BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
License Plate Readers Are Creating a US-Wide Database of Political Lawn Signs and Bumper Stickers
/in General NewsFrom Trump campaign signs to Planned Parenthood bumper stickers, license plate readers around the US are creating searchable databases that reveal Americans’ political leanings and more.
Security Latest – Read More
Cybersecurity Head Says There’s No Chance a Foreign Adversary Can Change US Election Results
/in General NewsCISA director Jen Easterly says there is no chance a foreign adversary can change the results of the upcoming US election.
The post Cybersecurity Head Says There’s No Chance a Foreign Adversary Can Change US Election Results appeared first on SecurityWeek.
SecurityWeek – Read More
Chrome, Firefox Updates Patch High-Severity Vulnerabilities
/in General NewsThe latest Chrome and Firefox security updates address multiple high-severity vulnerabilities affecting the popular web browsers.
The post Chrome, Firefox Updates Patch High-Severity Vulnerabilities appeared first on SecurityWeek.
SecurityWeek – Read More
New Vulnerabilities Expose Hundreds of Thousands of DrayTek Routers to Hacking
/in General NewsForescout has identified more than a dozen new vulnerabilities in DrayTek routers, exposing hundreds of thousands of devices to attacks.
The post New Vulnerabilities Expose Hundreds of Thousands of DrayTek Routers to Hacking appeared first on SecurityWeek.
SecurityWeek – Read More
Meta faces consequences for storing millions of passwords in plaintext
/in General NewsMeta has been fined $101 million by Ireland’s Data Protection Commission for storing hundreds of millions of user passwords in plaintext. We don’t really need to point the obvious, that storing passwords in plaintext is major violation of security best practices. Disclosed by Meta in 2019, it was then revealed that passwords for various Meta-owned platforms were logged in plaintext and stored…
Source
TechSplicer – Read More
LockBit Ransomware and Evil Corp Leaders Arrested and Sanctioned in Joint Global Effort
/in General NewsA new wave of international law enforcement actions has led to four arrests and the takedown of nine servers linked to the LockBit (aka Bitwise Spider) ransomware operation, marking the latest salvo against what was once a prolific financially motivated group.
This includes the arrest of a suspected LockBit developer in France while on holiday outside of Russia, two individuals in the U.K. who
The Hacker News – Read More
Ivanti Endpoint Manager Flaw Actively Targeted, CISA Warns Agencies to Patch
/in General NewsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a security flaw impacting Endpoint Manager (EPM) that the company patched in May to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The vulnerability, tracked as CVE-2024-29824, carries a CVSS score of 9.6 out of a maximum of 10.0, indicating critical severity.
“An
The Hacker News – Read More
China-Backed APT Group Culling Thai Government Data
/in General NewsCeranaKeeper is bombarding Southeast Asia with data exfiltration attacks via file-sharing services such as Pastebin, OneDrive, and GitHub, researchers say.
darkreading – Read More
NSA Releases 6 Principles of OT Cybersecurity
/in General NewsOrganizations can use this guide to make decisions for designing, implementing, and managing OT environments to ensure they are both safe and secure, as well as enable business continuity for critical services.
darkreading – Read More
4 Ways to Fight AI-Based Fraud
/in General NewsGenerative AI is being used to make cyberscams more believable. Here’s how organizations can counter that using newly emerging tools and reliable methods.
darkreading – Read More