the seizure of 32 internet domains used by a pro-Russian propaganda operation called Doppelganger as part of a sweeping set of actions.
Accusing the Russian government-directed foreign malign influence campaign of violating U.S. money laundering and criminal trademark laws, the agency called out companies Social Design Agency (SDA),
The Hacker News – Read More
Google Fixed Actively Exploited Android Privilege Escalation Flaw (CVE-2024-32896)
/in General NewsGoogle has patched a high-severity vulnerability, known as CVE-2024-32896, in its Android OS actively exploited in the wild. The issue involves a privilege escalation in the Android Framework component.
Cyware News – Latest Cyber News – Read More
CISA Warns of Three Actively Exploited Vulnerabilities That Demand Immediate Attention
/in General NewsTwo vulnerabilities, CVE-2021-20123 and CVE-2021-20124, pose serious risks for Draytek VigorConnect routers, potentially leading to unauthorized access to sensitive files. Another vulnerability, CVE-2024-7262, affects Kingsoft WPS Office.
Cyware News – Latest Cyber News – Read More
RomCom Group’s Underground Ransomware Exploits Microsoft Zero-Day Flaw
/in General NewsA new ransomware variant named Underground, linked to the Russia-based RomCom group, encrypts files on victims’ Windows machines and demands a ransom for decryption. It has been active since July 2023.
Cyware News – Latest Cyber News – Read More
Abusix Launches Guardian: Cutting-Edge Security Platform for Email and Network Providers
/in General NewsBoston, MA, 5th September 2024, CyberNewsWire
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Revival Hijack Attack Puts 22,000 PyPI Packages at Risk of Hijack
/in General NewsThis method could potentially lead to numerous malicious package downloads. The attack involves hijacking popular projects by registering new projects under the names of removed packages on PyPI.
Cyware News – Latest Cyber News – Read More
Acuvity Raises $9 Million Seed Funding for Gen-AI Governance and In-house Development
/in General NewsActivity emerged from stealth with $9 million seed funding to provide solutions for enterprises to safely adopt GenAI.
The post Acuvity Raises $9 Million Seed Funding for Gen-AI Governance and In-house Development appeared first on SecurityWeek.
SecurityWeek – Read More