BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Pro-Palestinian Operation Claims Dozens of Data Breaches Against Israeli Firms
/in General NewsPro-Palestinian hackers belonging to the group Cyber Toufan have successfully breached and leaked data from numerous Israeli entities, including foreign companies doing business with Israel.
Cyware News – Latest Cyber News – Read More
Spotify Music Converter TuneFab Puts Users at Risk Due to Misconfigured MongoDB Instance
/in General NewsTuneFab converter, a tool used to convert copyrighted music from streaming platforms, exposed over 151 million records of users’ private data due to a misconfiguration on MongoDB.
Cyware News – Latest Cyber News – Read More
Hospitals Ask Courts to Force Cloud Storage Firm to Return Stolen Data
/in General NewsTwo New York hospitals are seeking a court order to retrieve stolen data stored on a cloud storage company’s servers after a ransomware attack. The stolen data includes sensitive information such as patients’ personal and health information.
Cyware News – Latest Cyber News – Read More
Researchers Crack Tesla Autopilot with ‘Elon Mode,’ Access Critical Data
/in General NewsBy Deeba Ahmed
German cybersecurity researchers from Technische Universität Berlin employed a €600 (£520 – $660) tool to gain root access to the ARM64-based circuit board of Tesla’s autopilot.
This is a post from HackRead.com Read the original post: Researchers Crack Tesla Autopilot with ‘Elon Mode,’ Access Critical Data
Hackread – Latest Cybersecurity News, Press Releases & Technology Today – Read More
New Variant of DLL Search Order Hijacking Bypasses Windows 10 and 11 Protections
/in General NewsSecurity researchers have detailed a new variant of a dynamic link library (DLL) search order hijacking technique that could be used by threat actors to bypass security mechanisms and achieve execution of malicious code on systems running Microsoft Windows 10 and Windows 11.
The approach “leverages executables commonly found in the trusted WinSxS folder and exploits them via the classic DLL
The Hacker News – Read More
New Terrapin Flaw Could Let Attackers Downgrade SSH Protocol Security
/in General NewsSecurity researchers from Ruhr University Bochum have discovered a vulnerability in the Secure Shell (SSH) cryptographic network protocol that could allow an attacker to downgrade the connection’s security by breaking the integrity of the secure channel.
Called Terrapin (CVE-2023-48795, CVSS score: 5.9), the exploit has been described as the “first ever practically exploitable prefix
The Hacker News – Read More
New JinxLoader Targeting Users with Formbook and XLoader Malware
/in General NewsA new Go-based malware loader called JinxLoader is being used by threat actors to deliver next-stage payloads such as Formbook and its successor XLoader.
The disclosure comes from cybersecurity firms Palo Alto Networks Unit 42 and Symantec, both of which highlighted multi-step attack sequences that led to the deployment of JinxLoader through phishing attacks.
“The
The Hacker News – Read More
Microsoft Disables App Installer After Feature is Abused for Malware
/in General NewsBy Deeba Ahmed
According to the Microsoft Threat Intelligence Team, threat actors labeled as ‘financially motivated’ utilize the ms-appinstaller URI scheme for malware distribution.
This is a post from HackRead.com Read the original post: Microsoft Disables App Installer After Feature is Abused for Malware
Hackread – Latest Cybersecurity News, Press Releases & Technology Today – Read More
Google Fixes Nearly 100 Android Security Issues
/in General NewsPlus: Apple shuts down a Flipper Zero Attack, Microsoft patches more than 30 vulnerabilities, and more critical updates for the last month of 2023.
Security Latest – Read More
Google Settles $5 Billion Privacy Lawsuit Over Tracking People Using ‘Incognito Mode’
/in General NewsGoogle agreed to settle a $5 billion privacy lawsuit claiming that it continued spying on people who used the “incognito” mode in its Chrome browser.
The post Google Settles $5 Billion Privacy Lawsuit Over Tracking People Using ‘Incognito Mode’ appeared first on SecurityWeek.
SecurityWeek – Read More