BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
First Mobile Crypto Drainer Found on Google Play
/in General NewsThe malicious app, called WalletConnect, amassed over 10,000 downloads and stole around $70,000 in cryptocurrency from Android users before being removed from the Google Play Store.
Cyware News – Latest Cyber News – Read More
NIST Proposes Barring Some of the Most Nonsensical Password Rules
/in General NewsNIST is seeking public feedback on the draft guidelines, which can be submitted via email until October 7. The goal is to promote sensible password practices that enhance security without burdening users or compromising their online identity.
Cyware News – Latest Cyber News – Read More
Watering Hole Attack on Kurdish Sites Distributing Malicious APKs and Spyware
/in General NewsA watering hole attack targeted Kurdish websites, distributing malicious APKs and spyware, compromising 25 sites for over a year. French cybersecurity firm Sekoia uncovered the campaign called SilentSelfie, delivering various info-stealers.
Cyware News – Latest Cyber News – Read More
Meta Fined €91 Million for Storing Millions of Facebook and Instagram Passwords in Plaintext
/in General NewsThe Irish Data Protection Commission (DPC) has fined Meta €91 million ($101.56 million) as part of a probe into a security lapse in March 2019, when the company disclosed that it had mistakenly stored users’ passwords in plaintext in its systems.
The investigation, launched by the DPC the next month, found that the social media giant violated four different articles under the European Union’s
The Hacker News – Read More
California Governor Vetoes Bill to Create First-in-Nation AI Safety Measures
/in General NewsGavin Newsom vetoed a landmark bill SB 1047 aimed at establishing first-in-the-nation safety measures for large artificial intelligence models.
The post California Governor Vetoes Bill to Create First-in-Nation AI Safety Measures appeared first on SecurityWeek.
SecurityWeek – Read More
The US Could Finally Ban Inane Forced Password Changes
/in General NewsPlus: The US Justice Department indicts three Iranians over Trump campaign hack, EU regulators fine Meta $100 million for a password security lapse, and the Tor Project enters a new phase.
Security Latest – Read More
Crypto Scam App Disguised as WalletConnect Steals $70K in Five-Month Campaign
/in General NewsCybersecurity researchers have discovered a malicious Android app on the Google Play Store that enabled the threat actors behind it to steal approximately $70,000 in cryptocurrency from victims over a period of nearly five months.
The dodgy app, identified by Check Point, masqueraded as the legitimate WalletConnect open-source protocol to trick unsuspecting users into downloading it.
“Fake
The Hacker News – Read More
HPE Patches Three Critical Security Holes in Aruba PAPI
/in General NewsHPE has released patches for three critical security vulnerabilities in Aruba’s networking access points, which could allow attackers to run code on the systems by sending specially crafted packets to UDP port 8211.
Cyware News – Latest Cyber News – Read More
Critical RCE Vulnerability Found in OpenPLC
/in General NewsThe most severe issue is a stack-based buffer overflow vulnerability (CVE-2024-34026) that allows an attacker to execute remote code. Users are advised to update to the latest version of OpenPLC to protect against these security risks.
Cyware News – Latest Cyber News – Read More
Kia Dealer Portal Flaw Could Let Attackers Hack Millions of Cars
/in General NewsThe vulnerabilities could be exploited to remotely control Kia vehicles equipped with remote hardware in under 30 seconds, exposing the sensitive personal information of car owners.
Cyware News – Latest Cyber News – Read More