BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Zero-Day Vulnerability can Blind Defenses Relying on Windows Event Logs
/in General NewsThe vulnerability can be leveraged by an attacker with local network access, and until Microsoft issues a patch, users can implement micropatches provided by Acros to mitigate the risk.
Cyware News – Latest Cyber News – Read More
Exploit Released for Android Local Elevation Flaw Impacting Seven OEMs
/in General NewsA local privilege elevation flaw (CVE-2023-45779) affecting several Android OEMs was discovered and addressed in the December 2023 security update, highlighting weaknesses in APEX module signing using test keys.
Cyware News – Latest Cyber News – Read More
Hackers Obtain Confidential Information on Romanian Officials After Cyberattack at Parliament
/in General NewsHackers breached the Romanian Chamber of Deputies’ database and obtained confidential information, including the prime minister’s identity documents and medical analyses. They threatened to release the data unless they received a ransom of $34,000.
Cyware News – Latest Cyber News – Read More
The Rise of Python-Scripted Ransomware
/in General NewsThe ransomware, named “grinchv3,” self-copies itself to the startup folder for persistence, encrypts user data using the Fernet symmetric key encryption algorithm, and adds a pop-up message after encryption.
Cyware News – Latest Cyber News – Read More
Man Sentenced to Prison for Stealing Millions in Cryptocurrency via SIM Swapping
/in General NewsDaniel James Junk sentenced to six years in prison for stealing millions in cryptocurrency through SIM swapping.
The post Man Sentenced to Prison for Stealing Millions in Cryptocurrency via SIM Swapping appeared first on SecurityWeek.
SecurityWeek – Read More
Football Australia Data Leak Exposes Players’ Contracts, Fans’ Personal Details
/in General NewsThe leak included passports, player contracts, and personal data, potentially affecting every Australian football fan. Cybersecurity experts believe the breach was likely due to human error, and the FA is investigating the matter.
Cyware News – Latest Cyber News – Read More
Why Are Cybersecurity Automation Projects Failing?
/in General NewsThe cybersecurity industry has taken limited action to reduce cybersecurity process friction, reduce mundane tasks and improve overall user experience.
The post Why Are Cybersecurity Automation Projects Failing? appeared first on SecurityWeek.
SecurityWeek – Read More
Ransomware Incidents Hit Record High, But Law Enforcement Takedowns Slow Growth
/in General NewsAccording to Corvus, the number of active ransomware groups grew by 34% between Q1 and Q4 2023, linked to the fracturing of well-known ransomware groups that leaked their proprietary encryptors.
Cyware News – Latest Cyber News – Read More
CISA Warns of Active Exploitation of Critical Flaws in Apple iOS and macOS
/in General NewsThe flaw allows attackers with arbitrary read and write capability to bypass Pointer Authentication, and it’s recommended that Federal Civilian Executive Branch (FCEB) agencies apply the fixes by February 21, 2024.
Cyware News – Latest Cyber News – Read More
Brazilian Police Make Arrests in Grandoreiro Banking Malware Case
/in General NewsThe Grandoreiro malware can track keyboard inputs, simulate mouse activity, and initiate communication with criminals’ servers, making it a potent threat to banking activities.
Cyware News – Latest Cyber News – Read More