BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] gogs 0.13.0 - Remote Code Execution (RCE)
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
- [webapps] Sitecore 10.4 - Remote Code Execution (RCE)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
Japan enacts new Active Cyberdefense Law allowing for offensive cyber operations
/in General NewsThe new law, which was first mooted in 2022, is intended to help Japan strengthen its cyber defense “to a level equal to major Western powers” and marks a break from the country’s traditional approach to cyber defense.
The Record from Recorded Future News – Read More
UK National Health Service suppliers asked to tackle ‘endemic’ ransomware attacks
/in General NewsIn an open letter, NHS suppliers were warned that ransomware incidents have been getting more severe and frequent in recent months.
The Record from Recorded Future News – Read More
New HTTPBot Botnet Launches 200+ Precision DDoS Attacks on Gaming and Tech Sectors
/in General NewsCybersecurity researchers are calling attention to a new botnet malware called HTTPBot that has been used to primarily single out the gaming industry, as well as technology companies and educational institutions in China.
“Over the past few months, it has expanded aggressively, continuously leveraging infected devices to launch external attacks,” NSFOCUS said in a report published this week. “By
The Hacker News – Read More
Top 10 Best Practices for Effective Data Protection
/in General NewsData is the lifeblood of productivity, and protecting sensitive data is more critical than ever. With cyber threats evolving rapidly and data privacy regulations tightening, organizations must stay vigilant and proactive to safeguard their most valuable assets. But how do you build an effective data protection framework?
In this article, we’ll explore data protection best practices from meeting
The Hacker News – Read More
Hackers Now Targeting US Retailers After UK Attacks, Google
/in General NewsHackers from the Scattered Spider group, known for UK retail attacks, are now targeting US retailers, Google cybersecurity…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
From 60 to 4,000: NATO’s Locked Shields Reflects Cyber Defense Growth
/in General NewsThe 15th edition of NATO’s Locked Shields cyber defense exercise brought together 4,000 experts from 41 countries.
The post From 60 to 4,000: NATO’s Locked Shields Reflects Cyber Defense Growth appeared first on SecurityWeek.
SecurityWeek – Read More
Researchers Expose New Intel CPU Flaws Enabling Memory Leaks and Spectre v2 Attacks
/in General NewsResearchers at ETH Zürich have discovered yet another security flaw that they say impacts all modern Intel CPUs and causes them to leak sensitive data from memory, showing that the vulnerability known as Spectre continues to haunt computer systems after more than seven years.
The vulnerability, referred to as Branch Privilege Injection (BPI), “can be exploited to misuse the prediction
The Hacker News – Read More
FBI Warns of Deepfake Messages Impersonating Senior Officials
/in General NewsThe FBI says former federal and state government officials are targeted with texts and AI-generated voice messages impersonating senior US officials.
The post FBI Warns of Deepfake Messages Impersonating Senior Officials appeared first on SecurityWeek.
SecurityWeek – Read More
I tested a TCL smart lock, and its palm vein recognition feature blew me away
/in General NewsThe TCL D1 Pro is a palm vein smart lock with five other unlocking methods for ultimate convenience.
Latest stories for ZDNET in Security – Read More
Fileless Remcos RAT Delivered via LNK Files and MSHTA in PowerShell-Based Attacks
/in General NewsCybersecurity researchers have shed light on a new malware campaign that makes use of a PowerShell-based shellcode loader to deploy a remote access trojan called Remcos RAT.
“Threat actors delivered malicious LNK files embedded within ZIP archives, often disguised as Office documents,” Qualys security researcher Akshay Thorve said in a technical report. “The attack chain leverages mshta.exe for
The Hacker News – Read More