A fake Palo Alto GlobalProtect VPN access tool is being used as bait by threat actors targeting Middle Eastern organizations. The malware, disguised as a legitimate tool, can steal data and execute remote commands to infiltrate networks further.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-09-02 11:06:522024-09-02 11:06:52Fake Palo Alto GlobalProtect Tool Used as Lure to Backdoor Enterprises
Looking for the best VPN services for SMBs? Here’s a comprehensive guide covering the top options for secure remote access and data protection on a budget.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-09-02 11:06:522024-09-02 11:06:52The 6 Best Small Business VPNs for 2024
According to a report by Critical Start Cyber Research Unit, the manufacturing industry was the top target for cyber threats in H1 2024, professional services saw a 15% increase in attacks, and healthcare experienced a 180% surge in incidents.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-09-02 10:07:482024-09-02 10:07:48Cyber Threats That Shaped the First Half of 2024
The new draft of NIST’s digital identity proofing guidelines includes updates to accommodate passkeys and mobile driver’s licenses, as well as options for identification without using biometrics like facial recognition.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-09-02 10:07:472024-09-02 10:07:47NIST Releases New Draft of Digital Identity Proofing Guidelines
The CISA has launched a cyber incident reporting portal to make breach disclosure easier. It allows organizations to report cyberattacks, vulnerabilities, and data breaches voluntarily.
The campaign, known as “Contagious Interview,” tricks developers into downloading fake npm packages or installers. The attackers deploy a Python payload named InvisibleFerret to steal data from cryptocurrency wallets.
Russian hackers exploited vulnerabilities in Safari and Chrome to launch cyberattacks from November 2023 to July 2024. They used a watering hole attack on Mongolian government websites to infect mobile users with malware, stealing information.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-09-02 09:07:142024-09-02 09:07:14State-Backed Attackers and Commercial Surveillance Vendors Repeatedly Use the Same Exploits
The attackers use spear-phishing lures and watering hole campaigns to infiltrate networks and collect sensitive data. Huntress identified four compromised hosts in recent attacks, linking them to Cobalt Strike Beacons and encrypted DLL payloads.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-09-02 09:07:132024-09-02 09:07:13OceanLotus APT Group Targeting Vietnamese Human Rights Defenders
The world of cybersecurity is in a constant state of flux. New vulnerabilities emerge daily, and attackers are becoming more sophisticated.
In this high-stakes game, security leaders need every advantage they can get. That’s where Artificial Intelligence (AI) comes in. AI isn’t just a buzzword; it’s a game-changer for vulnerability management.
AI is poised to revolutionize vulnerability
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-09-02 09:07:122024-09-02 09:07:12SafeTech Labs Takes Aim at $52B Digital Legacy Industry with World’s First Fully Comprehensive Digital Legacy Solution
BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Fake Palo Alto GlobalProtect Tool Used as Lure to Backdoor Enterprises
/in General NewsA fake Palo Alto GlobalProtect VPN access tool is being used as bait by threat actors targeting Middle Eastern organizations. The malware, disguised as a legitimate tool, can steal data and execute remote commands to infiltrate networks further.
Cyware News – Latest Cyber News – Read More
The 6 Best Small Business VPNs for 2024
/in General NewsLooking for the best VPN services for SMBs? Here’s a comprehensive guide covering the top options for secure remote access and data protection on a budget.
Security | TechRepublic – Read More
Cyber Threats That Shaped the First Half of 2024
/in General NewsAccording to a report by Critical Start Cyber Research Unit, the manufacturing industry was the top target for cyber threats in H1 2024, professional services saw a 15% increase in attacks, and healthcare experienced a 180% surge in incidents.
Cyware News – Latest Cyber News – Read More
NIST Releases New Draft of Digital Identity Proofing Guidelines
/in General NewsThe new draft of NIST’s digital identity proofing guidelines includes updates to accommodate passkeys and mobile driver’s licenses, as well as options for identification without using biometrics like facial recognition.
Cyware News – Latest Cyber News – Read More
CISA Launches Cyber Incident Reporting Portal To Streamline Breach Disclosure
/in General NewsThe CISA has launched a cyber incident reporting portal to make breach disclosure easier. It allows organizations to report cyberattacks, vulnerabilities, and data breaches voluntarily.
Cyware News – Latest Cyber News – Read More
North Korean Cyberattacks Persist: Developers Targeted via npm Packages
/in General NewsThe campaign, known as “Contagious Interview,” tricks developers into downloading fake npm packages or installers. The attackers deploy a Python payload named InvisibleFerret to steal data from cryptocurrency wallets.
Cyware News – Latest Cyber News – Read More
State-Backed Attackers and Commercial Surveillance Vendors Repeatedly Use the Same Exploits
/in General NewsRussian hackers exploited vulnerabilities in Safari and Chrome to launch cyberattacks from November 2023 to July 2024. They used a watering hole attack on Mongolian government websites to infect mobile users with malware, stealing information.
Cyware News – Latest Cyber News – Read More
OceanLotus APT Group Targeting Vietnamese Human Rights Defenders
/in General NewsThe attackers use spear-phishing lures and watering hole campaigns to infiltrate networks and collect sensitive data. Huntress identified four compromised hosts in recent attacks, linking them to Cobalt Strike Beacons and encrypted DLL payloads.
Cyware News – Latest Cyber News – Read More
Webinar: Learn to Boost Cybersecurity with AI-Powered Vulnerability Management
/in General NewsThe world of cybersecurity is in a constant state of flux. New vulnerabilities emerge daily, and attackers are becoming more sophisticated.
In this high-stakes game, security leaders need every advantage they can get. That’s where Artificial Intelligence (AI) comes in. AI isn’t just a buzzword; it’s a game-changer for vulnerability management.
AI is poised to revolutionize vulnerability
The Hacker News – Read More
SafeTech Labs Takes Aim at $52B Digital Legacy Industry with World’s First Fully Comprehensive Digital Legacy Solution
/in General NewsBrussel, Belgium, 2nd September 2024, CyberNewsWire
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More