BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Distributing Security Responsibilities (Responsibly)
/in General NewsOutlining the wider organization’s proactive role in fortifying the security program allows the security team to focus on the most pressing issues that only they can solve.
darkreading – Read More
ISC Releases Security Advisories for BIND 9
/in General NewsThe Internet Systems Consortium (ISC) has released patches to fix multiple security vulnerabilities in the BIND 9 DNS software suite that could lead to denial-of-service attacks.
Cyware News – Latest Cyber News – Read More
US Indicts Alleged North Korean State Hacker for Ransomware Attacks on Hospitals
/in General NewsThe US has indicted a North Korean state hacker for ransomware attacks on hospitals and healthcare companies. The hacker, Rim Jong Hyok, is a member of the Andariel Unit within North Korea’s intelligence agency.
Cyware News – Latest Cyber News – Read More
CrowdStrike Disruption Direct Losses to Reach $5.4B for Fortune 500, Study Finds
/in General NewsA recent study by Parametrix has found that the global IT outage linked to CrowdStrike will result in at least $5.4 billion in direct financial losses for Fortune 500 companies, excluding Microsoft.
Cyware News – Latest Cyber News – Read More
Critical ServiceNow RCE Flaws Actively Exploited to Steal Credentials
/in General NewsServiceNow RCE vulnerabilities are being actively exploited to steal credentials. Threat actors are using publicly available exploits to target government agencies and private firms for data theft.
Cyware News – Latest Cyber News – Read More
I’ve tried a zillion desktop distros – it doesn’t get any better than Linux Mint 22
/in General NewsLinux Mint’s latest release continues its tradition of excellence. It’s easy to learn and use, faster than Windows, and runs on a thrift-store PC. What more can you ask for?
Latest news – Read More
Thread Name-Calling: Using Thread Name for Offense
/in General NewsProcess Injection is a vital technique used by attackers to evade detection and escalate privileges. Thread Name-Calling has emerged as a new injection technique that abuses Windows APIs for thread descriptions to bypass endpoint protection products.
Cyware News – Latest Cyber News – Read More
Threat Actors Exploit Fresh ServiceNow Vulnerabilities in Attacks
/in General NewsThreat actors have started exploiting critical-severity vulnerabilities in ServiceNow shortly after public disclosure.
The post Threat Actors Exploit Fresh ServiceNow Vulnerabilities in Attacks appeared first on SecurityWeek.
SecurityWeek – Read More
Senator: Top Banks Only Reimburse 38% of Unauthorized Claims
/in General NewsUS Senator Richard Blumenthal revealed that Bank of America, JPMorgan Chase, and Wells Fargo only reimbursed 38% of customers for unauthorized payments, resulting in $100 million in fraud losses.
Cyware News – Latest Cyber News – Read More
A North Korean Hacker Tricked a US Security Vendor Into Hiring Him—and Immediately Tried to Hack Them
/in General NewsKnowBe4 detailed the incident in a recent blog post as a warning for other potential targets.
Security Latest – Read More