BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Google Play Bug Bounty Program Shutting Down
/in General NewsGoogle is shutting down its Google Play Security Reward Program (GPSRP) after determining that it has achieved its goal.
The post Google Play Bug Bounty Program Shutting Down appeared first on SecurityWeek.
SecurityWeek – Read More
TA453 Targets Religious Figure with Fake Podcast Invite Delivering New BlackSmith Malware Toolset
/in General NewsIran-linked TA453 targeted a religious figure with a fake podcast interview invitation, attempting to deliver the BlackSmith malware toolkit. The initial lure involved an email leading to a malicious link containing the AnvilEcho PowerShell trojan.
Cyware News – Latest Cyber News – Read More
Thousands of Apps Using AWS ALB Exposed to Attacks Due to Configuration Issue
/in General NewsAs many as 15,000 applications using AWS Application Load Balancer (ALB) could be exposed to ALBeast attacks.
The post Thousands of Apps Using AWS ALB Exposed to Attacks Due to Configuration Issue appeared first on SecurityWeek.
SecurityWeek – Read More
New macOS Malware TodoSwift Linked to North Korean Hacking Groups
/in General NewsCybersecurity researchers have uncovered a new macOS malware strain dubbed TodoSwift that they say exhibits commonalities with known malicious software used by North Korean hacking groups.
“This application shares several behaviors with malware we’ve seen that originated in North Korea (DPRK) — specifically the threat actor known as BlueNoroff — such as KANDYKORN and RustBucket,” Kandji security
The Hacker News – Read More
It’s Time To Untangle the SaaS Ball of Yarn
/in General NewsIt’s no great revelation to say that SaaS applications have changed the way we operate, both in our personal and professional lives. We routinely rely on cloud-based and remote applications to conduct our basic functions, with the result that the only true perimeter of our networks has become the identities with which we log into these services.
Unfortunately – as is so often the case – our
The Hacker News – Read More
ALBeast: Misconfiguration Flaw Exposes 15,000 AWS Load Balancers to Risk
/in General NewsALBeast is a critical vulnerability that allows attackers to bypass authentication and authorization in AWS ALB-based applications. Learn…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Styx Stealer Creator’s OPSEC Fail Leaks Client List and Profit Details
/in General NewsIn what’s a case of an operational security (OPSEC) lapse, the operator behind a new information stealer called Styx Stealer leaked data from their own computer, including details related to the clients, profit information, nicknames, phone numbers, and email addresses.
Styx Stealer, a derivative of the Phemedrone Stealer, is capable of stealing browser data, instant messenger sessions from
The Hacker News – Read More
McAfee unleashes AI deepfake audio detector – but how reliable can it be?
/in General NewsAltered audio can signal a scam, and Deepfake Detector promises to find them. Here are the PCs it works on and what it will cost you.
Latest stories for ZDNET in Security – Read More
Critical Heap Overflow Vulnerability Discovered in FFmpeg, PoC Published
/in General NewsCVE-2024-7272 is a critical heap overflow vulnerability found in FFmpeg, the popular multimedia framework. The vulnerability affects versions up to 5.1.5 and has a CVSS score of 8.8.
Cyware News – Latest Cyber News – Read More
Google Cloud Unveils New Security Services and Capabilities
/in General NewsSeveral security-related enhancements have been announced at the 2024 Google Cloud Security Summit.
The post Google Cloud Unveils New Security Services and Capabilities appeared first on SecurityWeek.
SecurityWeek – Read More