BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Microsoft Has Yet to Patch 7 Pwn2Own Zero-Days
/in General NewsA number of serious Windows bugs still haven’t made their way into criminal circles, but that won’t remain the case forever — and time is running short before ZDI releases exploit details.
darkreading – Read More
Microsoft Quick Assist Tool Abused for Ransomware Delivery
/in General NewsThe Black Basta group abuses remote connection tool Quick Assist in vishing attacks leading to ransomware deployment.
The post Microsoft Quick Assist Tool Abused for Ransomware Delivery appeared first on SecurityWeek.
SecurityWeek – Read More
Remote-Access Tools the Intrusion Point to Blame for Most Ransomware Attacks
/in General NewsAs per cybersecurity insurance firm At-Bay, remote-access tools, particularly self-managed VPNs from Cisco and Citrix, were the primary intrusion point for most ransomware attacks in 2023, accounting for over 60% of incidents.
Cyware News – Latest Cyber News – Read More
Critical Git Vulnerability Allows RCE When Cloning Repositories With Submodules
/in General NewsThe vulnerability can be exploited on multi-user machines, where an attacker can prepare a local repository to look like a partial clone that is missing an object, causing Git to execute arbitrary code during the clone operation.
Cyware News – Latest Cyber News – Read More
New ‘Antidot’ Android Trojan Allows Cybercriminals to Hack Devices, Steal Data
/in General NewsThe Antidot Android banking trojan snoops on users and steals their credentials, contacts, and SMS messages.
The post New ‘Antidot’ Android Trojan Allows Cybercriminals to Hack Devices, Steal Data appeared first on SecurityWeek.
SecurityWeek – Read More
Kimsuky APT Deploying Linux Backdoor Gomir in South Korean Cyber Attacks
/in General NewsThe Kimsuky (aka Springtail) advanced persistent threat (APT) group, which is linked to North Korea’s Reconnaissance General Bureau (RGB), has been observed deploying a Linux version of its GoBear backdoor as part of a campaign targeting South Korean organizations.
The backdoor, codenamed Gomir, is “structurally almost identical to GoBear, with extensive sharing of code between
The Hacker News – Read More
Cybersecurity Analysis Exposes High-Risk Assets in Power and Healthcare Sectors
/in General NewsTraditional approaches to vulnerability management result in a narrow focus of the enterprise attack surface area that overlooks a considerable amount of risk, according to Claroty.
Cyware News – Latest Cyber News – Read More
GhostSec Announces Shift in Operations from Ransomware to Hacktivism
/in General NewsThe cybercriminal group GhostSec has shifted from ransomware to hacktivism, stating they’ve gathered enough funds and will now focus on promoting social and political agendas through hacking.
Cyware News – Latest Cyber News – Read More
Woman Accused of Helping North Korean IT Workers Infiltrate Hundreds of US Firms
/in General NewsThe US government has announced charges, seizures, arrests and rewards as part of an effort to disrupt a scheme that generates revenue for North Korea.
The post Woman Accused of Helping North Korean IT Workers Infiltrate Hundreds of US Firms appeared first on SecurityWeek.
SecurityWeek – Read More
Unsafe Software Development Practices Persist, Despite CISA’s Push
/in General NewsDespite repeated efforts by the CISA to eliminate common software vulnerabilities, unsafe software development practices continue to persist across the industry, highlighting the challenges in driving change in coding practices.
Cyware News – Latest Cyber News – Read More