https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-07-29 15:06:352024-07-29 15:06:35OAuth+XSS Attack Threatens Millions of Web Users With Account Takeover
According to an analysis by TRM Labs, Russian-speaking threat actors were responsible for over 69% of all ransomware-related cryptocurrency earnings in the past year, amounting to more than $500 million.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-07-29 15:06:352024-07-29 15:06:35Report: Russian Ransomware Gangs Account for 69% of all Ransom Proceeds
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-07-29 14:08:352024-07-29 14:08:35Most people worry about deepfakes – and overestimate their ability to spot them
An unknown threat actor has been linked to a massive scam campaign that exploited an email routing misconfiguration in email security vendor Proofpoint’s defenses to send millions of messages spoofing various legitimate companies.
“These emails echoed from official Proofpoint email relays with authenticated SPF and DKIM signatures, thus bypassing major security protections — all to deceive
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-07-29 14:08:352024-07-29 14:08:35Proofpoint Email Routing Flaw Exploited to Send Millions of Spoofed Phishing Emails
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-07-29 14:08:352024-07-29 14:08:35Saboteurs Cut Internet Cables in Latest Disruption During Paris Olympics
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-07-29 14:08:342024-07-29 14:08:347 Sessions Not to Miss at Black Hat USA 2024
Despite bans, organizations are widespread in using AI code tools, causing security concerns, as reported by Checkmarx. While 15% prohibit AI tools for code generation, a staggering 99% still use them.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-07-29 14:08:342024-07-29 14:08:34Despite Bans, AI Code Generation Tools Widely Used in Organizations
The National Vulnerability Database (NVD), maintained by the National Institute of Standards and Technology (NIST), currently has a backlog of over 16,000 vulnerabilities, with an average daily influx of more than 100 new security flaws.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-07-29 13:10:142024-07-29 13:10:14National Vulnerability Backlog Could Surge to 30,000 by 2025
U.S. senators have raised concerns about how car companies handle consumer data, revealing that major automakers share and sell drivers’ information without proper consent.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-07-29 13:10:132024-07-29 13:10:13Senators to FTC: Car Companies’ Data Privacy Practices Must be Investigated
WhatsApp currently blocks certain file types considered risky, but Python and PHP scripts are not included in the blocklist. Security researcher Saumyajeet Das identified this vulnerability while testing file attachments in WhatsApp conversations.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-07-29 13:10:132024-07-29 13:10:13WhatsApp for Windows Lets Python, PHP Scripts Execute with no Warning
BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
OAuth+XSS Attack Threatens Millions of Web Users With Account Takeover
/in General NewsAn attack flow that combines API flaws within “log in with” implementations and Web injection bugs could affect millions of websites.
darkreading – Read More
Report: Russian Ransomware Gangs Account for 69% of all Ransom Proceeds
/in General NewsAccording to an analysis by TRM Labs, Russian-speaking threat actors were responsible for over 69% of all ransomware-related cryptocurrency earnings in the past year, amounting to more than $500 million.
Cyware News – Latest Cyber News – Read More
Most people worry about deepfakes – and overestimate their ability to spot them
/in General NewsResearch shows voters around the world are nervous about political deepfakes, with some country’s citizens being far more concerned than others.
Latest news – Read More
Proofpoint Email Routing Flaw Exploited to Send Millions of Spoofed Phishing Emails
/in General NewsAn unknown threat actor has been linked to a massive scam campaign that exploited an email routing misconfiguration in email security vendor Proofpoint’s defenses to send millions of messages spoofing various legitimate companies.
“These emails echoed from official Proofpoint email relays with authenticated SPF and DKIM signatures, thus bypassing major security protections — all to deceive
The Hacker News – Read More
Saboteurs Cut Internet Cables in Latest Disruption During Paris Olympics
/in General NewsLong-distance cables were severed across France in a move that disrupted internet connectivity.
Security Latest – Read More
7 Sessions Not to Miss at Black Hat USA 2024
/in General NewsThis year’s conference will be a treasure trove of insights for cybersecurity professionals.
darkreading – Read More
Despite Bans, AI Code Generation Tools Widely Used in Organizations
/in General NewsDespite bans, organizations are widespread in using AI code tools, causing security concerns, as reported by Checkmarx. While 15% prohibit AI tools for code generation, a staggering 99% still use them.
Cyware News – Latest Cyber News – Read More
National Vulnerability Backlog Could Surge to 30,000 by 2025
/in General NewsThe National Vulnerability Database (NVD), maintained by the National Institute of Standards and Technology (NIST), currently has a backlog of over 16,000 vulnerabilities, with an average daily influx of more than 100 new security flaws.
Cyware News – Latest Cyber News – Read More
Senators to FTC: Car Companies’ Data Privacy Practices Must be Investigated
/in General NewsU.S. senators have raised concerns about how car companies handle consumer data, revealing that major automakers share and sell drivers’ information without proper consent.
Cyware News – Latest Cyber News – Read More
WhatsApp for Windows Lets Python, PHP Scripts Execute with no Warning
/in General NewsWhatsApp currently blocks certain file types considered risky, but Python and PHP scripts are not included in the blocklist. Security researcher Saumyajeet Das identified this vulnerability while testing file attachments in WhatsApp conversations.
Cyware News – Latest Cyber News – Read More