BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
- Uro - Declutters Url Lists For Crawling/Pentesting
Exploit DB
- [remote] Apache ActiveMQ 6.1.6 - Denial of Service (DOS)
- [local] VirtualBox 7.0.16 - Privilege Escalation
- [webapps] WordPress Depicter Plugin 3.6.1 - SQL Injection
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
- [webapps] Casdoor 1.901.0 - Cross-Site Request Forgery (CSRF)
- [webapps] Grokability Snipe-IT 8.0.4 - Insecure Direct Object Reference (IDOR)
- [local] Daikin Security Gateway 14 - Remote Password Reset
- [local] ZTE ZXV10 H201L - RCE via authentication bypass
Dark Web Sales Driving Major Rise in Credential Attacks
/in General NewsA rise in infostealer malware attacks over the past three years has enabled cybercriminal groups to turn credential stealing into a major money-making business, paving the way for new entrants in the field and sophisticated hacking techniques.
Cyware News – Latest Cyber News – Read More
IT and Cybersecurity Jobs in the Age of Emerging AI Technologies
/in General NewsBy Waqas
Fear AI taking your IT or cybersecurity job? Don’t! Learn how AI creates new opportunities in network management, threat detection & more.
This is a post from HackRead.com Read the original post: IT and Cybersecurity Jobs in the Age of Emerging AI Technologies
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
BlackTech Targets Tech, Research, and Gov Sectors New ‘Deuterbear’ Tool
/in General NewsTechnology, research, and government sectors in the Asia-Pacific region have been targeted by a threat actor called BlackTech as part of a recent cyber attack wave.
The intrusions pave the way for an updated version of modular backdoor dubbed Waterbear as well as its enhanced successor referred to as Deuterbear.
“Waterbear is known for its complexity, as it
The Hacker News – Read More
NSA Shares Best Practices for Secure AI Systems
/in General NewsThe guidance offers a wide range of best practices, including that organizations adopt a zero trust mindset, actively monitor the AI model’s behavior, and require the primary developer of the AI system to provide a threat model for their system.
Cyware News – Latest Cyber News – Read More
Threat-Intelligence Startup VulnCheck Closes $8M Seed Financing
/in General NewsVulnCheck banks $8 million in early stage capital to build ‘exploit intelligence’ technologies and services.
The post Threat-Intelligence Startup VulnCheck Closes $8M Seed Financing appeared first on SecurityWeek.
SecurityWeek – Read More
AI Lowers Barrier for Cyber-Adversary Manipulation in 2024 Election
/in General NewsSecuring the presidential election requires vigilance and hardened cybersecurity defenses.
darkreading – Read More
In Other News: OSS Backdooring Attempts, Botnet Operator Charged, Automotive Firm Attack
/in General NewsNoteworthy stories that might have slipped under the radar: OpenSSF and OpenJS incidents similar to XZ backdoor, Moldovan botnet operator charged, US automotive company targeted by FIN7.
The post In Other News: OSS Backdooring Attempts, Botnet Operator Charged, Automotive Firm Attack appeared first on SecurityWeek.
SecurityWeek – Read More
Tuta Mail (Tutanota) Accuses Google of Censoring Its Search Results
/in General NewsBy Deeba Ahmed
Shadowboxing in Search Results: Tuta Mail De-ranked and Disappearing on Google!
This is a post from HackRead.com Read the original post: Tuta Mail (Tutanota) Accuses Google of Censoring Its Search Results
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
CISA, FBI, and ODNI Release Guidance for Securing Election Infrastructure Against the Tactics of Foreign Malign Influence Operations
/in General NewsThe guidance document details the latest tactics employed in foreign malign influence operations to shape U.S. policies, decisions, and discourse and could be used to target America’s election infrastructure.
Cyware News – Latest Cyber News – Read More
First Major Attempts to Regulate AI Face Headwinds From All Sides
/in General NewsWhile over 400 AI-related bills are being debated this year in statehouses nationwide, most target one industry or just a piece of the technology — such as deepfakes used in elections.
The post First Major Attempts to Regulate AI Face Headwinds From All Sides appeared first on SecurityWeek.
SecurityWeek – Read More