BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
RaspAP Flaw Let Hackers Escalate Privileges with Raspberry Pi Devices
/in General NewsThe flaw, identified as CVE-2024-41637, affects RaspAP versions before 3.1.5 and has a severity score of 9.9. The vulnerability stems from improper access controls, enabling attackers to escalate privileges from www-data to root.
Cyware News – Latest Cyber News – Read More
OneDrive Phishing Scam Tricks Users into Running Malicious PowerShell Script
/in General NewsCybersecurity researchers are warning about a new phishing campaign that targets Microsoft OneDrive users with the aim of executing a malicious PowerShell script.
“This campaign heavily relies on social engineering tactics to deceive users into executing a PowerShell script, thereby compromising their systems,” Trellix security researcher Rafael Pena said in a Monday analysis.
The cybersecurity
The Hacker News – Read More
ZeroTier Raises $13.5 Million in Series A Funding
/in General NewsVirtual networking provider ZeroTier has raised $13.5 million in a Series A funding round led by Battery Ventures.
The post ZeroTier Raises $13.5 Million in Series A Funding appeared first on SecurityWeek.
SecurityWeek – Read More
VMware ESXi Flaw Exploited by Ransomware Groups for Admin Access
/in General NewsA recently patched security flaw impacting VMware ESXi hypervisors has been actively exploited by “several” ransomware groups to gain elevated permissions and deploy file-encrypting malware.
The attacks involve the exploitation of CVE-2024-37085 (CVSS score: 6.8), an Active Directory integration authentication bypass that allows an attacker to obtain administrative access to the host.
“A
The Hacker News – Read More
Hacker Scrapes and Publishes 100,000-Line CrowdStrike IoC List
/in General NewsUSDoD hacker scrapes and leaks a 100,000-line Indicator of Compromise (IoC) list from CrowdStrike, revealing detailed threat intelligence…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
This tool tests AI’s resilience to ‘poisoned’ data
/in General NewsA government agency says malicious data could have disastrous results for AI training. Here’s how Dioptra can help.
Latest stories for ZDNET in Security – Read More
ManageEngine: Australian SMEs Aim to Reduce IT Costs Amid Growing Technology Complexity
/in General News“Digital intensity” caused by multiple cloud environments, application growth and AI is putting pressure on IT leaders in medium-sized businesses to manage costs while modernising their infrastructure.
Security | TechRepublic – Read More
Cowbell Secures $60 million Series C Funding From Zurich Insurance Group
/in General NewsPost Content
darkreading – Read More
Lakera Raises $20M Series A to Secure Generative AI Applications
/in General NewsPost Content
darkreading – Read More
Heimdal Security Presents its Latest Report on Brute-Force Cyberattacks
/in General NewsPost Content
darkreading – Read More