BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
[wp-rss-aggregator feeds="kitploit" limit="10" pagination="off"]
Exploit DB
[wp-rss-aggregator feeds="exploit-db" limit="10" pagination="off"]
Latest news and insights on Security
SurePath AI Raises $5.2 Million for Gen-AI Governance Solution
/in General NewsSurePath AI has raised $5.2 million in seed funding for a solution that helps enterprises securely use generative AI.
The post SurePath AI Raises $5.2 Million for Gen-AI Governance Solution appeared first on SecurityWeek.
SecurityWeek – Read More
Glove Stealer Malware Bypasses Chrome’s App-Bound Encryption
/in General NewsThe Glove Stealer malware leverages a recently disclosed App-Bound encryption bypass method in attacks.
The post Glove Stealer Malware Bypasses Chrome’s App-Bound Encryption appeared first on SecurityWeek.
SecurityWeek – Read More
Trump 2.0 May Mean Fewer Cybersecurity Regs, Shift in Threats
/in General NewsGiven increased tensions with China over tariffs, companies could see a shift in attacks, but also fewer regulations and a run at a business-friendly federal privacy law.
darkreading – Read More
Known Brand, Government Domains Hijacked via Sitting Ducks Attacks
/in General NewsThreat actors have hijacked over 70,000 domains, including known brands and government entities, because of failed domain ownership verification.
The post Known Brand, Government Domains Hijacked via Sitting Ducks Attacks appeared first on SecurityWeek.
SecurityWeek – Read More
How AI Is Transforming IAM and Identity Security
/in General NewsIn recent years, artificial intelligence (AI) has begun revolutionizing Identity Access Management (IAM), reshaping how cybersecurity is approached in this crucial field. Leveraging AI in IAM is about tapping into its analytical capabilities to monitor access patterns and identify anomalies that could signal a potential security breach. The focus has expanded beyond merely managing human
The Hacker News – Read More
CISA Warns of Two More Palo Alto Expedition Flaws Exploited in Attacks
/in General NewsCISA has added two more Palo Alto Networks Expedition flaws, CVE-2024-9463 and CVE-2024-9465, to its KEV catalog.
The post CISA Warns of Two More Palo Alto Expedition Flaws Exploited in Attacks appeared first on SecurityWeek.
SecurityWeek – Read More
Palo Alto Networks Confirms New Firewall Zero-Day Exploitation
/in General NewsPalo Alto Networks has confirmed that a zero-day is being exploited in attacks after investigating claims of a firewall remote code execution flaw.
The post Palo Alto Networks Confirms New Firewall Zero-Day Exploitation appeared first on SecurityWeek.
SecurityWeek – Read More
LightSpy Spyware Operation Expands to Windows
/in General NewsThe Chinese APT behind the LightSpy iOS backdoor has expanded its toolset with DeepData, a modular Windows-based surveillance framework.
The post LightSpy Spyware Operation Expands to Windows appeared first on SecurityWeek.
SecurityWeek – Read More
Introduction to Offensive Security – The Ethics and Legality of Cybersecurity
/in General NewsOffensive security practices like penetration testing and red teaming are used to identify and address vulnerabilities before malicious actors exploit them. Ethical hacking activities, while legal, often receive public scrutiny because they are associated with “hacking.” The term “hacker” is commonly linked to criminal activities, thanks to media portrayal. We will follow the convention of…
Source
TechSplicer – Read More
High-Severity Flaw in PostgreSQL Allows Hackers to Exploit Environment Variables
/in General NewsCybersecurity researchers have disclosed a high-severity security flaw in the PostgreSQL open-source database system that could allow unprivileged users to alter environment variables, and potentially lead to code execution or information disclosure.
The vulnerability, tracked as CVE-2024-10979, carries a CVSS score of 8.8.
Environment variables are user-defined values that can allow a program
The Hacker News – Read More