BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Chinese APT Mustang Panda Updates, Expands Arsenal
/in General NewsThe Chinese state-sponsored group Mustang Panda has used new and updated malicious tools in a recent attack.
The post Chinese APT Mustang Panda Updates, Expands Arsenal appeared first on SecurityWeek.
SecurityWeek – Read More
This ‘College Protester’ Isn’t Real. It’s an AI-Powered Undercover Bot for Cops
/in General NewsMassive Blue is helping cops deploy AI-powered social media bots to talk to people they suspect are anything from violent sex criminals all the way to vaguely defined “protesters.”
Security Latest – Read More
CISA Issues Guidance After Oracle Cloud Hack
/in General NewsCISA is making recommendations for organizations and users in light of the recent Oracle legacy cloud environment hack.
The post CISA Issues Guidance After Oracle Cloud Hack appeared first on SecurityWeek.
SecurityWeek – Read More
Critical Erlang/OTP SSH Vulnerability (CVSS 10.0) Allows Unauthenticated Code Execution
/in General NewsA critical security vulnerability has been disclosed in the Erlang/Open Telecom Platform (OTP) SSH implementation that could permit an attacker to execute arbitrary code sans any authentication under certain conditions.
The vulnerability, tracked as CVE-2025-32433, has been given the maximum CVSS score of 10.0.
“The vulnerability allows an attacker with network access to an Erlang/OTP SSH
The Hacker News – Read More
Data-stealing cyberattacks are surging – 7 ways to protect yourself and your business
/in General NewsThe number of infostealers sent through phishing emails jumped by 84% last year. IBM X-Force offers these recommendations for defending yourself from all manner of malware.
Latest stories for ZDNET in Security – Read More
Update your iPhone now to patch a CarPlay glitch and two serious security flaws
/in General NewsApple’s iOS 18.4.1 update fixes a bug with wireless CarPlay and resolves two security holes already exploited in targeted attacks.
Latest stories for ZDNET in Security – Read More
MITRE Hackers’ Backdoor Has Targeted Windows for Years
/in General NewsWindows versions of the BrickStorm backdoor that the Chinese APT used in the MITRE hack last year have been active for years.
The post MITRE Hackers’ Backdoor Has Targeted Windows for Years appeared first on SecurityWeek.
SecurityWeek – Read More
CISA Flags Actively Exploited Vulnerability in SonicWall SMA Devices
/in General NewsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a security flaw impacting SonicWall Secure Mobile Access (SMA) 100 Series gateways to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The high-severity vulnerability, tracked as CVE-2021-20035 (CVSS score: 7.2), relates to a case of operating system command injection
The Hacker News – Read More
Middle East, North Africa Security Spending to Top $3B
/in General NewsGartner projects IT security spending in the MENA region will continue to increase in 2025, with security services accounting for the most growth.
darkreading – Read More
Apple Patches Two Actively Exploited iOS Flaws Used in Sophisticated Targeted Attacks
/in General NewsApple on Wednesday released security updates for iOS, iPadOS, macOS Sequoia, tvOS, and visionOS to address two security flaws that it said have come under active exploitation in the wild.
The vulnerabilities in question are listed below –
CVE-2025-31200 (CVSS score: 7.5) – A memory corruption vulnerability in the Core Audio framework that could allow code execution when processing an audio
The Hacker News – Read More