BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Malvertising: Fake Popular Software Ads Deliver New MadMxShell Backdoor
/in General NewsBy Deeba Ahmed
IT professionals are under attack! This article exposes a malicious malvertising campaign targeting IT teams with a novel backdoor named MadMxShell. Learn how attackers use typosquatting and DNS techniques to compromise systems.
This is a post from HackRead.com Read the original post: Malvertising: Fake Popular Software Ads Deliver New MadMxShell Backdoor
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Thousands of Palo Alto Firewalls Potentially Impacted by Exploited Vulnerability
/in General NewsShadowserver has identified roughly 6,000 internet-accessible Palo Alto Networks firewalls potentially vulnerable to CVE-2024-3400.
The post Thousands of Palo Alto Firewalls Potentially Impacted by Exploited Vulnerability appeared first on SecurityWeek.
SecurityWeek – Read More
Ukrainian Soldiers’ Apps Increasingly Targeted for Spying, Cyber Agency Warns
/in General NewsThe agency is attributing the surge to a group tracked as UAC-0184, which was spotted in February targeting an unnamed Ukrainian entity in Finland. CERT-UA does not attribute UAC-0184’s activity to any specific foreign cyber threat group.
Cyware News – Latest Cyber News – Read More
Deciphering the Economics of Software Development: An In-Depth Exploration
/in General NewsBy Uzair Amir
The depth of activities within software development ranges from ideation and design to coding, testing, and deployment. The…
This is a post from HackRead.com Read the original post: Deciphering the Economics of Software Development: An In-Depth Exploration
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Ransomware Double-Dip: Re-Victimization in Cyber Extortion
/in General NewsBetween crossovers – Do threat actors play dirty or desperate?
In our dataset of over 11,000 victim organizations that have experienced a Cyber Extortion / Ransomware attack, we noticed that some victims re-occur. Consequently, the question arises why we observe a re-victimization and whether or not this is an actual second attack, an affiliate crossover (meaning an affiliate has gone to
The Hacker News – Read More
Researchers Find Dozens of Fake E-Zpass Toll Websites After FBI Warning
/in General NewsResearchers from cybersecurity firm DomainTools told Recorded Future News that they have found nearly 30 newly created domains related to tolls, 15 of which have a “high chance of being weaponized for phishing, malware, or spam.”
Cyware News – Latest Cyber News – Read More
Report: 51% of Enterprises Experienced a Breach Despite Large Security Stacks
/in General NewsThreat actors are continuing to successfully breach across the entire attack surface. Around 93% of enterprises who admitted a breach reported unplanned downtime, data exposure, or financial loss as a result, according to a survey by Pentera.
Cyware News – Latest Cyber News – Read More
Researchers Uncover Windows Flaws Granting Hackers Rootkit-Like Powers
/in General NewsNew research has found that the DOS-to-NT path conversion process could be exploited by threat actors to achieve rootkit-like capabilities to conceal and impersonate files, directories, and processes.
“When a user executes a function that has a path argument in Windows, the DOS path at which the file or folder exists is converted to an NT path,” SafeBreach security researcher Or Yair said&
The Hacker News – Read More
Critical Flaw in the Forminator Plugin Impacts Hundreds of Thousands of WordPress Sites
/in General NewsJapan’s CERT warned that the WordPress plugin Forminator, developed by WPMU DEV, is affected by multiple vulnerabilities, including a flaw that allows unrestricted file uploads to the server.
Cyware News – Latest Cyber News – Read More
MITRE Hacked by State-Sponsored Group via Ivanti Zero-Days
/in General NewsMITRE R&D network hacked in early January by a state-sponsored threat group that exploited an Ivanti zero-day vulnerability.
The post MITRE Hacked by State-Sponsored Group via Ivanti Zero-Days appeared first on SecurityWeek.
SecurityWeek – Read More