BackBox.org News – Page 486 – Latest news and insights on Security

BackBox News

SolarWinds Releases Patch for Critical Flaw in Web Help Desk Software

August 15, 2024/in General News

SolarWinds has released patches to address a critical security vulnerability in its Web Help Desk software that could be exploited to execute arbitrary code on susceptible instances.
The flaw, tracked as CVE-2024-28986 (CVSS score: 9.8), has been described as a deserialization bug.
“SolarWinds Web Help Desk was found to be susceptible to a Java deserialization remote code execution vulnerability

The Hacker News – Read More

Ransomware Attacks on Industrial Firms Surged in Q2 2024

August 15, 2024/in General News

Dragos has seen a significant increase in ransomware attacks on industrial organizations in Q2 2024 compared to the previous quarter.

The post Ransomware Attacks on Industrial Firms Surged in Q2 2024 appeared first on SecurityWeek.

SecurityWeek – Read More

Beyond the Hype: Unveiling the Realities of WormGPT in Cybersecurity

August 15, 2024/in General News

Though WormGPT tools may not be a major problem now, organizations can’t let their guard down.

darkreading – Read More

Russian-Linked Hackers Target Eastern European NGOs and Media

August 15, 2024/in General News

Russian and Belarusian non-profit organizations, Russian independent media, and international non-governmental organizations active in Eastern Europe have become the target of two separate spear-phishing campaigns orchestrated by threat actors whose interests align with that of the Russian government.
While one of the campaigns – dubbed River of Phish – has been attributed to COLDRIVER, an

The Hacker News – Read More

How Can Organizations Navigate SEC’s Cyber Materiality Disclosures?

August 15, 2024/in General News

Inconsistencies and lack of information in cybersecurity disclosures highlight the need for organizations to establish a robust materiality assessment framework.

darkreading – Read More

Nearly All Google Pixel Phones Are Left Exposed by Unpatched Flaw in Hidden Android App

August 15, 2024/in General News

A fix is coming, but data analytics giant Palantir says it’s ditching Android devices altogether because Google’s response to the vulnerability has been troubling.

Security Latest – Read More

SolarWinds Issues Hotfix for Critical Web Help Desk Vulnerability

August 15, 2024/in General News

SolarWinds has released a hotfix for a critical Java deserialization remote code execution vulnerability in Web Help Desk.

The post SolarWinds Issues Hotfix for Critical Web Help Desk Vulnerability appeared first on SecurityWeek.

SecurityWeek – Read More

Google Disrupts Iranian Hacking Activity Targeting US Presidential Election

August 15, 2024/in General News

Google says it blocked Iranian APT42 hackers from accessing the personal email accounts of individuals affiliated with the US elections.

The post Google Disrupts Iranian Hacking Activity Targeting US Presidential Election appeared first on SecurityWeek.

SecurityWeek – Read More

Palo Alto Networks Patches Unauthenticated Command Execution Flaw in Cortex XSOAR

August 15, 2024/in General News

Palo Alto Networks has patched multiple vulnerabilities, including ones rated high severity, in several products.

The post Palo Alto Networks Patches Unauthenticated Command Execution Flaw in Cortex XSOAR appeared first on SecurityWeek.

SecurityWeek – Read More

Identity Threat Detection and Response Solution Guide

August 15, 2024/in General News

The Emergence of Identity Threat Detection and Response
Identity Threat Detection and Response (ITDR) has emerged as a critical component to effectively detect and respond to identity-based attacks. Threat actors have shown their ability to compromise the identity infrastructure and move laterally into IaaS, Saas, PaaS and CI/CD environments. Identity Threat Detection and Response solutions help

The Hacker News – Read More

Company Blogs

Hacking Tools

No feed items found.

Exploit DB

No feed items found.

BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.

Click me

Make a Donation

BackBox News

SolarWinds Releases Patch for Critical Flaw in Web Help Desk Software

Ransomware Attacks on Industrial Firms Surged in Q2 2024

Beyond the Hype: Unveiling the Realities of WormGPT in Cybersecurity

Russian-Linked Hackers Target Eastern European NGOs and Media

How Can Organizations Navigate SEC’s Cyber Materiality Disclosures?

Nearly All Google Pixel Phones Are Left Exposed by Unpatched Flaw in Hidden Android App

SolarWinds Issues Hotfix for Critical Web Help Desk Vulnerability

Google Disrupts Iranian Hacking Activity Targeting US Presidential Election

Palo Alto Networks Patches Unauthenticated Command Execution Flaw in Cortex XSOAR

Identity Threat Detection and Response Solution Guide

Company Blogs

Are the Android SafetyCore and Android System Key Verifier apps safe? | Kaspersky official blog

Miniaudio and Adobe Acrobat Reader vulnerabilities

Patch it up: Old vulnerabilities are everyone’s problems

Update your VMware ESXi products now | Kaspersky official blog

New Pre-Installed Dev Tools for Deep Sandbox Malware Analysis

Abusing with style: Leveraging cascading style sheets for evasion and tracking

AI Safety: Key Threats and Solutions

Main vulnerabilities from Microsoft’s March Patch Tuesday | Kaspersky official blog

Microsoft Patch Tuesday for March 2025 — Snort rules and prominent vulnerabilities

5 Common Evasion Techniques in Malware

Hacking Tools

Exploit DB