BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Canva Warns of Three Security Vulnerabilities in Fonts
/in General NewsThe first, CVE-2023-45139, involved a high-severity bug in the FontTools library. The second and third vulnerabilities, CVE-2024-25081 and CVE-2024-25082, were related to naming conventions and compression.
Cyware News – Latest Cyber News – Read More
Flaws in Public Records Management Tool Could Let Hackers Nab Sensitive Data Linked to Requests
/in General NewsThe GovQA platform, used by state and local governments for public records requests, had vulnerabilities that could have allowed hackers to access sensitive personal information, edit requests, and download unsecured files.
Cyware News – Latest Cyber News – Read More
CISA Adds Apple iOS and iPadOS Memory Corruption Bugs to its Known Exploited Vulnerabilities Catalog
/in General NewsThese memory corruption vulnerabilities, tracked as CVE-2024-23225 and CVE-2024-23296, were exploited in attacks against iPhone devices. Apple released emergency security updates to address these zero-day vulnerabilities.
Cyware News – Latest Cyber News – Read More
CISO Corner: NSA Guidelines; a Utility SBOM Case Study; Lava Lamps
/in General NewsOur collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps.
darkreading – Read More
Google Engineer Steals AI Trade Secrets for Chinese Companies
/in General NewsChinese national Linwei Ding is accused of pilfering more than 500 files containing Google IP while affiliating with two China-based startups at the same time.
darkreading – Read More
Broke Cyber Pros Flock to Cybercrime Side Hustles
/in General NewsBurned-out cybersecurity professionals dealing with layoffs and stressful working conditions are increasingly finding a better way to earn a buck: cybercrime.
darkreading – Read More
Microsoft Confirms Russian Hackers Stole Source Code, Some Customer Secrets
/in General NewsMicrosoft on Friday revealed that the Kremlin-backed threat actor known as Midnight Blizzard (aka APT29 or Cozy Bear) managed to gain access to some of its source code repositories and internal systems following a hack that came to light in January 2024.
“In recent weeks, we have seen evidence that Midnight Blizzard is using information initially exfiltrated from our
The Hacker News – Read More
Sam Altman reinstated to OpenAI board after investigation clears him of wrongdoing
/in General NewsIn a stunning turn of events, Sam Altman, the high-profile CEO of OpenAI, will be rejoining the company’s board of directors just months after being ousted amid concerns about his leadership. The move comes as an independent investigation commissioned by OpenAI’s board found no evidence of misconduct that would warrant Altman’s re…Read More
Security News | VentureBeat – Read More
Unsecured Video Doorbells Sold on Major Platforms: Millions at Risk of Hacking
/in General NewsBy Deeba Ahmed
Major Retailers Selling Video Doorbells with Serious Security Flaws, Consumer Reports Warns.
This is a post from HackRead.com Read the original post: Unsecured Video Doorbells Sold on Major Platforms: Millions at Risk of Hacking
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Microsoft Says Russian Gov Hackers Stole Source Code After Spying on Executive Emails
/in General NewsMicrosoft says the Midnight Blizzard APT group may still be poking around its internal network after stealing source code, spying on emails.
The post Microsoft Says Russian Gov Hackers Stole Source Code After Spying on Executive Emails appeared first on SecurityWeek.
SecurityWeek – Read More