BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] WP Publications WordPress Plugin 1.2 - Stored XSS
- [local] Microsoft Graphics Component Windows 11 Pro (Build 26100+) - Local Elevation of Privileges
- [remote] Keras 2.15 - Remote Code Execution (RCE)
- [local] Microsoft Brokering File System Windows 11 Version 22H2 - Elevation of Privilege
- [webapps] PivotX 3.0.0 RC3 - Remote Code Execution (RCE)
- [hardware] TOTOLINK N300RB 8.54 - Command Execution
- [webapps] SugarCRM 14.0.0 - SSRF/Code Injection
- [webapps] Langflow 1.2.x - Remote Code Execution (RCE)
- [remote] NodeJS 24.x - Path Traversal
- [remote] MikroTik RouterOS 7.19.1 - Reflected XSS
UK’s AI Safety Institute Unveils Platform to Accelerate Safe AI Develo
/in General NewsThe platform, called Inspect, is set to pave the way for the safe innovation of AI models, according to the AI Safety Institute and Department for Science, Innovation and Technology (DIST).
Cyware News – Latest Cyber News – Read More
Criminal IP and Quad9 Collaborate to Exchange Domain and IP Threat Intelligence
/in General NewsBy cybernewswire
Torrance, California, May 13th, 2024, CyberNewsWire Criminal IP, a renowned Cyber Threat Intelligence (CTI) search engine developed by…
This is a post from HackRead.com Read the original post: Criminal IP and Quad9 Collaborate to Exchange Domain and IP Threat Intelligence
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
How Secure is the “Password Protection” on Your Files and Drives?
/in General NewsPassword protection alone is not enough to securely protect files and drives, as it can be easily circumvented, and hardware-based encryption is recommended for robust data security.
Cyware News – Latest Cyber News – Read More
Why Tokens Are Like Gold for Opportunistic Threat Actors
/in General NewsWhen setting authentication token expiry policies, always lean in to security over employee convenience.
darkreading – Read More
Black Basta Ransomware Group’s Worldwide Victim Count Tops 500
/in General NewsThe Black Basta ransomware group and its affiliates compromised hundreds of organizations worldwide between April 2022 and May 2024, according to a new report from several US government agencies.
Cyware News – Latest Cyber News – Read More
Surfshark VPN Brings Data Breach Awareness with See-Through Toilet Campaign
/in General NewsBy Waqas
Surfshark pulls a unique stunt in London with a see-through toilet! This security campaign uses public discomfort to spark a conversation about online data privacy. Learn how Surfshark VPN can help you protect your information.
This is a post from HackRead.com Read the original post: Surfshark VPN Brings Data Breach Awareness with See-Through Toilet Campaign
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
The 2024 Browser Security Report Uncovers How Every Web Session Could be a Security Minefield
/in General NewsWith the browser becoming the most prevalent workspace in the enterprise, it is also turning into a popular attack vector for cyber attackers. From account takeovers to malicious extensions to phishing attacks, the browser is a means for stealing sensitive data and accessing organizational systems.
Security leaders who are planning their security architecture
The Hacker News – Read More
GoTo Meeting Software Abused to Deploy Remcos RAT via Rust Shellcode Loader
/in General NewsA recent malware campaign was found exploiting the GoTo Meeting software to deploy the Remcos RAT by using DLL sideloading to execute a malicious DLL file named g2m.dll through a Rust-based shellcode loader.
Cyware News – Latest Cyber News – Read More
Nmap 7.95 Released With New OS and Service Detection Signatures
/in General NewsNmap 7.95 introduces a substantial update with 336 new signatures, expanding the total to 6,036. Notable additions include support for the latest iOS versions 15 & 16, macOS Ventura & Monterey, Linux 6.1, OpenBSD 7.1, and lwIP 2.2.
Cyware News – Latest Cyber News – Read More
RSAC: Experts Highlight Novel Cyber Threats and Tactics
/in General NewsCybersecurity experts at the RSA Conference highlighted the growing sophistication of cyber threats, including the expanding attack surface, identity-based attacks leveraging AI-generated deepfakes, and the use of generative AI to create malware.
Cyware News – Latest Cyber News – Read More