BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
[wp-rss-aggregator feeds="kitploit" limit="10" pagination="off"]
Exploit DB
[wp-rss-aggregator feeds="exploit-db" limit="10" pagination="off"]
Latest news and insights on Security
Chinese APT ‘Earth Krahang’ Compromises 48 Gov’t Orgs on 5 Continents
/in General NewsThe group uses pretty standard open source tooling and social engineering to burrow into high-level government agencies across the globe.
darkreading – Read More
North Korea-Linked Group Levels Multistage Cyberattack on South Korea
/in General NewsKimsuky-attributed campaign uses eight steps to compromise systems — from initial execution to downloading additional code from Dropbox, and executing code to establish stealth and persistence.
darkreading – Read More
ML Model Repositories: The Next Big Supply Chain Attack Target
/in General NewsMachine-learning model platforms like Hugging Face are suspectible to the same kind of attacks that threat actors have executed successfully for years via npm, PyPI, and other open source repos.
darkreading – Read More
Fujitsu Scrambles After Malware Attack: Customer Data Potentially Breached
/in General NewsBy Deeba Ahmed
While Fujitsu did not disclose in-depth details, the company confirmed investigating a cyberattack that may have led to a data breach.
This is a post from HackRead.com Read the original post: Fujitsu Scrambles After Malware Attack: Customer Data Potentially Breached
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
New AcidRain Linux Malware Variant “AcidPour” Found Targeting Ukraine
/in General NewsBy Waqas
Another day, another malware threat emerges in a country already at war.
This is a post from HackRead.com Read the original post: New AcidRain Linux Malware Variant “AcidPour” Found Targeting Ukraine
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
New DEEP#GOSU Malware Campaign Targets Windows Users with Advanced Tactics
/in General NewsA new elaborate attack campaign has been observed employing PowerShell and VBScript malware to infect Windows systems and harvest sensitive information.
Cybersecurity company Securonix, which dubbed the campaign DEEP#GOSU, said it’s likely associated with the North Korean state-sponsored group tracked as Kimsuky.
“The malware payloads used in the DEEP#GOSU represent a
The Hacker News – Read More
Fujitsu Found Malware on IT Systems, Confirms Data Breach
/in General NewsAn announcement published late last week on the firm’s news portal discloses a major cybersecurity incident that has compromised systems and data, including sensitive information of customers.
Cyware News – Latest Cyber News – Read More
UK: NCSC Releases Cloud SCADA Security Guidance
/in General NewsThe NCSC released guidance for operational technology (OT) organizations on migrating their SCADA systems to the cloud. This guidance aims to help organizations assess the benefits and risks of cloud-hosted SCADA to make informed decisions.
Cyware News – Latest Cyber News – Read More
Evasive Azorult Campaign Delivers Malicious Payload Through Google Sites
/in General NewsThis campaign is noteworthy as it uses an unorthodox HTML smuggling technique where the malicious payload is embedded in a separate JSON file hosted on an external website.
Cyware News – Latest Cyber News – Read More
New Acoustic Side-Channel Attack Determines Keystrokes From Typing Patterns
/in General NewsResearchers have demonstrated a new acoustic side-channel attack on keyboards that can deduce user input based on their typing patterns, even in poor conditions, such as environments with noise.
Cyware News – Latest Cyber News – Read More