BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] gogs 0.13.0 - Remote Code Execution (RCE)
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
- [remote] Microsoft Excel 2024 Use after free - Remote Code Execution (RCE)
Marks & Spencer Says Data Stolen in Ransomware Attack
/in General NewsMarks & Spencer has confirmed that personal information was stolen in a recent cyberattack claimed by a ransomware group.
The post Marks & Spencer Says Data Stolen in Ransomware Attack appeared first on SecurityWeek.
SecurityWeek – Read More
Marks & Spencer confirms customer data stolen in cyberattack
/in General NewsM&S said that some customer data — but not payment card details or passwords — had been breached in a recent cyberattack.
The Record from Recorded Future News – Read More
North Korean hackers target Ukrainian government in new espionage campaign
/in General NewsThe latest wave of activity in Ukraine suggests that Pyongyang is seeking to “better understand the appetite to continue fighting against the Russian invasion” and “the medium-term outlook of the conflict,” according to the latest report by cybersecurity firm Proofpoint.
The Record from Recorded Future News – Read More
Output Messenger Zero-Day Exploited by Turkish Hackers for Iraq Spying
/in General NewsA Turkey-affiliated espionage group has exploited a zero-day vulnerability in Output Messenger since April 2024.
The post Output Messenger Zero-Day Exploited by Turkish Hackers for Iraq Spying appeared first on SecurityWeek.
SecurityWeek – Read More
Suspected DoppelPaymer Ransomware Group Member Arrested
/in General NewsA 45-year-old individual was arrested in Moldova for his suspected involvement in DoppelPaymer ransomware attacks.
The post Suspected DoppelPaymer Ransomware Group Member Arrested appeared first on SecurityWeek.
SecurityWeek – Read More
Orca Snaps Up Opus in Cloud Security Automation Push
/in General NewsOrca positioned the deal as an expansion of its capabilities into the realm of AI-based autonomous remediation and prevention.
The post Orca Snaps Up Opus in Cloud Security Automation Push appeared first on SecurityWeek.
SecurityWeek – Read More
I wanted a privacy screen protector – until I put one on my Galaxy S25 Ultra
/in General NewsThe extra security is cool. Too bad the drawbacks aren’t.
Latest stories for ZDNET in Security – Read More
CISA Warns of Flaw in TeleMessage App Used by Ex-National Security Advisor
/in General NewsAn information exposure flaw in TeleMessage has been added to CISA’s Known Exploited Vulnerabilities catalog.
The post CISA Warns of Flaw in TeleMessage App Used by Ex-National Security Advisor appeared first on SecurityWeek.
SecurityWeek – Read More
North Korea’s TA406 Targets Ukraine for Intel
/in General NewsThe threat group’s goal is to help Pyongyang assess risk to its troops deployed in Ukraine and to figure out if Moscow might want more.
darkreading – Read More
Moldovan Police Arrest Suspect in €4.5M Ransomware Attack on Dutch Research Agency
/in General NewsMoldovan law enforcement authorities have arrested a 45-year-old foreign man suspected of involvement in a series of ransomware attacks targeting Dutch companies in 2021.
“He is wanted internationally for committing several cybercrimes (ransomware attacks, blackmail, and money laundering) against companies based in the Netherlands,” officials said in a statement Monday.
In conjunction with the
The Hacker News – Read More