BackBox News

Latest news and insights on Security

Newly ID’ed Chinese APT Hides Backdoor in Software Updates

Newly ID’ed Chinese APT Hides Backdoor in Software Updates

/in

The threat actor went more than half a decade before being discovered — thanks to a remarkable backdoor delivered in invisible adversary-in-the-middle attacks.

darkreading – ​Read More

Microsoft Shares New Guidance in Wake of ‘Midnight Blizzard’ Cyberattack

Microsoft Shares New Guidance in Wake of ‘Midnight Blizzard’ Cyberattack

/in

Threat actors created and abused OAuth apps to access Microsoft’s corporate email environment and remain there for weeks.

darkreading – ​Read More

Series of Cyberattacks Hit Ukrainian Critical Infrastructure Organizations

Series of Cyberattacks Hit Ukrainian Critical Infrastructure Organizations

/in

It’s unclear if the attacks — which hit oil and gas, postal service, transport safety, and railway organizations in the nation — were related.

darkreading – ​Read More

iPhone Apps Abuse iOS Push Notifications to Collect User Data

/in

Many apps abuse the background processing feature to transmit device data to their servers, potentially enabling fingerprinting and persistent tracking, which is strictly prohibited in iOS.

Cyware News – Latest Cyber News – ​Read More

Microsoft Warns of Widening APT29 Espionage Attacks Targeting Global Firms

/in

The threat actor, known as APT29 or BlueBravo, uses diverse methods including compromised accounts, OAuth applications, and password spraying to gain and maintain access, making traditional indicators of compromise-based detection ineffective.

Cyware News – Latest Cyber News – ​Read More

Update: Hackers Stole Raw Genotype Data, Health Reports in 23andMe Data Breach

/in

The stolen data includes raw genotype data, health reports, and information from DNA Relatives and Family Tree profiles, potentially exposing personal and ancestral information of affected customers.

Cyware News – Latest Cyber News – ​Read More

ICS Ransomware Danger Rages Despite Fewer Attacks

ICS Ransomware Danger Rages Despite Fewer Attacks

/in

Refined tactics, increased collaboration between groups, and continued success exploiting zero-days is helping ICS ransomware attackers inflict more damage, researchers find.

darkreading – ​Read More

Pegasus Spyware Targets Togolese Journalists’ Mobile Devices

Pegasus Spyware Targets Togolese Journalists’ Mobile Devices

/in

An investigation into 2021 intrusions uncovered multiple infections on the phones of journalists in the African country.

darkreading – ​Read More

CISO Corner: Deep Dive Into SecOps, Insurance, & CISOs’ Evolving Role

CISO Corner: Deep Dive Into SecOps, Insurance, & CISOs’ Evolving Role

/in

Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps.

darkreading – ​Read More

Redefining Cybersecurity for a Comprehensive Security Posture

Redefining Cybersecurity for a Comprehensive Security Posture

/in

The integration of different disciplines of cybersecurity and fraud management is a necessary evolution in the face of increasingly sophisticated digital threats.

darkreading – ​Read More

Company Blogs

Hacking Tools

[wp-rss-aggregator feeds="kitploit" limit="10" pagination="off"]

Exploit DB

[wp-rss-aggregator feeds="exploit-db" limit="10" pagination="off"]

BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.

Click me

Make a Donation