BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Targeted Phishing Linked to ‘The Com’ Surges in the US, the UK, and Canada
/in General NewsA persistent social engineering threat faced by enterprises involves attackers trying to obtain login credentials for identity and access management (IAM), cloud resources, or single sign-on (SSO)-enabled systems.
Cyware News – Latest Cyber News – Read More
Distinctive Campaign Evolution of Pikabot Malware
/in General NewsPikaBot, along with other malicious loaders like QBot and DarkGate, heavily depends on spam campaigns for distribution. Its initial access strategies are intricately crafted, utilizing geographically targeted spam emails for specific countries.
Cyware News – Latest Cyber News – Read More
5 Best Password Managers for Android in 2024
/in General NewsExplore the best password managers for Android devices that offer secure storage and easy access to your passwords. Find out which one suits your needs best.
Security | TechRepublic – Read More
Considerations for Operational Technology Cybersecurity
/in General NewsOperational Technology (OT) refers to the hardware and software used to change, monitor, or control the enterprise’s physical devices, processes, and events. Unlike traditional Information Technology (IT) systems, OT systems directly impact the physical world. This unique characteristic of OT brings additional cybersecurity considerations not typically present in conventional IT security
The Hacker News – Read More
New HTTP/2 Vulnerability Exposes Web Servers to DoS Attacks
/in General NewsNew research has found that the CONTINUATION frame in the HTTP/2 protocol can be exploited to conduct denial-of-service (DoS) attacks.
The technique has been codenamed HTTP/2 CONTINUATION Flood by security researcher Bartek Nowotarski, who reported the issue to the CERT Coordination Center (CERT/CC) on January 25, 2024.
“Many HTTP/2 implementations do not properly limit or sanitize the
The Hacker News – Read More
Microsoft Exchange State-Linked Hack Entirely Preventable, Cyber Review Board Finds
/in General NewsThe China-affiliated threat actor Microsoft identified as Storm-0558 compromised the Microsoft Exchange Online mailboxes of 22 organizations and more than 500 individuals in the attacks, which began in May 2023.
Cyware News – Latest Cyber News – Read More
Pixel Phone Zero-Days Exploited by Forensic Firms
/in General NewsGoogle this week patched two Pixel phone zero-day vulnerabilities actively exploited by forensic companies to obtain data from devices.
The post Pixel Phone Zero-Days Exploited by Forensic Firms appeared first on SecurityWeek.
SecurityWeek – Read More
Get a Lifetime of VPN Protection for Just $16
/in General NewsDuring a special sale event, you can get an extra 20% off our already discounted price on RealVPN, bringing it down to just $16 for life. Use code SECURE20 at checkout.
Security | TechRepublic – Read More
New HTTP/2 DoS Attack Potentially More Severe Than Record-Breaking Rapid Reset
/in General NewsNew HTTP/2 DoS method named Continuation Flood can pose a greater risk than Rapid Reset, which has been used for record-breaking attacks.
The post New HTTP/2 DoS Attack Potentially More Severe Than Record-Breaking Rapid Reset appeared first on SecurityWeek.
SecurityWeek – Read More
Zoom Paid Out $10 Million via Bug Bounty Program Since 2019
/in General NewsVideo conferencing giant Zoom has paid out $10 million through its bug bounty program since it was launched in 2019.
The post Zoom Paid Out $10 Million via Bug Bounty Program Since 2019 appeared first on SecurityWeek.
SecurityWeek – Read More