BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
10 Critical Endpoint Security Tips You Should Know
/in General NewsIn today’s digital world, where connectivity is rules all, endpoints serve as the gateway to a business’s digital kingdom. And because of this, endpoints are one of hackers’ favorite targets.
According to the IDC, 70% of successful breaches start at the endpoint. Unprotected endpoints provide vulnerable entry points to launch devastating cyberattacks. With IT
The Hacker News – Read More
Critical WordPress Automatic Plugin Vulnerability Exploited to Inject Backdoors
/in General NewsA vulnerability in the WordPress Automatic plugin is being exploited to inject backdoors and web shells into websites.
The post Critical WordPress Automatic Plugin Vulnerability Exploited to Inject Backdoors appeared first on SecurityWeek.
SecurityWeek – Read More
ThreatLocker Raises $115M in Series D Funding
/in General NewsThe round was led by existing investor General Atlantic, with participation from other major investors StepStone Group and the D. E. Shaw group. The company intends to use the funds to drive product innovation and accelerate its global expansion.
Cyware News – Latest Cyber News – Read More
Autodesk Hosting PDF Files Used in Microsoft Phishing Attacks
/in General NewsResearchers discovered a sophisticated phishing campaign that is using compromised email accounts and Autodesk’s file sharing platform to steal Microsoft login credentials from victims.
Cyware News – Latest Cyber News – Read More
Researchers Sinkhole PlugX Malware Server With 2.5 Million Unique IPs
/in General NewsResearchers have sinkholed a command and control server for a variant of the PlugX malware and observed in six months more than 2.5 million connections from unique IP addresses.
Cyware News – Latest Cyber News – Read More
Hackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sites
/in General NewsThreat actors are attempting to actively exploit a critical security flaw in the WP‑Automatic plugin for WordPress that could allow site takeovers.
The shortcoming, tracked as CVE-2024-27956, carries a CVSS score of 9.9 out of a maximum of 10. It impacts all versions of the plugin prior to 3.9.2.0.
“This vulnerability, a SQL injection (SQLi) flaw, poses a severe threat as
The Hacker News – Read More
PCI Launches Payment Card Cybersecurity Effort in the Middle East
/in General NewsThe payment card industry pushes for more security in financial transactions to help combat increasing fraud in the region.
darkreading – Read More
How to change your IP address, why you’d want to – and when you shouldn’t
/in General NewsLooking for more privacy? Or easier access to a network device? Here are the steps for every operating system, and how to avoid address conflicts.
Latest stories for ZDNET in Security – Read More
OpenAI’s GPT-4 Can Autonomously Exploit 87% of One-Day Vulnerabilities, Study Finds
/in General NewsResearchers from the University of Illinois Urbana-Champaign found that OpenAI’s GPT-4 is able to exploit 87% of a list of vulnerabilities when provided with their NIST descriptions.
Security | TechRepublic – Read More
Chinese Keyboard Apps Open 1B People to Eavesdropping
/in General NewsEight out of nine apps that people use to input Chinese characters into mobile devices have weakness that allow a passive eavesdropper to collect keystroke data.
darkreading – Read More