BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Maryam - Open-source Intelligence(OSINT) Framework
- TruffleHog Explorer - A User-Friendly Web-Based Tool To Visualize And Analyze Data Extracted Using TruffleHog
- PANO - Advanced OSINT Investigation Platform Combining Graph Visualization, Timeline Analysis, And AI Assistance To Uncover Hidden Connections In Data
- Wappalyzer-Next - Python library that uses Wappalyzer extension (and its fingerprints) to detect technologies
- Telegram-Checker - A Python Tool For Checking Telegram Accounts Via Phone Numbers Or Usernames
- Torward - An Improved Version Based On The Torghost-Gn And Darktor Scripts, Designed To Enhance Anonymity On The Internet
- Instagram-Brute-Force-2024 - Instagram Brute Force 2024 Compatible With Python 3.13 / X64 Bit / Only Chrome Browser
- QuickResponseC2 - A Command & Control Server That Leverages QR Codes To Send Commands And Receive Results From Remote Systems
- Telegram-Scraper - A Powerful Python Script That Allows You To Scrape Messages And Media From Telegram Channels Using The Telethon Library
- Moukthar - Android Remote Administration Tool
Exploit DB
- [webapps] FoxCMS 1.2.5 - Remote Code Execution (RCE)
- [webapps] Drupal 11.x-dev - Full Path Disclosure
- [webapps] Apache Commons Text 1.10.0 - Remote Code Execution
- [webapps] Hunk Companion Plugin 1.9.0 - Unauthenticated Plugin Installation
- [webapps] Tatsu 3.3.11 - Unauthenticated RCE
- [remote] Langflow 1.3.0 - Remote Code Execution (RCE)
- [webapps] UJCMS 9.6.3 - User Enumeration via IDOR
- [webapps] Inventio Lite 4 - SQL Injection
- [webapps] KiviCare Clinic & Patient Management System (EHR) 3.6.4 - Unauthenticated SQL Injection
- [hardware] ABB Cylon Aspect 3.08.02 (deployStart.php) - Unauthenticated Command Execution
Rapid7 Delivers Command Platform Offerings for Exposure Management
/in General NewsPost Content
darkreading – Read More
3 VMware Zero-Day Bugs Allow Sandbox Escape
/in General NewsThe now-patched bugs are under active exploit and enable attackers to carry out a wide range of malicious activities, including escaping a virtual machine and gaining access to the underlying host.
darkreading – Read More
Threat Actor ‘JavaGhost’ Targets AWS Environments in Phishing Scheme
/in General NewsPalo Alto Networks’ Unit 42 details how a threat actor is dodging detection with careful targeting and the use of Amazon’s native email tools.
darkreading – Read More
Avoid unexpected credit card charges with my ultimate online shopping hack
/in General NewsI never use my personal credit card for free trials, and I never share my card info with unfamiliar vendors. Here’s what I do instead.
Latest stories for ZDNET in Security – Read More
Serbian Police Hack Protester’s Phone With Cellebrite Exploit Chain
/in General NewsAmnesty International said Serbian police used an exploit chain in tandem with legitimate mobile extraction dongle from vendor Cellebrite in an attack that brings up questions around ethical technology development.
darkreading – Read More
North Korea’s Latest ‘IT Worker’ Scheme Seeks Nuclear Funds
/in General NewsFraudulent IT workers are looking for engineering and developer positions in the US and Japan, and this time it’s not about espionage.
darkreading – Read More
Hackers launder most of Bybit’s stolen crypto worth $1.4B
/in General NewsExperts note that this is just the first step for the alleged North Korean hackers to profit from the historic heist.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Scammers Mailing Ransom Letters While Posing as BianLian Ransomware
/in General NewsScammers are impersonating BianLian ransomware, and mailing fake ransom letters to businesses. Learn the red flags and how…
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
North Koreans finish initial laundering stage after more than $1 billion stolen from Bybit
/in General NewsExperts from multiple blockchain security companies said Monday that the hackers were able to move all of the stolen ETH coins to new addresses — the first step taken before the funds can be laundered further.
The Record from Recorded Future News – Read More
Pentagon, CISA Deny Change in US Cyber Policy on Russia
/in General NewsMedia reports over the weekend suggested the Trump Administration ordered US Cyber Command and CISA to draw down cyber activities targeting Russia.
darkreading – Read More