BackBox Linux is a free Open Source penetration testing and security assessment oriented Linux distribution providing a network and systems analysis toolkit. It has been developed to perform penetration tests and security assessments. Designed to be fast, easy to use

During Q1 2019, Cryptolocker malware spiked to account for 24% of all malware used, up from only 9% in Q4 2018, according to a new report from Positive Technologies. “This malware is often used in combination with phishing, with hackers

Yet another city has fallen victim to a “a complex phishing email.” The scam cost Burlington, Ontario, Canada, C$503,000 – the equivalent of nearly US$375,000. “On Thursday, May 23, the City of Burlington discovered it was a victim of fraud.

Mozilla Released Security Updates for critical vulnerabilities that affected Thunderbird Mail client. The update fixes three high-level vulnerabilities and one low-level of vulnerability. Mozilla Thunderbird is a free and open-source cross-platform email client, RSS and chats client developed by the

Researchers have spotted a major new cyber-attack campaign targeting millions of Linux email servers around the world with a cryptomining malware payload. Exim accounts for over half (57%) of the globe’s internet email servers. Over 3.5 million are at risk

A new large scale cyber attack combines both the regular cybercrime and targeted attack tools to deliver cryptocurrency miners and ransomware. The campaign makes use of sophisticated hacking tools that previously used in targeted attacks. Trend Micro researchers observed that

Hackers are targeting millions of mail servers running vulnerable Exim mail transfer agent (MTA) versions, threat actors leverage the CVE-2019-10149 flaw. Millions of mail servers running vulnerable Exim mail transfer agent (MTA) versions are under attack, threat actors are exploiting

Cisco patches a critical vulnerability in the web-based UI (web UI) of Cisco IOS XE Software that could cause allow an unauthenticated, remote attacker to perform a CSRF attack on the vulnerable system. The vulnerability is due to a lack

Certificate Pinning is an extra layer of security to achieve protection against man-in-the-middle. It ensures only certified Certificate Authorities (CA) can sign certificates for your domain, and not any CA in your browser store. Application developers implement Certificate pinning to

Nearly 1,000 employees in ASCO’s Zaventem, Belgium, office have been left incapable of doing their jobs after a ransomware attack crippled the aircraft-parts manufacturer, according to a June 11 report from vrt NWS. “From the ISF’s standpoint, everyone who has

After the data of more than 20 million patients was potentially exposed during the cyber-attack against American Medical Collection Agency (AMCA), the third-party collection agency for laboratories, hospitals, physician groups, medical providers and others, attorney generals (AGs) in such states

Malware infections could be devastating for production environments, a ransomware infection halts production operations for days at airplane parts manufacturer ASCO. ASCO, is of the world’s largest manufacturers of aerospace components The company has offices and production plants in Belgium,

Businesses in the UK lose an average of two-and-a-half months per year in time spent dealing with poor password management, according to new research from OneLogin. As detailed in its report Password Practices 2019, OneLogin surveyed 600 global IT professionals

RAMBleed is a new Rowhammer based side-channel attack that enables an attacker to read out the physical memory associated with the other process. Academic researchers Andrew Kwong and Daniel Genkin from the University of Michigan, Daniel Gruss form Graz University

FIN8 hacker group is back with a new highly sophisticated variant of the ShellTea malware and carried out attacks against hotel and entertainment industry. This would be the first attack by FIN8 hacker group in 2019, and it is believed

Security experts discovered a vulnerability in the popular Evernote Web Clipper for Chrome can be exploited to steal sensitive data from sites visited by users. Security experts at browser security firm Guardio discovered a critical universal cross-site scripting (XSS) vulnerability