BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Arden Claims Service Reports Data Breach, 139,000 Affected
/in General NewsPersonal information for about 39,000 individuals was stolen in October 2023 from class action settlement administrator Arden Claims Service.
The post Arden Claims Service Reports Data Breach, 139,000 Affected appeared first on SecurityWeek.
SecurityWeek – Read More
Novel Phishing Method Used in Android and iOS Financial Fraud Campaigns
/in General NewsThis method was first disclosed by CSIRT KNF in Poland in July 2023 and later observed in Czechia by ESET analysts. Similar campaigns were also observed targeting banks in Hungary and Georgia.
Cyware News – Latest Cyber News – Read More
Don’t panic! It’s only 60 Linux CVE security bulletins a week
/in General NewsIn security circles, Common Vulnerabilities and Exposures security bulletins can be downright scary. In Linux, however, it’s just business as usual.
Latest stories for ZDNET in Security – Read More
Researcher Details Microsoft Outlook Zero-Click Vulnerability (CVE-2024-38021)
/in General NewsThe vulnerability stems from how Outlook handles hyperlink objects in image tags in emails, enabling attackers to exploit a composite moniker to trigger remote code execution.
Cyware News – Latest Cyber News – Read More
Microsoft Copilot Studio Vulnerability Led to Information Disclosure
/in General NewsA vulnerability in Microsoft Copilot Studio exposed information on internal services shared among tenants, potentially impacting multiple customers.
The post Microsoft Copilot Studio Vulnerability Led to Information Disclosure appeared first on SecurityWeek.
SecurityWeek – Read More
Google Play Bug Bounty Program Shutting Down
/in General NewsGoogle is shutting down its Google Play Security Reward Program (GPSRP) after determining that it has achieved its goal.
The post Google Play Bug Bounty Program Shutting Down appeared first on SecurityWeek.
SecurityWeek – Read More
TA453 Targets Religious Figure with Fake Podcast Invite Delivering New BlackSmith Malware Toolset
/in General NewsIran-linked TA453 targeted a religious figure with a fake podcast interview invitation, attempting to deliver the BlackSmith malware toolkit. The initial lure involved an email leading to a malicious link containing the AnvilEcho PowerShell trojan.
Cyware News – Latest Cyber News – Read More
Thousands of Apps Using AWS ALB Exposed to Attacks Due to Configuration Issue
/in General NewsAs many as 15,000 applications using AWS Application Load Balancer (ALB) could be exposed to ALBeast attacks.
The post Thousands of Apps Using AWS ALB Exposed to Attacks Due to Configuration Issue appeared first on SecurityWeek.
SecurityWeek – Read More
New macOS Malware TodoSwift Linked to North Korean Hacking Groups
/in General NewsCybersecurity researchers have uncovered a new macOS malware strain dubbed TodoSwift that they say exhibits commonalities with known malicious software used by North Korean hacking groups.
“This application shares several behaviors with malware we’ve seen that originated in North Korea (DPRK) — specifically the threat actor known as BlueNoroff — such as KANDYKORN and RustBucket,” Kandji security
The Hacker News – Read More
It’s Time To Untangle the SaaS Ball of Yarn
/in General NewsIt’s no great revelation to say that SaaS applications have changed the way we operate, both in our personal and professional lives. We routinely rely on cloud-based and remote applications to conduct our basic functions, with the result that the only true perimeter of our networks has become the identities with which we log into these services.
Unfortunately – as is so often the case – our
The Hacker News – Read More