BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Maryam - Open-source Intelligence(OSINT) Framework
- TruffleHog Explorer - A User-Friendly Web-Based Tool To Visualize And Analyze Data Extracted Using TruffleHog
- PANO - Advanced OSINT Investigation Platform Combining Graph Visualization, Timeline Analysis, And AI Assistance To Uncover Hidden Connections In Data
- Wappalyzer-Next - Python library that uses Wappalyzer extension (and its fingerprints) to detect technologies
- Telegram-Checker - A Python Tool For Checking Telegram Accounts Via Phone Numbers Or Usernames
- Torward - An Improved Version Based On The Torghost-Gn And Darktor Scripts, Designed To Enhance Anonymity On The Internet
- Instagram-Brute-Force-2024 - Instagram Brute Force 2024 Compatible With Python 3.13 / X64 Bit / Only Chrome Browser
- QuickResponseC2 - A Command & Control Server That Leverages QR Codes To Send Commands And Receive Results From Remote Systems
- Telegram-Scraper - A Powerful Python Script That Allows You To Scrape Messages And Media From Telegram Channels Using The Telethon Library
- Moukthar - Android Remote Administration Tool
Exploit DB
- [webapps] FoxCMS 1.2.5 - Remote Code Execution (RCE)
- [webapps] Drupal 11.x-dev - Full Path Disclosure
- [webapps] Apache Commons Text 1.10.0 - Remote Code Execution
- [webapps] Hunk Companion Plugin 1.9.0 - Unauthenticated Plugin Installation
- [webapps] Tatsu 3.3.11 - Unauthenticated RCE
- [remote] Langflow 1.3.0 - Remote Code Execution (RCE)
- [webapps] UJCMS 9.6.3 - User Enumeration via IDOR
- [webapps] Inventio Lite 4 - SQL Injection
- [webapps] KiviCare Clinic & Patient Management System (EHR) 3.6.4 - Unauthenticated SQL Injection
- [hardware] ABB Cylon Aspect 3.08.02 (deployStart.php) - Unauthenticated Command Execution
Knostic Secures $11 Million to Rein in Enterprise AI Data Leakage, Oversharing
/in General NewsKnostic provides a “need-to-know” filter on the answers generated by enterprise large language models (LLM) tools.
The post Knostic Secures $11 Million to Rein in Enterprise AI Data Leakage, Oversharing appeared first on SecurityWeek.
SecurityWeek – Read More
1 Million Third-Party Android Devices Have a Secret Backdoor for Scammers
/in General NewsNew research shows at least a million inexpensive Android devices—from TV streaming boxes to car infotainment systems—are compromised to allow bad actors to commit ad fraud and other cybercrime.
Security Latest – Read More
Chrome 134, Firefox 136 Patch High-Severity Vulnerabilities
/in General NewsChrome 134 and Firefox 136 are rolling out across desktop and mobile with patches for multiple high-severity vulnerabilities.
The post Chrome 134, Firefox 136 Patch High-Severity Vulnerabilities appeared first on SecurityWeek.
SecurityWeek – Read More
LinkedIn Phishing Scam: Fake InMail Messages Spreading ConnectWise Trojan
/in General NewsCofense uncovers new LinkedIn phishing scam delivering ConnectWise RAT. Learn how attackers bypass security with fake InMail emails…
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
US Sanctions Iranian Administrator of Nemesis Darknet Marketplace
/in General NewsIranian national Behrouz Parsarad sanctioned for running Nemesis, a marketplace used for narcotics trafficking and cybercrime.
The post US Sanctions Iranian Administrator of Nemesis Darknet Marketplace appeared first on SecurityWeek.
SecurityWeek – Read More
New Eleven11bot DDoS Botnet Powered by 80,000 Hacked Devices
/in General NewsThe Eleven11bot botnet has been described as one of the largest known DDoS botnets observed in recent years.
The post New Eleven11bot DDoS Botnet Powered by 80,000 Hacked Devices appeared first on SecurityWeek.
SecurityWeek – Read More
Apple is challenging U.K.’s iCloud encryption backdoor order
/in General NewsApple is challenging a U.K. Government data access order in the Investigatory Powers Tribunal (IPT), the Financial Times reports. The order targeted iCloud backups that are protected by end-to-end encryption. Last month, press leaks revealed the existence of the January order asking Apple to build a backdoor in iCloud’s encrypted backups. U.K. officials are exercising […]
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Seven Malicious Go Packages Found Deploying Malware on Linux and macOS Systems
/in General NewsCybersecurity researchers are alerting of an ongoing malicious campaign targeting the Go ecosystem with typosquatted modules that are designed to deploy loader malware on Linux and Apple macOS systems.
“The threat actor has published at least seven packages impersonating widely used Go libraries, including one (github[.]com/shallowmulti/hypert) that appears to target financial-sector developers
The Hacker News – Read More
Google Cuts Off uBlock Origin on Chrome as Firefox Stands Firm on Ad Blockers
/in General NewsThe problem started with Manifest V3, Chrome’s new extension specification, which is supposed to improve privacy.
Security | TechRepublic – Read More
GreyNoise Intelligence Releases New Research on Cybersecurity Vulns
/in General NewsPost Content
darkreading – Read More