BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
CISA Issues Emergency Directive to Federal Agencies on Ivanti Zero-Day Exploits
/in General NewsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday issued an emergency directive urging Federal Civilian Executive Branch (FCEB) agencies to implement mitigations against two actively exploited zero-day flaws in Ivanti Connect Secure (ICS) and Ivanti Policy Secure (IPS) products.
The development came after the vulnerabilities – an authentication bypass
The Hacker News – Read More
Microsoft Says Russian Gov Hackers Stole Email Data from Senior Execs
/in General NewsA Russian government-backed hacking team broke into Microsoft’s corporate network and stole emails and attachments from senior executives.
The post Microsoft Says Russian Gov Hackers Stole Email Data from Senior Execs appeared first on SecurityWeek.
SecurityWeek – Read More
Massive Data Breach at VF Hits 35M Vans, Retail Customers
/in General NewsA month on from a retail conglomerate’s data breach, it’s still not clear exactly what the hackers stole, but impacted brands include Dickies, Northface, Timberland, Vans, and more.
darkreading – Read More
CISA Issues Emergency Directive on Ivanti Zero-Days
/in General NewsThe US government’s cybersecurity agency CISA ramps up the pressure on organizations to mitigate two exploited Ivanti VPN vulnerabilities.
The post CISA Issues Emergency Directive on Ivanti Zero-Days appeared first on SecurityWeek.
SecurityWeek – Read More
Ransomware Actor Uses TeamViewer to Gain Initial Access to Networks
/in General NewsAttackers have increasingly leveraged the widely used remote access tool, installed on hundreds of millions of endpoints, to break into victim environments.
darkreading – Read More
CISOs Struggle for C-Suite Status Even as Expectations Skyrocket
/in General NewsAn IANS survey shows that CISOs shoulder more and more legal and regulatory liability for data breaches, but few are getting the recognition or support they need.
darkreading – Read More
Third Ivanti Vulnerability Exploited in the Wild, CISA Reports
/in General NewsThough reports say this latest Ivanti bug is being exploited, it’s unclear exactly how threat actors are using it.
darkreading – Read More
Iran’s Mint Sandstorm APT Hits Universities with Hamas-Israel Phishing Scam
/in General NewsBy Deeba Ahmed
Bespoke Baits for Big Brains – Mint Sandstorm Deploys New Tactics to Infiltrate Universities.
This is a post from HackRead.com Read the original post: Iran’s Mint Sandstorm APT Hits Universities with Hamas-Israel Phishing Scam
Hackread – Latest Cybersecurity News, Press Releases & Technology Today – Read More
Update: VMware Confirms Critical vCenter Flaw Now Exploited in Attacks
/in General NewsA critical vCenter Server vulnerability (CVE-2023-34048) is actively being exploited, allowing attackers to execute remote code with high impact and without requiring authentication.
Cyware News – Latest Cyber News – Read More
PolyCrypt Runtime Crypter Being Sold on Cybercrime Forums
/in General NewsThe underground market for crypters, exemplified by PolyCrypt, facilitates the sale and use of these tools for malicious purposes, highlighting the ongoing challenge of cybercrime.
Cyware News – Latest Cyber News – Read More