BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Cybersecurity Firms Raised $2.3 Billion in Q1 2024: Report
/in General NewsCybersecurity companies raised $2.3 billion in funding in Q1 2024, a 20% decrease compared to the same period of 2023, according to Pinpoint.
The post Cybersecurity Firms Raised $2.3 Billion in Q1 2024: Report appeared first on SecurityWeek.
SecurityWeek – Read More
Magento Vulnerability Exploited to Deploy Persistent Backdoor
/in General NewsAttackers are exploiting a recent Magento vulnerability to deploy a persistent backdoor on ecommerce websites.
The post Magento Vulnerability Exploited to Deploy Persistent Backdoor appeared first on SecurityWeek.
SecurityWeek – Read More
From PDFs to Payload: Bogus Adobe Acrobat Reader Installers Distribute Byakugan Malware
/in General NewsBogus installers for Adobe Acrobat Reader are being used to distribute a new multi-functional malware dubbed Byakugan.
The starting point of the attack is a PDF file written in Portuguese that, when opened, shows a blurred image and asks the victim to click on a link to download the Reader application to view the content.
According to Fortinet FortiGuard Labs, clicking the URL
The Hacker News – Read More
Acuity Responds to US Government Data Theft Claims, Says Hackers Obtained Old Info
/in General NewsAcuity, the tech firm from which hackers claimed to have stolen State Department and other government data, confirms hack, but says stolen info is old.
The post Acuity Responds to US Government Data Theft Claims, Says Hackers Obtained Old Info appeared first on SecurityWeek.
SecurityWeek – Read More
Lens Maker Hoya Scrambling to Restore Systems Following Cyberattack
/in General NewsJapanese lens maker Hoya says production processes and ordering systems were disrupted by a cyberattack.
The post Lens Maker Hoya Scrambling to Restore Systems Following Cyberattack appeared first on SecurityWeek.
SecurityWeek – Read More
Bing Ad for NordVPN Leads to SecTopRAT
/in General NewsA very recent malvertising campaign was found impersonating the popular VPN software NordVPN. A malicious advertiser is capturing traffic from Bing searches and redirecting users to a decoy site that looks almost identical to the real one.
Cyware News – Latest Cyber News – Read More
New Wave of JSOutProx Malware Targeting Financial Firms in APAC and MENA
/in General NewsFinancial organizations in the Asia-Pacific (APAC) and Middle East and North Africa (MENA) are being targeted by a new version of an “evolving threat” called JSOutProx.
“JSOutProx is a sophisticated attack framework utilizing both JavaScript and .NET,” Resecurity said in a technical report published this week.
“It employs the .NET (de)serialization feature to interact with a core
The Hacker News – Read More
Researchers Identify Multiple China Hacker Groups Exploiting Ivanti Security Flaws
/in General NewsMultiple China-nexus threat actors have been linked to the zero-day exploitation of three security flaws impacting Ivanti appliances (CVE-2023-46805, CVE-2024-21887, and CVE-2024-21893).
The clusters are being tracked by Mandiant under the monikers UNC5221, UNC5266, UNC5291, UNC5325, UNC5330, and UNC5337. Another group linked to the exploitation spree is UNC3886.
The Google Cloud
The Hacker News – Read More
Byakugan – The Malware Behind a Phishing Attack
/in General NewsIn January 2024, FortiGuard Labs collected a PDF file written in Portuguese that distributes a multi-functional malware known as Byakugan. While investigating this campaign, a report about it was published.
Cyware News – Latest Cyber News – Read More
Critical Flaw in LayerSlider WordPress Plugin Impacts One Million Sites
/in General NewsA premium WordPress plugin named LayerSlider, used in over one million sites, is vulnerable to unauthenticated SQL injection, requiring admins to prioritize applying security updates for the plugin.
Cyware News – Latest Cyber News – Read More