BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [remote] Ingress-NGINX 4.11.0 - Remote Code Execution (RCE)
- [local] Microsoft Excel LTSC 2024 - Remote Code Execution (RCE)
- [remote] FortiOS SSL-VPN 7.4.4 - Insufficient Session Expiration & Cookie Reuse
- [remote] Windows 11 SMB Client - Privilege Escalation & Remote Code Execution (RCE)
- [remote] PCMan FTP Server 2.0.7 - Buffer Overflow
- [webapps] Litespeed Cache WordPress Plugin 6.3.0.1 - Privilege Escalation
- [local] Parrot and DJI variants Drone OSes - Kernel Panic Exploit
- [webapps] PHP CGI Module 8.3.4 - Remote Code Execution (RCE)
- [remote] AirKeyboard iOS App 1.0.5 - Remote Input Injection
- [webapps] Skyvern 0.1.85 - Remote Code Execution (RCE) via SSTI
From Social Engineering to DMARC Abuse: TA427’s Art of Information Gathering
/in General NewsTo craftily pose as its chosen personas, TA427 uses a few tactics including DMARC abuse in concert with free email addresses, typosquatting, and private email account spoofing.
Cyware News – Latest Cyber News – Read More
Israeli Defense Forces Hold Hybrid Cyber & Military Readiness Drills
/in General NewsIsrael prepares for a response to Iran’s April 14 drone and missile attack.
darkreading – Read More
Delinea Fixes Flaw, But Only After Analyst Goes Public With Disclosure First
/in General NewsDelinea rolls out Secret Server SOAP API flaw fixes, while researcher claims the vendor ignored his findings for weeks.
darkreading – Read More
The Future of Business Communications: Trends Shaping the Industry
/in General NewsBy Uzair Amir
Discover how omnichannel campaign management helps businesses thrive in 2024. Learn the benefits & unlock the secrets to success in today’s tech-driven market.
This is a post from HackRead.com Read the original post: The Future of Business Communications: Trends Shaping the Industry
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
BeyondTrust Acquires Entitle, Strengthening Privileged Identity Security Platform
/in General NewsPost Content
darkreading – Read More
Kim Larsen New Chief Information Security Officer at SaaS Data Protection Vendor Keepit
/in General NewsPost Content
darkreading – Read More
Kaspersky Unveils New Flagship Product Line for Business, Kaspersky Next
/in General NewsPost Content
darkreading – Read More
Top Officials Again Push Back on Ransom Payment Ban
/in General NewsDue to multiple reasons, the Institute for Security and Technology’s Ransomware Task Force threw cold water on the need for a ransomware payment ban in a report released Wednesday.
Cyware News – Latest Cyber News – Read More
Change Healthcare’s New Ransomware Nightmare Goes From Bad to Worse
/in General NewsA cybercriminal gang called RansomHub claims to be selling highly sensitive patient information stolen from Change Healthcare following a ransomware attack by another group in February.
Security Latest – Read More
New Vulnerability “LeakyCLI” Leaks AWS and Google Cloud Credentials
/in General NewsBy Waqas
A critical vulnerability named LeakyCLI exposes sensitive cloud credentials from popular tools used with AWS and Google Cloud. This poses a major risk for developers, showing the need for strong security practices. Learn how to mitigate LeakyCLI and fortify your cloud infrastructure.
This is a post from HackRead.com Read the original post: New Vulnerability “LeakyCLI” Leaks AWS and Google Cloud Credentials
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More