BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Windows SmartScreen Flaw Enabling Data Theft in Major Stealer Attack
/in General NewsNew Stealer Campaign Exploits Windows SmartScreen Vulnerability (CVE-2024-21412) – This large-scale attack targets Windows users, stealing passwords, browsing…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Private Internet Access (PIA) vs NordVPN: Which VPN Is Better?
/in General NewsDiscover whether NordVPN’s better speeds and extra features are worth the cost, or if you’ll be satisfied with PIA VPN’s more affordable pricing.
Security | TechRepublic – Read More
Chinese Espionage Group Upgrades Malware Arsenal to Target All Major Operating Systems
/in General NewsThe new Macma macOS backdoor is capable of data exfiltration through functionalities like device fingerprinting, keylogging, audio capture, and file uploading and downloading.
Cyware News – Latest Cyber News – Read More
A Hacker ‘Ghost’ Network Is Quietly Spreading Malware on GitHub
/in General NewsCybersecurity researchers have spotted a 3,000-account network on GitHub that is manipulating the platform and spreading ransomware and info stealers.
Security Latest – Read More
Possible APT28-linked Hackers Target Ukraine’s Scientific Institutions
/in General NewsAPT28-linked hackers have targeted Ukraine’s scientific institutions in a cyber-espionage campaign, believed to have ties to the Kremlin-backed group APT28, also known as Fancy Bear and BlueDelta.
Cyware News – Latest Cyber News – Read More
CrowdStrike Explains Friday Incident Crashing Millions of Windows Devices
/in General NewsCybersecurity firm CrowdStrike on Wednesday blamed an issue in its validation system for causing millions of Windows devices to crash as part of a widespread outage late last week.
“On Friday, July 19, 2024 at 04:09 UTC, as part of regular operations, CrowdStrike released a content configuration update for the Windows sensor to gather telemetry on possible novel threat techniques,” the company
The Hacker News – Read More
CrowdStrike Explains Why Bad Update Was Not Properly Tested
/in General NewsCrowdStrike has shared a preliminary incident review, explaining why the update that caused global chaos was not caught by testing.
The post CrowdStrike Explains Why Bad Update Was Not Properly Tested appeared first on SecurityWeek.
SecurityWeek – Read More
The Power and Peril of RMM Tools
/in General NewsRMM tools have become essential in managing remote devices, but they also pose risks if exploited by threat actors. Attackers can gain remote access to devices, exfiltrate data, and remain undetected.
Cyware News – Latest Cyber News – Read More
Infostealer Campaign Exploits Microsoft Windows SmartScreen Flaw to Spread Payloads
/in General NewsA security flaw in Microsoft Defender SmartScreen was exploited to deliver ACR, Lumma, and Meduza stealers in a recent campaign. The campaign targeted Spain, Thailand, and the U.S. by using booby-trapped files exploiting CVE-2024-21412.
Cyware News – Latest Cyber News – Read More
Verizon to Pay $16 Million in TracFone Data Breach Settlement
/in General NewsVerizon Communications has agreed to pay a $16 million settlement to the FCC for three data breaches at TracFone Wireless, a subsidiary acquired in 2021. TracFone provides services under brands like Total by Verizon Wireless and Straight Talk.
Cyware News – Latest Cyber News – Read More