BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Smokeloader Users Identified and Arrested in Operation Endgame
/in General NewsAuthorities arrest 5 Smokeloader botnet customers after Operation Endgame; evidence from seized data links customers to malware, ransomware, and more.
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Incomplete Patch in NVIDIA Toolkit Leaves CVE-2024-0132 Open to Container Escapes
/in General NewsCybersecurity researchers have detailed a case of an incomplete patch for a previously addressed security flaw impacting the NVIDIA Container Toolkit that, if successfully exploited, could put sensitive data at risk.
The original vulnerability CVE-2024-0132 (CVSS score: 9.0) is a Time-of-Check Time-of-Use (TOCTOU) vulnerability that could lead to a container escape attack and allow for
The Hacker News – Read More
Trump Revokes Security Clearance for Ex-CISA Director Chris Krebs
/in General NewsTrump orders a termination of any active security clearances held by Krebs and a suspension of clearances held by individuals at SentinelOne.
The post Trump Revokes Security Clearance for Ex-CISA Director Chris Krebs appeared first on SecurityWeek.
SecurityWeek – Read More
Trump orders federal investigation into former CISA director Chris Krebs
/in General NewsTrump fired Krebs by tweet in 2020 after he publicly debunked Trump’s false claims of election fraud.
Security News | TechCrunch – Read More
Juniper Networks Patches Dozens of Junos Vulnerabilities
/in General NewsJuniper Networks has patched two dozen vulnerabilities in Junos OS and Junos OS Evolved, and dozens of flaws in Junos Space third-party dependencies.
The post Juniper Networks Patches Dozens of Junos Vulnerabilities appeared first on SecurityWeek.
SecurityWeek – Read More
Why Data Privacy Isn’t the Same as Data Security
/in General NewsFailing to distinguish between data privacy and data security leaves businesses vulnerable to regulatory scrutiny and the kinds of breaches that erode consumer trust overnight.
darkreading – Read More
Why security stacks need to think like an attacker, and score every user in real time
/in General NewsSophisticated attacks must be tracked and contained in a business’s core security infrastructure, managed from its SOC.Read More
Security News | VentureBeat – Read More
Threat Actors Use ‘Spam Bombing’ Technique to Hide Malicious Motives
/in General NewsDarktrace researchers detailed “spam bombing,” a technique in which threat actors bombard targets with spam emails as a pretense for activity like social engineering campaigns.
darkreading – Read More
Study Identifies 20 Most Vulnerable Connected Devices of 2025
/in General NewsRouters are the riskiest devices in enterprise networks as they contain the most critical vulnerabilities, a new Forescout report shows.
The post Study Identifies 20 Most Vulnerable Connected Devices of 2025 appeared first on SecurityWeek.
SecurityWeek – Read More
PlayPraetor Reloaded: CTM360 Uncovers a Play Masquerading Party
/in General NewsOverview of the PlayPraetor Masquerading Party Variants
CTM360 has now identified a much larger extent of the ongoing Play Praetor campaign. What started with 6000+ URLs of a very specific banking attack has now grown to 16,000+ with multiple variants. This research is ongoing, and much more is expected to be discovered in the coming days.
As before, all the newly discovered play
The Hacker News – Read More