BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
BobTheSmuggler: Open-source tool for undetectable payload delivery
/in General NewsThe open-source tool supports various payload delivery chains and has future plans to add more image polyglots, file extensions, and EML file support for stealthy payload delivery.
Cyware News – Latest Cyber News – Read More
German Applied Sciences University Announces Being Hit by Criminal Cyberattack
/in General NewsHochschule Kempten, a university of applied sciences in Germany, has been targeted by a criminal cyberattack. The attack has affected access to several IT systems, including email, while the telephone system remains operational.
Cyware News – Latest Cyber News – Read More
Update: Chinese Group Runs Highly Persistent Ivanti Zero-Day Exploits
/in General NewsChinese threat actor UNC5325 is adept at using novel malware and “living off the land” techniques to persist in hacked devices even after factory resets and system upgrades.
Cyware News – Latest Cyber News – Read More
FTC’s Khan Warns Tech Industry That Agency Will Strictly Enforce AI Data Privacy
/in General NewsThe FTC’s aggressive approach to enforcing privacy regulations reflects a commitment to ensuring that AI model refinement does not compromise people’s privacy or security.
Cyware News – Latest Cyber News – Read More
Report: Business Logic Abuse Dominates as API Attacks Surge
/in General NewsAccording to Imperva’s State of API Security Report, attacks on the business logic of APIs, including credential stuffing and data scraping, account for the largest share (27%) of API attacks.
Cyware News – Latest Cyber News – Read More
A Pornhub Chatbot Stopped Millions From Searching for Child Abuse Videos
/in General NewsEvery time someone in the UK searched for child abuse material on Pornhub, a chatbot appeared and told them how to get help.
Security Latest – Read More
US Government Expands Role in Software Security
/in General NewsThe White House Office of the National Cyber Director puts software developers on notice, calling for a move to memory-safe programming languages and the development of security metrics.
darkreading – Read More
Chinese Hackers Exploiting Ivanti VPN Flaws to Deploy New Malware
/in General NewsAt least two different suspected China-linked cyber espionage clusters, tracked as UNC5325 and UNC3886, have been attributed to the exploitation of security flaws in Ivanti Connect Secure VPN appliances.
UNC5325 abused CVE-2024-21893 to deliver a wide range of new malware called LITTLELAMB.WOOLTEA, PITSTOP, PITDOG, PITJET, and PITHOOK, as well as attempted to maintain
The Hacker News – Read More
Cybersecurity startup makes open source pay, gains funding in a down market
/in General NewsFiligran is now instrumental in organizing and analyzing cybercrime data, managing the modeling of multiple ransomware campaigns and enhancing response to cyber incidents.Read More
Security News | VentureBeat – Read More
President Biden Blocks Mass Transfer of Personal Data to High-Risk Nations
/in General NewsU.S. President Joe Biden has issued an Executive Order that prohibits the mass transfer of citizens’ personal data to countries of concern.
The Executive Order also “provides safeguards around other activities that can give those countries access to Americans’ sensitive data,” the White House said in a statement.
This includes sensitive information such as genomic data, biometric data,
The Hacker News – Read More