BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
[wp-rss-aggregator feeds="kitploit" limit="10" pagination="off"]
Exploit DB
[wp-rss-aggregator feeds="exploit-db" limit="10" pagination="off"]
Latest news and insights on Security
Legitimate Shellter Pen-Testing Tool Used in Malware Attacks
/in General NewsA stolen copy of Shellter Elite shows how easily legitimate security tools can be repurposed by threat actors when vetting and oversight fail.
The post Legitimate Shellter Pen-Testing Tool Used in Malware Attacks appeared first on SecurityWeek.
SecurityWeek – Read More
Anatsa Android Banking Trojan Hits 90,000 Users with Fake PDF App on Google Play
/in General NewsCybersecurity researchers have discovered an Android banking malware campaign that has leveraged a trojan named Anatsa to target users in North America using malicious apps published on Google’s official app marketplace.
The malware, disguised as a “PDF Update” to a document viewer app, has been caught serving a deceptive overlay when users attempt to access their banking application, claiming
The Hacker News – Read More
Iranian ransomware group offers bigger payouts for attacks on Israel, US
/in General NewsThe Iran-linked ransomware-as-a-service group Pay2Key.I2P reportedly told affiliates that they can keep a larger cut of extortion payments if they attack entities within Iran’s adversaries.
The Record from Recorded Future News – Read More
The Wild Wild West of Agentic AI – An Attack Surface CISOs Can’t Afford to Ignore
/in General NewsAs organizations rush to adopt agentic AI, security leaders must confront the growing risk of invisible threats and new attack vectors.
The post The Wild Wild West of Agentic AI – An Attack Surface CISOs Can’t Afford to Ignore appeared first on SecurityWeek.
SecurityWeek – Read More
4 Critical Steps in Advance of 47-Day SSL/TLS Certificates
/in General NewsWith certificate lifespans set to shrink by 2029, IT teams need to spend the next 100 days planning in order to avoid operational disruptions.
darkreading – Read More
Hackers ‘Shellter’ Various Stealers in Red Team Tool to Evade Detection
/in General NewsResearchers have uncovered multiple campaigns spreading Lumma, Arechclient2, and Rhadamanthys malware by leveraging key features of the AV/EDR evasion framework.
darkreading – Read More
Marks & Spencer chair refuses to say if retailer paid hackers after ransomware attack
/in General NewsThe retail giant’s chair confirmed the breach was caused by ransomware.
Security News | TechCrunch – Read More
New spyware strain steals data from Russian industrial companies
/in General NewsMoscow-based cybersecurity firm Kaspersky said the campaign has already affected over 100 victims across several dozen Russian organizations, but did not disclose the specific targets.
The Record from Recorded Future News – Read More
SAP Patches Critical Flaws That Could Allow Remote Code Execution, Full System Takeover
/in General NewsSAP has released patches for multiple insecure deserialization vulnerabilities in NetWeaver that could lead to full system compromise.
The post SAP Patches Critical Flaws That Could Allow Remote Code Execution, Full System Takeover appeared first on SecurityWeek.
SecurityWeek – Read More
Checking for Fraud: Texas Community Bank Nips Check Fraud in the Bud
/in General NewsWithin months of implementing anti-fraud measures and automation, Texas National Bank prevented more than $300,000 in check fraud.
darkreading – Read More