BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
[wp-rss-aggregator feeds="kitploit" limit="10" pagination="off"]
Exploit DB
[wp-rss-aggregator feeds="exploit-db" limit="10" pagination="off"]
Latest news and insights on Security
The ZTNA Blind Spot: Why Unmanaged Devices Threaten Your Hybrid Workforce
/in General NewsIt’s time for enterprises to stop treating unmanaged devices as an edge case and start securing them as part of a unified Zero Trust strategy.
The post The ZTNA Blind Spot: Why Unmanaged Devices Threaten Your Hybrid Workforce appeared first on SecurityWeek.
SecurityWeek – Read More
ConnectWise to Rotate ScreenConnect Code Signing Certificates Due to Security Risks
/in General NewsConnectWise has disclosed that it’s planning to rotate the digital code signing certificates used to sign ScreenConnect, ConnectWise Automate, and ConnectWise remote monitoring and management (RMM) executables due to security concerns.
The company said it’s doing so “due to concerns raised by a third-party researcher about how ScreenConnect handled certain configuration data in earlier versions.
The Hacker News – Read More
Palo Alto Networks Patches Privilege Escalation Vulnerabilities
/in General NewsPalo Alto Networks has released patches for seven vulnerabilities and incorporated the latest Chrome fixes in its products.
The post Palo Alto Networks Patches Privilege Escalation Vulnerabilities appeared first on SecurityWeek.
SecurityWeek – Read More
Interpol Targets Infostealers: 20,000 IPs Taken Down, 32 Arrested, 216,000 Victims Notified
/in General NewsInterpol has announced a crackdown on infostealer malware in Asia as part of an effort called Operation Secure.
The post Interpol Targets Infostealers: 20,000 IPs Taken Down, 32 Arrested, 216,000 Victims Notified appeared first on SecurityWeek.
SecurityWeek – Read More
Over 80,000 Microsoft Entra ID Accounts Targeted Using Open-Source TeamFiltration Tool
/in General NewsCybersecurity researchers have uncovered a new account takeover (ATO) campaign that leverages an open-source penetration testing framework called TeamFiltration to breach Microsoft Entra ID (formerly Azure Active Directory) user accounts.
The activity, codenamed UNK_SneakyStrike by Proofpoint, has affected over 80,000 targeted user accounts across hundreds of organizations’ cloud tenants since a
The Hacker News – Read More
With Retail Cyberattacks on the Rise, Customers Find Orders Blocked and Shelves Empty
/in General NewsBeyond potentially halting sales of physical goods, breaches can expose customers’ personal data to future phishing or fraud attempts.
The post With Retail Cyberattacks on the Rise, Customers Find Orders Blocked and Shelves Empty appeared first on SecurityWeek.
SecurityWeek – Read More
Infostealer Ring Bust-up Takes Down 20,000 Malicious IPs
/in General NewsInterpol’s Operation Secure arrested more than 30 suspects across Vietnam, Sri Lanka, and Nauru, and seized 117 command-and-control servers allegedly used to run widespread phishing, business email compromise, and other cyber scams.
darkreading – Read More
ConnectWise to Rotate Code-Signing Certificates
/in General NewsThe move is unrelated to a recent nation-state attack the vendor endured but stems from a report by a third-party researcher.
darkreading – Read More
Infostealer Ring Bust-up Takes Down 20,000 Malicious IPs
/in General NewsInterpol’s Operation Secure arrested more than 20 suspects across Vietnam, Sri Lanka, and Naru, and seized 117 command-and-control servers allegedly used to run widespread phishing, business email compromise, and other cyber scams.
darkreading – Read More
CISA Warns of Remote Control Flaws in SinoTrack GPS Trackers
/in General NewsThe US CISA reports critical vulnerabilities in SinoTrack GPS devices that could let attackers remotely control vehicles and track locations. Discover the vulnerabilities and essential steps to secure your device.
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More