BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
SquareX to Uncover Data Splicing Attacks at BSides San Francisco, A Major DLP Flaw that Compromises Data Security of Millions
/in General NewsPalo Alto, California, 16th April 2025, CyberNewsWire
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
British law firm fined after ransomware group publishes confidential client data
/in General NewsA U.K. law firm specializing in crime, family fraud, sexual offenses and other sensitive matters has been fined after a hack that led to a data leak on the dark web — something the company only learned about after authorities contacted it.
The Record from Recorded Future News – Read More
LastPass Review: Is it Still Safe and Reliable in 2025?
/in General NewsLastPass’ recent data breaches make it hard to recommend as a viable password manager in 2025. Learn more in our full review below.
Security | TechRepublic – Read More
LastPass Review: Is it Still Safe and Reliable in 2025?
/in General NewsLastPass’ recent data breaches make it hard to recommend as a viable password manager in 2025. Learn more in our full review below.
Security | TechRepublic – Read More
Enhanced Version of ‘BPFDoor’ Linux Backdoor Seen in the Wild
/in General NewsIn recent attacks, the state-sponsored backdoor BPFDoor is using a controller to open a reverse shell and move laterally.
The post Enhanced Version of ‘BPFDoor’ Linux Backdoor Seen in the Wild appeared first on SecurityWeek.
SecurityWeek – Read More
New BPFDoor Controller Enables Stealthy Lateral Movement in Linux Server Attacks
/in General NewsCybersecurity researchers have unearthed a new controller component associated with a known backdoor called BPFDoor as part of cyber attacks targeting telecommunications, finance, and retail sectors in South Korea, Hong Kong, Myanmar, Malaysia, and Egypt in 2024.
“The controller could open a reverse shell,” Trend Micro researcher Fernando Mercês said in a technical report published earlier in
The Hacker News – Read More
Chrome 135, Firefox 137 Updates Patch Severe Vulnerabilities
/in General NewsChrome 135 and Firefox 137 updates have been rolled out with patches for critical- and high-severity vulnerabilities.
The post Chrome 135, Firefox 137 Updates Patch Severe Vulnerabilities appeared first on SecurityWeek.
SecurityWeek – Read More
Microsoft Warns of Node.js Abuse for Malware Delivery
/in General NewsIn the past months Microsoft has seen multiple campaigns involving Node.js to deliver malware and other malicious payloads.
The post Microsoft Warns of Node.js Abuse for Malware Delivery appeared first on SecurityWeek.
SecurityWeek – Read More
Internet Giants Agree to Reduce TLS Certificate Lifespan to 47 Days by 2029
/in General NewsMajor companies have agreed to gradually reduce the lifetime of TLS certificates over the next few years.
The post Internet Giants Agree to Reduce TLS Certificate Lifespan to 47 Days by 2029 appeared first on SecurityWeek.
SecurityWeek – Read More
Chinese Android Phones Shipped with Fake WhatsApp, Telegram Apps Targeting Crypto Users
/in General NewsCheap Android smartphones manufactured by Chinese companies have been observed pre-installed with trojanized apps masquerading as WhatsApp and Telegram that contain cryptocurrency clipper functionality as part of a campaign since June 2024.
While using malware-laced apps to steal financial information is not a new phenomenon, the new findings from Russian antivirus vendor Doctor Web point to
The Hacker News – Read More