BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Feds Accuse Founders of Cryptocurrency Mixer of ‘Large-Scale Money Laundering’
/in General NewsThe two founders of a cryptocurrency mixing service that allegedly obfuscated the origins of at least $100 million in criminal proceeds have been arrested, the Department of Justice announced Wednesday.
Cyware News – Latest Cyber News – Read More
State-Sponsored Hackers Exploit Two Cisco Zero-Day Vulnerabilities for Espionage
/in General NewsA new malware campaign leveraged two zero-day flaws in Cisco networking gear to deliver custom malware and facilitate covert data collection on target environments.
Cisco Talos, which dubbed the activity ArcaneDoor, attributing it as the handiwork of a previously undocumented sophisticated state-sponsored actor it tracks under the name UAT4356 (aka Storm-1849 by Microsoft).
”
The Hacker News – Read More
Google Postpones Third-Party Cookie Deprecation Amid U.K. Regulatory Scrutiny
/in General NewsGoogle has once again pushed its plans to deprecate third-party tracking cookies in its Chrome web browser as it works to address outstanding competition concerns from U.K. regulators over its Privacy Sandbox initiative.
The tech giant said it’s working closely with the U.K. Competition and Markets Authority (CMA) and hopes to achieve an agreement by the end of the year.
As part of the
The Hacker News – Read More
Maximum Severity Flowmon Bug has a Public Exploit, Patch Now
/in General NewsFlowon developer Progress Software first alerted about the flaw on April 4, warning that it impacts versions of the product v12.x and v11.x. The company urged system admins to upgrade to the latest releases, v12.3.4 and 11.1.14.
Cyware News – Latest Cyber News – Read More
CISA Warns of Cisco and CrushFTP Vulnerabilities Being Actively Exploited
/in General NewsOn Wednesday, the Cybersecurity and Infrastructure Security Agency (CISA) added two Cisco product vulnerabilities — CVE-2024-20353 and CVE-2024-20359 — as well as one vulnerability affecting popular file transfer tool CrushFTP.
Cyware News – Latest Cyber News – Read More
Google Meet opens client-side encrypted calls to non Google users
/in General NewsGoogle announced it is updating the client-side encryption mechanism for Google Meet to allow external participants, including those without Google accounts, to join encrypted calls.
Cyware News – Latest Cyber News – Read More
Chinese, Russian Espionage Campaigns Increasingly Targeting Edge Devices
/in General NewsChinese and Russian hackers have turned their focus to edge devices — like VPN appliances, firewalls, routers and Internet of Things (IoT) tools — amid a startling increase in espionage attacks, according to Google security firm Mandiant.
Cyware News – Latest Cyber News – Read More
Cisco Systems Joins Microsoft, IBM in Vatican Pledge to Ensure Ethical Use and Development of AI
/in General NewsPope Francis has called for an international treaty to ensure AI is developed and used ethically, devoting his annual peace message this year to the topic.
The post Cisco Systems Joins Microsoft, IBM in Vatican Pledge to Ensure Ethical Use and Development of AI appeared first on SecurityWeek.
SecurityWeek – Read More
Attacker Social-Engineered Backdoor Code Into XZ Utils
/in General NewsUnlike the SolarWinds and CodeCov incidents, all that it took for an adversary to nearly pull off a massive supply chain attack was some slick social engineering and a string of pressure emails.
darkreading – Read More
KnowBe4 to Acquire Egress
/in General NewsPost Content
darkreading – Read More