BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Critical GeoServer Vulnerability Exploited in Global Malware Campaign
/in General NewsA critical GeoServer vulnerability (CVE-2024-36401) is being actively exploited, allowing attackers to take control of systems for malware…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Tenable: 26,500 Cyber Vulnerabilities Risk SE Asia’s Banks
/in General NewsThe internet-facing assets were found to be susceptible to potential exploitation in a sample of 90 banking and financial services organisations.
Security | TechRepublic – Read More
Commercial Spyware Use Roars Back Despite Sanctions
/in General NewsVendors of mercenary spyware tools used by nation-states to track citizens and enemies have gotten savvy about evading efforts to limit their use.
darkreading – Read More
Feds Warn on Russian Actors Targeting Critical Infrastructure
/in General NewsIn the past, Putin’s Unit 29155 has utilized malware like WhisperGate to target organizations, particularly those in Ukraine.
darkreading – Read More
CISA Flags ICS Bugs in Baxter, Mitsubishi Products
/in General NewsThe vulnerabilities affect industrial control tech used across the healthcare and critical manufacturing sectors.
darkreading – Read More
AI Firm’s Misconfigured Server Exposed 5.3 TB of Mental Health Records
/in General NewsA misconfigured server from a US-based AI healthcare firm Confidant Health exposed 5.3 TB of sensitive mental health…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
SonicWall Urges Users to Patch Critical Firewall Flaw Amid Possible Exploitation
/in General NewsSonicWall has revealed that a recently patched critical security flaw impacting SonicOS may have come under active exploitation, making it essential that users apply the patches as soon as possible.
The vulnerability, tracked as CVE-2024-40766, carries a CVSS score of 9.3 out of a maximum of 10.
“An improper access control vulnerability has been identified in the SonicWall SonicOS management
The Hacker News – Read More
Cybersecurity Talent Shortage Prompts White House Action
/in General NewsThe Biden administration launches an initiative to encourage careers in cybersecurity, as businesses try new tactics to get unfilled IT security roles staffed.
darkreading – Read More
US Gov Removing Four-Year-Degree Requirements for Cyber Jobs
/in General NewsThe US government will remove “unnecessary degree requirements” in favor of skills-based hiring to help fill 500,000 open cybersecurity jobs.
The post US Gov Removing Four-Year-Degree Requirements for Cyber Jobs appeared first on SecurityWeek.
SecurityWeek – Read More
One million US Kaspersky customers to be migrated to this lesser-known alternative
/in General NewsKaspersky customers in the US can continue their existing subscriptions with a replacement product from the company’s ‘trusted partner’. Here’s what to know.
Latest stories for ZDNET in Security – Read More