https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-05-14 12:07:062024-05-14 12:07:06Attackers Use DNS Tunneling to Track Victim Activity, Scan Networks
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-05-14 12:07:062024-05-14 12:07:06Google Patches Second Chrome Zero-Day in One Week
Deploying advanced authentication measures is key to helping organizations address their weakest cybersecurity link: their human users. Having some form of 2-factor authentication in place is a great start, but many organizations may not yet be in that spot or have the needed level of authentication sophistication to adequately safeguard organizational data. When deploying
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-05-14 12:07:062024-05-14 12:07:066 Mistakes Organizations Make When Deploying Advanced Authentication
Cybersecurity researchers have uncovered an ongoing social engineering campaign that bombards enterprises with spam emails with the goal of obtaining initial access to their environments for follow-on exploitation.
“The incident involves a threat actor overwhelming a user’s email with junk and calling the user, offering assistance,” Rapid7 researchers Tyler McGraw, Thomas Elkins, and
Upon analyzing Mallox samples, researchers identified two distinct affiliates using different approaches. One focused on exploiting vulnerable assets, while the other aimed at broader compromises of information systems on a larger scale.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-05-14 11:06:312024-05-14 11:06:31Google is planning on a fix to prevent accidental password deletion in Chrome
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-05-14 11:06:312024-05-14 11:06:31Student, Personnel Information Stolen in City of Helsinki Cyberattack
The FCC’s new robocall bad actor classification system, called Consumer Communications Information Services Threat (C-CIST), aims to help authorities identify and track threat actors abusing telecommunications infrastructure.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-05-14 11:06:302024-05-14 11:06:30FCC Reveals Royal Tiger, its First Tagged Robocall Threat Actor
The Scattered Spider, a group of hackers, has been actively attacking the finance and insurance industries worldwide, using tactics like domain impersonation, SIM swapping, and partnering with the BlackCat ransomware group to breach high-value firms.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-05-14 10:07:082024-05-14 10:07:08Researchers Identify New Campaigns from Scattered Spider
The increased use of AI further complicates CISO role as industries begin to realize the full potential of GenAI and its impact on cybersecurity, according to a report by Trellix.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-05-14 10:07:082024-05-14 10:07:08AI’s Rapid Growth Puts Pressure on CISOs to Adapt to New Security Risks
BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Attackers Use DNS Tunneling to Track Victim Activity, Scan Networks
/in General NewsThreat actors are using DNS tunneling to track victims’ interaction with spam and to scan network infrastructures.
The post Attackers Use DNS Tunneling to Track Victim Activity, Scan Networks appeared first on SecurityWeek.
SecurityWeek – Read More
Google Patches Second Chrome Zero-Day in One Week
/in General NewsGoogle has patched CVE-2024-4761, the second exploited vulnerability addressed by the company within one week.
The post Google Patches Second Chrome Zero-Day in One Week appeared first on SecurityWeek.
SecurityWeek – Read More
6 Mistakes Organizations Make When Deploying Advanced Authentication
/in General NewsDeploying advanced authentication measures is key to helping organizations address their weakest cybersecurity link: their human users. Having some form of 2-factor authentication in place is a great start, but many organizations may not yet be in that spot or have the needed level of authentication sophistication to adequately safeguard organizational data. When deploying
The Hacker News – Read More
Ongoing Campaign Bombarded Enterprises with Spam Emails and Phone Calls
/in General NewsCybersecurity researchers have uncovered an ongoing social engineering campaign that bombards enterprises with spam emails with the goal of obtaining initial access to their environments for follow-on exploitation.
“The incident involves a threat actor overwhelming a user’s email with junk and calling the user, offering assistance,” Rapid7 researchers Tyler McGraw, Thomas Elkins, and
The Hacker News – Read More
Mallox Ransomware Deployed via MS-SQL Honeypot Attack
/in General NewsUpon analyzing Mallox samples, researchers identified two distinct affiliates using different approaches. One focused on exploiting vulnerable assets, while the other aimed at broader compromises of information systems on a larger scale.
Cyware News – Latest Cyber News – Read More
Google is planning on a fix to prevent accidental password deletion in Chrome
/in General NewsA default Google Chrome setting in Android could delete credentials saved in the Password Manager. But a potential fix is on the way.
Latest stories for ZDNET in Security – Read More
Student, Personnel Information Stolen in City of Helsinki Cyberattack
/in General NewsThe City of Helsinki says usernames, email addresses, and personal information was stolen in a recent cyberattack.
The post Student, Personnel Information Stolen in City of Helsinki Cyberattack appeared first on SecurityWeek.
SecurityWeek – Read More
FCC Reveals Royal Tiger, its First Tagged Robocall Threat Actor
/in General NewsThe FCC’s new robocall bad actor classification system, called Consumer Communications Information Services Threat (C-CIST), aims to help authorities identify and track threat actors abusing telecommunications infrastructure.
Cyware News – Latest Cyber News – Read More
Researchers Identify New Campaigns from Scattered Spider
/in General NewsThe Scattered Spider, a group of hackers, has been actively attacking the finance and insurance industries worldwide, using tactics like domain impersonation, SIM swapping, and partnering with the BlackCat ransomware group to breach high-value firms.
Cyware News – Latest Cyber News – Read More
AI’s Rapid Growth Puts Pressure on CISOs to Adapt to New Security Risks
/in General NewsThe increased use of AI further complicates CISO role as industries begin to realize the full potential of GenAI and its impact on cybersecurity, according to a report by Trellix.
Cyware News – Latest Cyber News – Read More