BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Windows SmartScreen Bug Abused to Deploy Phemedrone Stealer
/in General NewsCyware News – Latest Cyber News – Read More
Tokyo startup Sakana AI lands $30M to forge new path with compact AI models
/in General NewsSakana AI, a Tokyo-based startup founded by former Google researchers, raises $30 million to develop smaller, efficient AI models inspired by natural swarm intelligence.Read More
Security News | VentureBeat – Read More
Ivanti Zero-Day Exploits Skyrocket Worldwide; No Patches Yet
/in General NewsAnyone who hasn’t mitigated two zero-day security bugs in Ivanti VPNs may already be compromised by a Chinese nation-state actor.
darkreading – Read More
Effective Incident Response Relies on Internal and External Partnerships
/in General NewsDark Reading Research finds increased collaboration between security incident responders and groups within the HR, legal, and communications functions.
darkreading – Read More
Accenture and SandboxAQ Collaborate to Help Organizations Protect Data
/in General NewsPost Content
darkreading – Read More
Savvy Launches Identity-First Security Offering to Combat Toxic Combinations Driving SaaS Risk
/in General NewsPost Content
darkreading – Read More
Snyk Acquires Helios for Runtime Visibility
/in General NewsDeveloper-security company Snyk acquired Helois, a startup specializing in capturing security-relevant data from live applications.
darkreading – Read More
Citrix, VMware, and Atlassian Hit with Critical Flaws — Patch ASAP!
/in General NewsCitrix is warning of two zero-day security vulnerabilities in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway) that are being actively exploited in the wild.
The flaws are listed below –
CVE-2023-6548 (CVSS score: 5.5) – Authenticated (low privileged) remote code execution on Management Interface (requires access to NSIP, CLIP, or SNIP with management
The Hacker News – Read More
Zero-Day Alert: Update Chrome Now to Fix New Actively Exploited Vulnerability
/in General NewsGoogle on Tuesday released updates to fix four security issues in its Chrome browser, including an actively exploited zero-day flaw.
The issue, tracked as CVE-2024-0519, concerns an out-of-bounds memory access in the V8 JavaScript and WebAssembly engine, which can be weaponized by threat actors to trigger a crash.
“By reading out-of-bounds memory, an attacker might be able to get secret values,
The Hacker News – Read More
Google Warns of Chrome Browser Zero-Day Being Exploited
/in General NewsThe exploited zero-day, tagged as CVE-2024-0519, is described as an out-of-bounds memory access issue in the V8 JavaScript engine.
The post Google Warns of Chrome Browser Zero-Day Being Exploited appeared first on SecurityWeek.
SecurityWeek – Read More