BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Microsoft’s July Update Patches 143 Flaws, Including Two Actively Exploited
/in General NewsMicrosoft has released patches to address a total of 143 security flaws as part of its monthly security updates, two of which have come under active exploitation in the wild.
Five out of the 143 flaws are rated Critical, 136 are rated Important, and four are rated Moderate in severity. The fixes are in addition to 33 vulnerabilities that have been addressed in the Chromium-based Edge browser
The Hacker News – Read More
Crypto Thefts Double to $1.4 Billion, TRM Labs Finds
/in General NewsCryptocurrency exchange hacks and exploits are on the rise, with $1.38bn stolen in the first half of 2024, double the amount stolen in 2023. While it is lower than the record-breaking $2bn stolen in 2022, the surge may be due to higher token prices.
Cyware News – Latest Cyber News – Read More
Smash-and-Grab Extortion
/in General NewsThe Problem
The “2024 Attack Intelligence Report” from the staff at Rapid7 [1] is a well-researched, well-written report that is worthy of careful study. Some key takeaways are:
53% of the over 30 new vulnerabilities that were widely exploited in 2023 and at the start of 2024 were zero-days.
More mass compromise events arose from zero-day vulnerabilities than from n-day vulnerabilities.
The Hacker News – Read More
ICS Patch Tuesday: Siemens, Schneider Electric, CISA Issue Advisories
/in General NewsSeveral ICS vendors released advisories on Tuesday to inform customers about vulnerabilities found in industrial and OT products.
The post ICS Patch Tuesday: Siemens, Schneider Electric, CISA Issue Advisories appeared first on SecurityWeek.
SecurityWeek – Read More
It’s Time to Reassess Your Cybersecurity Priorities
/in General NewsA cyber resilience strategy is vital for business continuity and can provide a range of benefits before, during, and after a cyberattack.
The post It’s Time to Reassess Your Cybersecurity Priorities appeared first on SecurityWeek.
SecurityWeek – Read More
The best space heaters of 2024
/in General NewsWe rounded up the best smart space heaters that connect to Wi-Fi, mobile apps, and voice assistants for 24/7 control.
Latest news – Read More
Microsoft July 2024 Patch Tuesday Fixes 142 Flaws, 4 Zero-Days
/in General NewsAs part of Microsoft’s July 2024 Patch Tuesday, 142 flaws were addressed, including two zero-days actively exploited and two publicly disclosed. Five critical vulnerabilities were fixed, all related to remote code execution.
Cyware News – Latest Cyber News – Read More
US Disrupts AI-Powered Russian Bot Farm on X
/in General NewsThe US and allies blame Russian state-sponsored threat actors for using Meliorator AI software to create a social media bot farm.
The post US Disrupts AI-Powered Russian Bot Farm on X appeared first on SecurityWeek.
SecurityWeek – Read More
Can AI be Meaningfully Regulated, or is Regulation a Deceitful Fudge?
/in General NewsFew people understand AI, nor how to use nor control it, nor where it is going. Yet politicians wish to regulate it.
The post Can AI be Meaningfully Regulated, or is Regulation a Deceitful Fudge? appeared first on SecurityWeek.
SecurityWeek – Read More
New Flaw in OpenSSH can Lead to Remote Code Execution
/in General NewsA vulnerability in certain versions of the OpenSSH secure networking suite may allow for remote code execution. The vulnerability, identified as CVE-2024-6409 with a CVSS score of 7.0, affects specific versions of OpenSSH such as 8.7p1 and 8.8p1.
Cyware News – Latest Cyber News – Read More