BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Several Vulnerabilities Addressed in Ubuntu 24.04
/in General NewsUbuntu 24.04 LTS has addressed several security vulnerabilities, including issues in less, Glibc, Curl, GnuTLS, libvirt, and Pillow, which could potentially lead to denial of service or arbitrary code execution.
Cyware News – Latest Cyber News – Read More
3 Tips for Becoming the Champion of Your Organization’s AI Committee
/in General NewsCISOs are now considered part of the organizational executive leadership and have both the responsibility and the opportunity to drive not just security but business success.
darkreading – Read More
(Cyber) Risk = Probability of Occurrence x Damage
/in General NewsHere’s How to Enhance Your Cyber Resilience with CVSS
In late 2023, the Common Vulnerability Scoring System (CVSS) v4.0 was unveiled, succeeding the eight-year-old CVSS v3.0, with the aim to enhance vulnerability assessment for both industry and the public. This latest version introduces additional metrics like safety and automation to address criticism of lacking granularity
The Hacker News – Read More
Turla Group Deploys LunarWeb and LunarMail Backdoors in Diplomatic Missions
/in General NewsAn unnamed European Ministry of Foreign Affairs (MFA) and its three diplomatic missions in the Middle East were targeted by two previously undocumented backdoors tracked as LunarWeb and LunarMail.
ESET, which identified the activity, attributed it with medium confidence to the Russia-aligned cyberespionage group Turla (aka Iron Hunter, Pensive Ursa, Secret Blizzard, Snake, Uroburos, and Venomous
The Hacker News – Read More
Santander Data Breach Impacts Customers, Employees
/in General NewsThe Spanish bank Santander said customers in Chile, Spain and Uruguay are affected by a data breach at a third-party provider.
The post Santander Data Breach Impacts Customers, Employees appeared first on SecurityWeek.
SecurityWeek – Read More
Scammers are Getting Creative Using Malvertising, Deepfakes, and YouTube
/in General NewsThe Avast Q1 2024 Threat Report highlighted a massive surge in social engineering scams, with a staggering 90% of all mobile and 87% of desktop threats falling into this category.
Cyware News – Latest Cyber News – Read More
Apple Fixes Safari WebKit Zero-Day Flaw Exploited at Pwn2Own
/in General NewsApple patched a zero-day vulnerability (CVE-2024-27834) in Safari that was exploited at the Pwn2Own hacking competition. The vulnerability allowed an attacker to bypass Pointer Authentication Codes (PACs) and potentially execute remote code.
Cyware News – Latest Cyber News – Read More
400,000 Linux Servers Hit by Ebury Botnet
/in General NewsThe Ebury Linux botnet has ensnared over 400,000 Linux systems in 15 years, with roughly 100,000 still infected.
The post 400,000 Linux Servers Hit by Ebury Botnet appeared first on SecurityWeek.
SecurityWeek – Read More
How to Set Up & Use a VPN on Android (A Step-by-Step Guide)
/in General NewsTrying to configure or set up a VPN on your Android? Learn how to get started with our step-by-step guide.
Security | TechRepublic – Read More
Ebury Botnet Compromised 400K Linux Servers for Crypto Theft and Financial Gain
/in General NewsThe malware modules spread via Ebury are used for various nefarious activities, such as proxying traffic, redirecting HTTP traffic, exfiltrating sensitive information, and intercepting HTTP requests.
Cyware News – Latest Cyber News – Read More